Chuck Cosson is Director, Legal Affairs, Privacy & Security, at T-Mobile US, based in Bellevue, WA. At T-Mobile, Chuck oversees privacy compliance programs and provides legal guidance on mobile Internet, location services, incident response, and other privacy, security, and business issues. Chuck spent 7 years at Microsoft leading that company’s public policy work on human rights, free expression, and child online safety. He has also worked in Washington, D.C. on telecommunications policy and regulation. His engagement with Stanford focuses on the role of metaphor as a guide for contemporary technology law and policy - a conception of the Internet not as a “place you go” but as a “tool you use.”
"Tool Without a Handle: 21st Century Privacy – A Quantum Puzzle
By Chuck Cosson on May 11, 2015 at 2:18 pm
Recent reflection has prompted me to ask if quantum mechanics might help illuminate a path towards better dialogue about the Internet and data privacy in particular. Are network technologies tools? Or landscapes? Is the Internet a tool you use or a place you go? Perhaps the networked technologies exhibit properties of both, depending on the beliefs and perspective of the observer.
I consider this question in the instance of defining "personal data," and conclude personal data exhibits quantum properties in the following ways:
1) It can be in more than two places at once, or at least appear to be. The same data element can be both “private” (treated as confidential) and “public” at the same time.
2) The trajectory of data is not always subject to the same mechanical laws of physics that allow for relatively simple predictions of motion;
3) Data are “entangled”: one data element can be influenced by another unrelated and seemingly disconnected data element, even at a distance Read more about "Tool Without a Handle: 21st Century Privacy – A Quantum Puzzle
“Tool Without A Handle”: Privacy and Regulation – An Expanded Rationale
By Chuck Cosson on December 29, 2014 at 5:25 pm
In the previous blog, I noted that the logical next step in understanding “privacy as fairness” was to examine if it is possible to identify principles that would effectively guide regulation based on "privacy as fairness." In this blog post, I observe that debate about regulations based on "privacy as fairness" should be oriented by three considerations: 1) regulations should be linked back to legitimate concerns about human emotional and physical well-being, not just abstract concepts such as "autonomy"; 2) regulations should enjoy a broad consensus as to both the harm to be addressed and the effectiveness of the proposed rule, and 3) “privacy as fairness” should not be confused with the protection of privacy as “solitude.” In this light, I note favorably regulations that are demonstrably necessary to ensure access to economic opportunity, while suggesting caution when considering official legal intervention aimed at balancing power among economic actors. Read more about “Tool Without A Handle”: Privacy and Regulation – An Expanded Rationale
“Tool Without A Handle” “Justified Regulation (Part 2 – Privacy)
By Chuck Cosson on October 4, 2014 at 3:53 pm
This blog draws a basic distinction - between “privacy” questions on one hand, and “fairness” questions on the other. I believe the “privacy” conversation is not well served when we fail to carefully distinguish “privacy” and “fairness” issues. Moreover, for much of current privacy law and policy, the debate is not really about privacy (solitude or a "right to be let alone") so much as it is about “fairness." Read more about “Tool Without A Handle” “Justified Regulation (Part 2 – Privacy)
Tool Without a Handle: "Justified Regulation"
By Chuck Cosson on September 8, 2014 at 9:24 pm
This blog post picks up (finally) on the topic of regulation – in particular to discuss cases where the issue is universally understood as worthy of regulation, so much so that variation in regulatory approaches is less desirable. One example of tool use that is worthy of sanction is the non-consensual public distribution of private, sexually explicit images, particularly of children. Questions remain, though, as to whether regulation should apply to direct actors or also to intermediaries, and what specific requirements should apply.
In this post, I suggest some core criteria that should be present whenever any regulation of tool providers is considered: 1) strong social consensus there are concrete and significant harms to be addressed; 2) strong consensus that obligations should apply equally across all intermediaries and online providers; 3) strong consensus the regulation is appropriately tailored and enforceable as a technical and practical matter. Read more about Tool Without a Handle: "Justified Regulation"
Tool Without a Handle: “Getting A Grip”
By Chuck Cosson on December 19, 2013 at 6:48 pm
In my last post, I explored how law influences use of information technology through both rules and a concomitant degree of social consensus that a particular behavior creates undue risk or otherwise warrants a response. In this post, I’ll explore this point further in the context of two areas: legal obligations regarding data security, and attempts to regulate the use of “cookies.”
My point though, is the same in both cases: effectively regulating the use of information technology tools effectively requires a degree of social consensus on critical points. Whether a moral or social obligation exists is only one of several considerations. This, in turn, points out an advantage for thinking of information technology as tools, rather than as a “space” or as a thing analogous to a sovereignty unto itself. Read more about Tool Without a Handle: “Getting A Grip”