Law Homework Help

IAU Protección De Datos Y Privacidad Mundial Discussion And Responses

 

Answer this question in 300 words with references.

1- How would you characterize the difference between the US approach to protecting privacy versus many other countries, such as Canada, Australia, and the European Union?  Do you think self-regulation is sufficient to protect privacy or are more regulations needed?

2- Reply to 3 student posts 

This is the first student’s discussion you have to reply in 150 words:

The United States has elected for a diverse tactic to data protection. As an alternative to formulating one all-encompassing guideline such as the General Data Protection Regulation (GDPR), the US chose to implement sector-specific privacy and data protection regulations that work together with state laws to safeguard American citizens’ data. Other countries such as Australia use the Australian Privacy Principles (APPs) that apply equally to all sectors. While the US needs an individual’s permission to send direct marketing material, the Australian model at times overwrites these rules and can send direct marketing material without consulting with the individual. Self-regulation has failed to fully protect the private data of consumers worldwide. It is evident that more regulations and tighter penalties should be put in place to scare away violators of such rules.

Reference

Ang, P. H. (2001). The Role of Self-regulation of Privacy and the Internet. Journal of Interactive advertising, 1(2), 1-9.

Term Paper Topic

Organized Crime And The Internet. 

This is the second student’s discussion you have to reply in 150 words:

The difference between the US and European Union (EU) in protecting privacy is that in the US there is no federal regulation or law as in the EU.

In the US, there is no comprehensive privacy legislation, but several regulations that target certain sectors, and these regulations were created after an event that happened, so the legislation is reactive in protecting citizens. These regulations were created before 2000, right in the internet boom, and in my humble opinion, these regulations did not catch up with the current state of data privacy meaning that we have now 2021! Terms and ideas as data mining and machine learning were not something that these laws were thinking of at that time.

In the EU there is legislation specifically to protect privacy, which is considered a basic human right. It is called General Data Protection Regulation (GDPR), a cross-sectoral legislation. Its purpose is to solidify user’s right to exercise their control over the extraction and use of their data.

In the US, it is difficult to discern a pattern or a plan in legislation because privacy law’s appeared after events, in a more reactive way, different than the EU regulation.

In Brazil, there was a federal law called Marco Civil da Internet (Civil Law of the Internet) that gave rights and obligations to users and companies regarding the use of the internet and data. However, this law was replaced by another one, based on the European one, GDPR, called Lei Geral de Proteção de Dados do Brasil (General Data Protection Law of Brazil). US-based companies operating in Brazil had to change their privacy policies because of the new regulation imposed by the Brazilian regulation.

I don’t believe that self-regulation is sufficient to protect privacy. As Spinello (2020) mentioned, companies such as Facebook would need to change their business model because they use big data to improve their ad sales, which are made using users’ activity track by cookies in many network platforms, even when not using Facebook. There are also companies that only collect data from people and sell it online. If there is no legal penalty to such an act, this line of business is legal and legitimate. Why would the market force something? In regards to the public, the public does not use this company’s product but other companies to sell or make a transaction. Therefore, the market won’t regulate itself. For users to push for regulation of this practice, collective knowledge is necessary but people are mostly unaware of how data is collected, processed, and sold – I had no knowledge of how cookies for tracking user’s browser activity worked before coming to this class, and I am a CS student :(. One point Spinello mentioned and I agree is that code can be used to regulate privacy with the use of ad blocks, cleaning of cookies, or using browsers that put privacy first (Brave is an awesome alternative, that blocks trackers and you can even select which to turn on or off – very user-friendly). But still, there are companies that I need their services like Google for emailing, so I do not have an opinion but to keep using them and trust them.

So I believe self-regulation is not sufficient, because of the unawareness of users, the business model of many companies, and user’s lack of power of accessing or knowing whatever data companies have, how they use it, and whom they sell data to. Consequently, it is difficult to protect or try to block something invisible. Sometimes we need the government to regulate practices and protect the citizens, even when they don’t know that they are victims!

References:

This is the third student’s discussion you have to reply in 150 words:

Privacy can be protected through industry self-regulation; however, FTC does not recommend this legislation at this time. Furthermore, studies suggest that there has not been an effective self-regulation system to protect consumer privacy online.

In the United States, the self-regulation legislation only exists in certain industries. But, each industry is different and some industries’ data repositories are not being regulated. In contrast, in the E.U., there is a very extensive regulation on all fronts.

When it comes to protecting privacy, the approach that the United States takes is greatly different from the European Union. The United States puts more emphasis on self-regulation, which means companies only need to give out notices about the privacy they promise. These companies would get penalized by the FTC if they do not keep their promises. But, FTC’s power to protect people only applies to the promises made by companies. In many cases, people only are given the right to choose not to participate in whether their data can be used, but are not given the right to limit which companies cannot collect their data. However, the rules in the E.U. are very strict when it comes to collecting, using, and disclosing personal information; these companies require personal consent.

Additionally, these philosophies adopted by the U.S. and the E.U. could be attributed to the following reasons. Firstly,

the United States is a country which is constituted by fifty states, while the European Union is a governing body which is comprised of different countries. Because of this difference between the two, the federal government’s power in the United States is different from the power in the European Union. In the U.S., companies are being protected by the federal government. On the other hand, in the E.U., they value individual’s rights above companies. That is why it is easier for U.S. companies to fire someone than it is in E.U. Also, this might explain why in the United States the healthcare industry is for profit. Additionally, the historic backgrounds of the E.U. and the U.S could be another reason why both governments take the approaches to protect privacy differently. More specifically, this could be rooted in each legal system. The E.U. has the Civil Law system while the U.S. has the Common Law system.

Reference:

Solove, D. (2012, Oct 23). On Privacy, why is the EU so different from the US? Available at https://www.linkedin.com/pulse/20121023040724-2259…