Professor Hartzog is a Professor of Law and Computer Science at Northeastern University, where he teaches privacy and data protection law, policy, and ethics. He holds a joint appointment with the School of Law and the College of Computer and Information Science. His recent work focuses on the complex problems that arise when personal information is collected by powerful new technologies, stored, and disclosed online.
Professor Hartzog’s work has been published in numerous scholarly publications such as the Yale Law Journal, Columbia Law Review, California Law Review, and Michigan Law Review and popular national publications such as The Guardian, Wired, BBC, CNN, Bloomberg, New Scientist, Slate, The Atlantic, and The Nation. His book, Privacy’s Blueprint: The Battle to Control the Design of New Technologies, is under contract with Harvard University Press. He has testified twice before Congress on data protection issues.
Professor Hartzog has served as a Visiting Professor at Notre Dame Law School and the University of Maine School of Law. He previously worked as an attorney in private practice and as a trademark attorney for the United States Patent and Trademark Office. He also served as a clerk for the Electronic Privacy Information Center. He holds a PhD in mass communication from the University of North Carolina at Chapel Hill, an LLM in intellectual property from the George Washington University Law School, and a JD from Samford University.
According to NPR, 300 plus teenagers broke into former NFL player Brian Holloway’s vacation home, causing massive damage and showcasing their exploits on social media. In response, Holloway created a website,helpmesave300.com, that collects the alleged culprits’ social media posts. He claims this repository has enabled teens to be identified, and that the growing list of names is “being turned over to the sheriffs (sic) department to assist them to verify and identify the facts.”
Online stalking, harassment, and invasions of privacy can be incredibly destructive. Yet very little empirical data exisits regarding these incidents. This paucity of data hinders educational, support, research and policy efforts. Without My Consent, a non-profit organization seeking to combat online invasions of privacy, is conducting research to better understand the experiences of online harassment. If you are 18 or older and have experienced harassment on the Internet, please consider taking their survey.
The New Republic recently published a piece by Jeffrey Rosen titled “The Delete Squad: Google, Twitter, Facebook, and the New Global Battle Over the Future of Free Speech.” In it, Rosen provides an interesting account of how the content policies of many major websites were developed and how influential those policies are for online expression.
Co-authored with Daniel Solove.
Third-party data service providers, especially providers of cloud computing services, present unique and difficult privacy and data security challenges. While many companies that directly collect data from consumers are bound by the promises they make to individuals in their privacy policies, cloud service providers are usually not a part of this arrangement. It is not entirely clear what, if any, obligations cloud service providers have to protect the data of individuals with whom they have no contractual relationship.
Download the article from the Indiana Journal of Law.
The law of online relationships has a significant flaw—it regularly fails to account for the possibility of an implied confidence. The established doctrine of implied confidentiality is, without explanation, almost entirely absent from online jurisprudence in environments where it has traditionally been applied offline, such as with sensitive data sets and intimate social interactions.
"“I think robots are awesome,” said Woodrow Hartzog, a scholar at the Stanford Center for Internet and Society who specializes in human-robot interactions. “They can be the next great tool for human flourishing, but they can also be programmed to be machines of deceit and manipulation.”
"“Are these sites exacerbating an already harmful situation. Yes,” said Woodrow Hartzog, a privacy law expert at Samford University. “But that doesn’t mean they should lose immunity.”
Section 230, he said, still provides important protections that keep the internet the free, open place that it is. “Twisting” laws like stolen property to keep information offline, he said, threatens the internet ecosystem.
"“Often when you have numerous complaints saying the same thing, where there’s smoke, there’s fire,” said Woodrow Hartzog, a professor at Samford University’s Cumberland School of Law."
"Many different existing legal regimes will be able to competently address problems posed by robots without having to settle on a standard definition,” Woodrow Hartzog, an assistant law professor with a specialization in robotics at Samford University, told me. “However, robots might also present new challenges that require new rules. If those rules are going to be limited to certain technologies, the decision will have to be made as to whether a definition of what a robot is will be necessary.”"
Solutions to many pressing economic and societal challenges lie in better understanding data. New tools for analyzing disparate information sets, called Big Data, have revolutionized our ability to find signals amongst the noise. Big Data techniques hold promise for breakthroughs ranging from better health care, a cleaner environment, safer cities, and more effective marketing. Yet, privacy advocates are concerned that the same advances will upend the power relationships between government, business and individuals, and lead to prosecutorial abuse, racial or other profiling, discrimination, redlining, overcriminalization, and other restricted freedoms.
‘Read Me’ Or Just Tap ‘I Agree’
There’s a huge group of people at work behind our screens. They’re called behaviour architects, persuasive designers or user-experience specialists and the power they have is massive.
That urge to keep swiping through your twitter feed? That’s design. The way we all click ‘I Agree’ to the terms and conditions? That’s design. Swiping right or left on Tinder? Well, that’s design too.
We live in an online world of someone else’s making and most of us never even give it a second thought. And actually, that’s design as well.
Speaking before the audience at the recent IAPP Data Protection Congress in Brussels, keynoter Woody Hartzog made a challenging assertion: "Control is the wrong goal for privacy by design, perhaps the wrong goal for data protection in general." But isn't control a central tenet of good privacy? It sure is. But it shouldn't be, the author of "Privacy’s Blueprint: The Battle to Control the Design of New Technologies" argued. While everyone emphasizes "control" of personal data as core to privacy, too much zeal for control dilutes efforts to design information tech correctly.
Design is one of the most important but overlooked factors that determines people’s privacy. Social media apps, surveillance technologies, and the Internet of Things are all built in ways that make it hard to guard personal information. And the law says this is okay because it is up to users to protect themselves ― even when the odds are deliberately stacked against them.
Our modern privacy frameworks, with their emphasis on gaining informed consent from consumers in order to use their data, are broken models. That's according to Woodrow Hartzog, a law professor at Northeastern University in Boston. In this episode of The Privacy Advisor Podcast, Hartzog discusses the ways that, given such models, technologies are designed at the engineering level to undermine user privacy.
Recently 50 million Facebook users had their personal information extracted and used for political and commercial purposes. In the wake of this scandal, we’ve all become much more aware of how our use of social media clashes with our desire for privacy. Are technical fixes and awareness enough, or is it time for Facebook and other online services to be regulated? Our guest Woodrow Hartzog is a professor of law and computer science at Northeastern University and discusses the battle and future of our personal information.