Professor Hartzog is a Professor of Law and Computer Science at Northeastern University, where he teaches privacy and data protection law, policy, and ethics. He holds a joint appointment with the School of Law and the College of Computer and Information Science. His recent work focuses on the complex problems that arise when personal information is collected by powerful new technologies, stored, and disclosed online.
Professor Hartzog’s work has been published in numerous scholarly publications such as the Yale Law Journal, Columbia Law Review, California Law Review, and Michigan Law Review and popular national publications such as The Guardian, Wired, BBC, CNN, Bloomberg, New Scientist, Slate, The Atlantic, and The Nation. His book, Privacy’s Blueprint: The Battle to Control the Design of New Technologies, is under contract with Harvard University Press. He has testified twice before Congress on data protection issues.
Professor Hartzog has served as a Visiting Professor at Notre Dame Law School and the University of Maine School of Law. He previously worked as an attorney in private practice and as a trademark attorney for the United States Patent and Trademark Office. He also served as a clerk for the Electronic Privacy Information Center. He holds a PhD in mass communication from the University of North Carolina at Chapel Hill, an LLM in intellectual property from the George Washington University Law School, and a JD from Samford University.
For those who don't know it, Surprisingly Free has hosted many excellent guests, so I recommend exploring the website. If you're interested in law and technology podcasts, I also highly recommend CIS's own Hearsay Culture.
Privacy settings and other technological controls used to protect privacy have been justifiably criticized a bit lately. Danielle Citron recently blogged at Concurring Opinions about an important new study conducted by Columbia’s Michelle Madejski, Maritza Johnson and Steve Bellovin that found that Facebook’s default privacy settings fail to capture real-world expectations. The United Kingdom Government has recently indicated that browser settings alone cannot be used by Web users to give consent to being tracked online under a new EU law. The Government's rationale for this decision was that these browser settings were not flexible enough to reflect a user's true privacy preferences. The general consensus seems to be that most privacy settings simply aren't that good at protecting the actual information we consider private in a given context. I think some skepticism regarding privacy controls is warranted, particularly in light of the current technology. However, I'd like to show some support for privacy controls, or, rather, the promise of privacy controls. My hope is that that courts and lawmakers do not completely sour on recognizing privacy controls as a legitimate way to protect an Internet user's privacy.
In the past few weeks a few potential employers and schools were reported to have asked for access to the Facebook profile of an applicant or student. These reports are starting to feel like a trend. I think these requests are problematic not just for the Facebook user, but also the employer or administrator asking for access. In short, anyone asking for access to Facebook profiles and/or login credentials is asking users to betray the trust of their network and subjecting all parties involved to the potential deactivation of their Facebook account.
Website scraping, which is the bulk extraction of website information by software, is becoming an increasingly visible activity. The Lovely-Faces controversy shows how scraped information can disrupt a sense of privacy when re-published in a different context. The Lovely-Faces website, deemed “a social experiment” by its creators, re-contextualizes names, locations, and photos scraped from publicly accessible Facebook pages in a mock dating website.
Facial recognition technology, once a darling of Silicon Valley with applications for policing, spying and authenticating identities, is suddenly under fire.
Editor's note: This piece originally appeared on TechTank.
Facebook’s recent settlement with the Federal Trade Commission (FTC) has reignited debate over whether the agency is up to the task of protecting privacy. Many people, including some skeptics of the FTC’s ability to rein in Silicon Valley, lauded the settlement, or at least parts of it.
We are constantly exposed in public. Yet most of our actions will fade into obscurity. Do you, for example, remember the faces of strangers who stood in line with you the last time you bought medicine at a drugstore? Probably not. Thanks to limited memory and norms against staring, they probably don’t remember yours either.
Since the dawn of the Internet, American regulators and companies have pursued two goals to protect our privacy: that people should be in control of their data and that companies should be transparent about what they do with our data. We can see these goals detailed in the privacy policies and terms of service that we “agree” to as well as companies’ increasingly complicated systems of privacy dashboards, permissions and sharing controls.
"Another way to understand the constitutionality of revenge porn statutes is through the lens of confidentiality law. Woodrow Hartzog persuasively contends that revenge porn is a “legally actionable breach of confidence.”"
"“This is the first case I’ve seen precisely along these lines,” said Woodrow Hartzog, a professor of law at the Cumberland School of Law at Sanford University in Alabama.
“So one thing that’s interesting to me is that there’s this challenge to this image, it strikes me that there is nothing truly exceptional about a video camera as a surveillance system. But that’s not the only thing that a red light camera does. There’s an algorithm that monitors when a car has violated the law.”"
""Once a technology is adopted by the masses, it becomes much harder to regulate," Hartzog explained. As an example, he cited online tracking software like site cookies, which remains largely ungoverned. By the time groups that wanted a sharper definition of privacy got organized, the technology had already spawned thriving industries with powerful corporate support."
"Those who object to the cameras don't do so solely on the grounds of an unproven safety record. Woodrow Hartzog, a law professor at the Cumberland School of Law at Samford University, has written extensively on robotics and the law. He told Ars that one of the reasons people don’t like red light cameras is because the system “makes the entire process less transparent.”"
Solutions to many pressing economic and societal challenges lie in better understanding data. New tools for analyzing disparate information sets, called Big Data, have revolutionized our ability to find signals amongst the noise. Big Data techniques hold promise for breakthroughs ranging from better health care, a cleaner environment, safer cities, and more effective marketing. Yet, privacy advocates are concerned that the same advances will upend the power relationships between government, business and individuals, and lead to prosecutorial abuse, racial or other profiling, discrimination, redlining, overcriminalization, and other restricted freedoms.
Woodrow Hartzog, a professor at Northeastern University Law School, discusses Facebook CEO Mark Zuckerberg’s agreement to appear before the House Energy and Commerce Committee about the company’s data usage policies. He speaks with Bloomberg’s June Grasso.
Sharing passwords with a partner can be tricky. NPR's Lulu Garcia-Navarro talks with tech experts Nancy Baym and Woodrow Hartzog while Becky McDougal from Malden, Mass. shares her experience.
Watch the full video at the Energy & Commerce Committee website.
Woodrow Hartzog, Associate Professor Cumberland School of Law
See more at: http://energycommerce.house.gov/hearing/what-are-elements-sound-data-bre...