Albert Gidari is the Consulting Director of Privacy at the Stanford Center for Internet and Society. He was a partner for over 20 years at Perkins Coie LLP, achieving a top-ranking in privacy law by Chambers, before retiring to consult with CIS on its privacy program. He negotiated the first-ever "privacy by design" consent decree with the Federal Trade Commission on behalf of Google, which required the establishment of a comprehensive privacy program including third party compliance audits. Mr. Gidari is a recognized expert on electronic surveillance law; and, long an advocate for greater transparency in government demands for user data, he brought the first public lawsuit before the Foreign Intelligence Surveillance Court, seeking the right of providers to disclose the volume of national security demands received. Mr. Gidari earned an LLM from University of Washington School of Law, his law degree from George Mason University School of Law, and his undergraduate degree from Tulane University.
Hi Res Photo of Albert Gidari
So it seems that the Microsoft Ireland case at the Supreme Court will end with a whimper. Both the Department of Justice and Microsoft agree that the case is moot and should be dismissed due to the passage of the Clarifying Lawful Overseas Use of Data Act or “CLOUD Act.” DoJ told the Court that it has procured a warrant under new section 2713 of the Stored Communications Act.
The Law, Borders, and Speech conference at Stanford’s Center for Internet and Society asked the important question: Which countries’ laws and values will govern Internet users’ online behavior, including their free expression rights? The conference used the landmark article written in 1996 by David G. Post and David R. Johnson to examine whether twenty years on their conclusions still held true. Post and Johnson had concluded that “[t]he rise of the global computer network is destroying the link between geographical location and: (1) the power of local governments to assert control over online behavior; (2) the effects of online behavior on individuals or things; (3) the legitimacy of the efforts of a local sovereign to enforce rules applicable to global phenomena; and (4) the ability of physical location to give notice of which sets of rules apply.” They proposed that national law must be reconciled with self-regulatory processes emerging from the network itself.
An enormous amount of attention has been paid to the oral argument before the Supreme Court in Carpenter v. United States. The transcript provides tantalizing tea leaves as to whether the Court will find a protectable right to privacy in a cell phone subscriber’s location and many pundits seem to think the day went to Carpenter while I haven’t heard anyone touting a government homerun.
Last month, the Supreme Court of California may have decided the future of the public's access to "smart city" data without knowing it. In ACLU v Los Angeles Police Department, the court accepted that raw data collected by Los Angeles police and sheriff departments, using automated licence plate readers (ALPRs), constituted a public record subject to disclosure under California's Public Records Act (CPRA) absent an exemption. The court held that the catch-all disclosure exemption in the CPRA applied, which requires balancing the public interest in preventing disclosure where certain harms can be identified against the public interest served by disclosure such as furthering the public's understanding of the privacy risks of the ALPR program.
If your cell phone is on, your location is known, tracked and recorded, whether you are in your home or in public. As you move around, your location history is created and stored by the carrier, numerous applications on the device, and potentially even the manufacturer of the device or operating system provider. Your consent to capture this information, whether rough location or very granular, may be tacit, inherent in the application’s usage, or freely given when you activate, install or operate the device.
Consulting Director of Privacy at the Stanford Law Center for Internet and Society, Albert Gidari, comments on the landmark U.S. Supreme Court’s decision on location tracking in Carpenter v. United States:
"Albert Gidari, consulting director of privacy at the Stanford Center for Internet and Society, said under current regulations Google had little option but to comply with Benfica’s subpoena. Internet companies get hundreds of thousands of similar requests, said Gidari, who spent 20 years representing some of the world’s biggest technology companies including Google. “It isn’t scalable to know what’s behind each case,” he said.
Google already goes “one step beyond” what it is required to do by giving notice of the subpoena to users, he added."
"“The lack of potential for harm certainly is a factor in a decision not to disclose,” said Albert Gidari, the consulting director of privacy at the Stanford Center for Internet and Society, in an email."
"And it is this that so frustrates law enforcement officials. "If the UK has complaints, it is with the US Department of Justice for failing to adequately staff and promptly process the requests," says Albert Gidari, the director of privacy at the Stanford Law School. In short: it isn't completely the fault of tech companies – Apple's encryption fight with the FBI in 2016 showed they are willing in some cases to stand up for the privacy rights of users."
"However, in cases of chat, gaming, or other internet services that are not tightly integrated with existing phone infrastructure, such as Google Hangouts, Signal and Facebook Messenger, federal regulators have not attempted to extend the eavesdropping law to cover them, said Al Gidari, a director of privacy at Stanford University Law School’s Center for Internet and Society.
“A messaging platform is excluded,” maintains Gidari, who is not involved in the Fresno case"
"But Albert Gidari, consulting director of privacy at the Stanford Center for Internet and Society, said it's not unusual to see a tech company without a CPO.
"While there have been some very public mistakes, like many tech companies, [Uber] seems to have learned, albeit the hard way, to invest in a serious privacy and security infrastructure," Gidari said. "It is important for the CPO to be in the "C" suite, and Uber has made a serious hire with Ruby Zefo and Simon Hania.""
The Center for Internet and Society (CIS) is a public interest technology law and policy program at Stanford Law School and a part of Law, Science and Technology Program at Stanford Law School. CIS brings together scholars, academics, legislators, students, programmers, security researchers, and scientists to study the interaction of new technologies and the law and to examine how the synergy between the two can either promote or harm public goods like free speech, innovation, privacy, public commons, diversity, and scientific inquiry.
To celebrate the one-year anniversary of the Stanford Cryptography Policy Project, we are holding an afternoon event highlighting our research and accomplishments over the past year. As our keynote speakers, it is our pleasure to welcome the Honorable Stephen W. Smith, Magistrate Judge of the Southern District of Texas, and Paul S. Grewal, former Magistrate Judge of the Northern District of California.
After a lengthy legislative process, the GDPR is finally ready. As the most significant overhaul of data privacy laws in Europe in twenty years, it will have a profound impact on Silicon Valley technology companies offering online services in Europe. The recently announced Privacy Shield will affect most US organisations that receive personal information from Europe.