Albert Gidari is the Consulting Director of Privacy at the Stanford Center for Internet and Society. He was a partner for over 20 years at Perkins Coie LLP, achieving a top-ranking in privacy law by Chambers, before retiring to consult with CIS on its privacy program. He negotiated the first-ever "privacy by design" consent decree with the Federal Trade Commission on behalf of Google, which required the establishment of a comprehensive privacy program including third party compliance audits. Mr. Gidari is a recognized expert on electronic surveillance law; and, long an advocate for greater transparency in government demands for user data, he brought the first public lawsuit before the Foreign Intelligence Surveillance Court, seeking the right of providers to disclose the volume of national security demands received. Mr. Gidari earned an LLM from University of Washington School of Law, his law degree from George Mason University School of Law, and his undergraduate degree from Tulane University.
Hi Res Photo of Albert Gidari
So it seems that the Microsoft Ireland case at the Supreme Court will end with a whimper. Both the Department of Justice and Microsoft agree that the case is moot and should be dismissed due to the passage of the Clarifying Lawful Overseas Use of Data Act or “CLOUD Act.” DoJ told the Court that it has procured a warrant under new section 2713 of the Stored Communications Act.
The Law, Borders, and Speech conference at Stanford’s Center for Internet and Society asked the important question: Which countries’ laws and values will govern Internet users’ online behavior, including their free expression rights? The conference used the landmark article written in 1996 by David G. Post and David R. Johnson to examine whether twenty years on their conclusions still held true. Post and Johnson had concluded that “[t]he rise of the global computer network is destroying the link between geographical location and: (1) the power of local governments to assert control over online behavior; (2) the effects of online behavior on individuals or things; (3) the legitimacy of the efforts of a local sovereign to enforce rules applicable to global phenomena; and (4) the ability of physical location to give notice of which sets of rules apply.” They proposed that national law must be reconciled with self-regulatory processes emerging from the network itself.
An enormous amount of attention has been paid to the oral argument before the Supreme Court in Carpenter v. United States. The transcript provides tantalizing tea leaves as to whether the Court will find a protectable right to privacy in a cell phone subscriber’s location and many pundits seem to think the day went to Carpenter while I haven’t heard anyone touting a government homerun.
Last month, the Supreme Court of California may have decided the future of the public's access to "smart city" data without knowing it. In ACLU v Los Angeles Police Department, the court accepted that raw data collected by Los Angeles police and sheriff departments, using automated licence plate readers (ALPRs), constituted a public record subject to disclosure under California's Public Records Act (CPRA) absent an exemption. The court held that the catch-all disclosure exemption in the CPRA applied, which requires balancing the public interest in preventing disclosure where certain harms can be identified against the public interest served by disclosure such as furthering the public's understanding of the privacy risks of the ALPR program.
If your cell phone is on, your location is known, tracked and recorded, whether you are in your home or in public. As you move around, your location history is created and stored by the carrier, numerous applications on the device, and potentially even the manufacturer of the device or operating system provider. Your consent to capture this information, whether rough location or very granular, may be tacit, inherent in the application’s usage, or freely given when you activate, install or operate the device.
"As long as they are following their own privacy policies, carriers “are largely free to do what they want with the information they obtain, including location information, as long as it’s unrelated to a phone call,” said Albert Gidari, the consulting director of privacy at the Stanford Center for Internet and Society and a former technology and telecommunications lawyer. Even when the phone is not making a call, the system receives location data, accurate within a few hundred feet, by communicating with the device and asking it which cellphone towers it is near."
"“If you walked up to the average person on the street in the U.S. and ask them about GDPR, they’d probably say, ‘Is that a hockey team?’ ” said Albert Gidari, director of privacy at the Center for Internet & Society at Stanford Law School, on Thursday. Gidari said many people don’t seem too concerned about privacy issues.
“I think people believe the benefits (of technology) outweigh the risk to their privacy,” he said."
"The European Union is expected to implement sweeping new data privacy laws in May.
"“If you trust Amazon with your data, as many people do, then delivery to the trunk of your car is a safe way to getting your package, and perhaps safer than in-home delivery,” said Albert Gidari, director of privacy at the Center for Internet and Society at Stanford Law School. “This is another example of trading off privacy and security for convenience.”"
"There probably are good reasons to keep deleted profiles for some period of time — for example, to prevent or detect repeat users or fake users, etc,” Albert Gidari, consulting director of privacy at the Stanford Center for Internet and Society, wrote in an email. “But that doesn’t mean forever.”"
To celebrate the one-year anniversary of the Stanford Cryptography Policy Project, we are holding an afternoon event highlighting our research and accomplishments over the past year. As our keynote speakers, it is our pleasure to welcome the Honorable Stephen W. Smith, Magistrate Judge of the Southern District of Texas, and Paul S. Grewal, former Magistrate Judge of the Northern District of California.
After a lengthy legislative process, the GDPR is finally ready. As the most significant overhaul of data privacy laws in Europe in twenty years, it will have a profound impact on Silicon Valley technology companies offering online services in Europe. The recently announced Privacy Shield will affect most US organisations that receive personal information from Europe.