Rostow-What Happens When An AcquaintanceBuys - U - Data-2017 PDF

Acquaintance Buys Your
What Happens When an Acquaintance

Data?: A New Privacy Harm in the Age of Data
Brokers
Theodore Rostow t
Data brokers have begun to sell consumer information

se/1 consumer individual
information to individual
track the activities ooff romantic interests, professional
buyers looking to trae/e professional
contacts, and other people avai lable.for
people oo.ff interest. The types oo.ff data available consumer
fo r consumer
purchase
purchase seem likely
!ikely to expand
expand over the next few few years. This trendtrend invites the
emergence pr ivacy harm, “relational
emergence ooff a new type ooff privacy in.fluence
contro l "- the influence
"relational control"—the
that a person another in their social
person can exert on another netJ.vorks
professional networks
social or professional
using covertly acquired
acquired private
prívate information.
privacy laws do not protect
U.S. privacy
U.S. consumers from
protect consumers possibility oo.ff
from the possibility
relational control. Moreover, few
relational few scholars
scholars have proposed reforms broad
proposed re.forms
enough to address this problem. This Note surveys frameworks which
surveys two frameworks
provide starting point, and considers
provide at least a starting doctrinal shifls
several other doctrinal
considers severa! shifts
that might limit consumer vulnerab ility.
consumer vulnerability.
Introduction....................................................................................................
lntrod uction ....................... ........... .............................................................. 668
ConsideringaaNew
A. Considering NewPrivacy
PrivacyHarm Harm.....................................................670
...... ......................... ........ 670
l.I. The Data
Data Broker
Broker Ind
Industry
ustry and the Market Market for Buying Peop People’s Data ....673
le's Data .... 673
Expansive U.S.
A. An Expansive U.S. Broker
Broker lndustry .............................................
Industry ........... ...... ....... .......... .......... 674
674
Data Sales
B. Data Sales to Individual
Individual Consum Consumers ers ...........................................
........ ............. ..................... 675
675
II. Gaps in U.S. Commercial
IJ. Commercia l Privacy Law L aw ...............
.................................................
........... ...................... 676
676
A.. Statutory
A Statutory Privacy
Privacy Protections
Protections in the Commerc Commercial ......... 676
Sphere ..........
ial Sphere 676
Limitations on Privacy
Judicial Limitations
B. Judicial ........ ........ .......... ...... 679
Protection .................................679
Privacy Protection
C.
C. Agency
Agency Regu
Regulation
lation oo/Data Transactions ....................................
f Data Transactions ................. ......... ....... ..680
D. Contractual Restrictions on the Sale ooff Digital
Contractual Restrictions Information ..... 682
Digital lnformation
III. The Threat
Threat ofof Relationa
Relationall Control...........................................................
Control... ............................ ....... ........ ...........682
A. lnformationa
Informationall Asymmetries
Asymmetries as Toolsfor Tools fo r Social Influence .........
Social ln.fluence .......... 683
683
B. Factors
Factors that Suggest
Suggest PrivatePrivate Consumer Information Will Be
Consumer lnformation
Available for Individua
Ava ilab lefor Individuall Purchase
Purchase ....... ...............................................685
.................................... ..685
IV. Existing Proposals Fai
Existing Proposals Faill To Remedy
Remedy Re Relational Control......................
lationa l Contro l .................. ....690
690
Broker lndustry
A. Broker Reforms ................................................................691
Industry Reforms ................... ..... ..... ..... ......... .................. 691
Reforms
B. R fo r Information
eforms for lnjorma tion Services Services .................................................692
............................................... 692
+t Special
Special thanks
thanks are owed
owed to Amy Chua, Frank Pasquale,
Clrna , Frank Joseph Falvey,
Pasqua le, Joseph Falvey, Christopher
Christopher
Pagliarella,
Paglia rella, Paul Henderson,, Mik
Pau l Henderson Mikhail
hail Guttentag,
Guttentag, Matthew
Matthew Mi Milano,
lano , Daniel
Daniel Read.
Read, Muira McCammo n, and
Mu ira McCammon,
Rebecca
Rebecca Crootof
Crootof and the YaleYate Information
lnformation Society
Society Project,
Project , as well as to co Inho
lnho Andrew Mun,, Jenna
Andrew Mun Jenna
Pavelec,
Pavelec , Richard
Richard Frolichstein.
Frolic hstein, Lauren
Lauren Hobby,
Hobby , and the
che intrepid editors of
intrepid editors Journal on Regu
the Yale Journal
ofthe lation .
Regulation.
667
Y ale Journal
Yale Journal on Regulation
Regulation Vol. 34, 2017
C. Privacy-Enhancing
C. Privacy-Enhancing Consumer Consumer TechnologiesTechnologies ...............................
............................. 694
V. “Information
"lnformation Fiduciaries"
Fiduciaries” and and “Sensitive
"Sensitive Data": Data” : Promises
Promises and
Limits
L ...............................................
im its.............................................................................................................
.... ............. .................................... 695
A. Two Approaches
Approaches to Consumer Consumer Protection Protection ....................................
.................................. 695695
Sensitive Data and Relational
B. Sensitive Relational Control: Novel Novel Protections
Protections
Conceptual Gaps.......................................................................
and Conceptual ......... ..................... .............. ..................... 696
C. lnformation
C. Information FiduciariesFiduciaries and Relational Relational Control: A
Theoretical
Theoretical Path To Improve lmprove Sale and Storage Practices Practices.........698
......... 698
VI. Doctrinal Recornmendations
Doctrinal Recommendations in Light Light o off Relational
Relational Control................700
Control. .............. 700
A. Congressional
Congressional Privacy Privacy ReformsReforms .....................................................
................................................. 701
B. Privacy Torts Reconsidered Reconsidered .............................................................
.............. .......................................... 702
C. Balkin and Ohm Frameworks
C. Frameworks as Ex Post Protections Protections ................
............... 705
D. Privacy
Privacy Opt-ins fo forr Data Sale Sale .........................................................706
.................................................... 706
Conclusion
C .................................................................................................
onclusion..........................................................................................................706 706
Introduction
lntroduction
lt has become
It become easy to purchase
purchase data on those those in one’s
one's social
social or
professional networks.
professional networks. For For example,
example, $23 can buy a person’s person's contact
contact
information and age,
information agc, organizational
organizational memberships,
mcmbcrships, links to social social media
media
1
accounts, business
accounts, bu iness interests,
interests, and known
known associates.1
associates. While
While at first glance
glance these
types may not appear
data types appear dangerous,
dangerous, consumer
consumcr privacy
privacy law offers
offers remarkably
remarkably
restrictions on what
few restrictions what data can be sold to consumers.
consumcrs. Where
Wherc profit
profit can be
1-.ad, a market
had, market is likcly
likely to follow,
follow, expanding the types
expanding typcs of data available
availablc and
creating new avenues
creating avenues for privacy
privacy abuse.
abuse.
***
* * *
Imagine that you are about

Imagine about to interview
interview someone
someone who has appliedapplied for a
position at your
position your company.
company. The person
person does not have
havc a perfect
perfcct background,
background, but
tbe candidate
the candidate seems
seems like an excellent
excellent fit. During
During the interview,
interview, you find you
sr.are many
share common interests—from
many common interests-from favorite
favorite television
television shows
shows to the websites
websites
every morning.
you read every morning. She Shc shares
shares your
your political
political sensibilities
sensibilitics and your
your
concerns about
concerns about the future.
future. You
You recommend
recommend her enthusiastically
enthusiastically for the position,
position ,
and she is hired on your
your recommendation.
recommendation. What What you do not know,know, however,
howevcr , is
that her personal interests
her personal intcrests and opinions
opinions were
werc entirely
entircly feigned.
fcigncd. She simply
simp ly
purchased records of your
purchased records your online
onlinc activity—the
activi ty- the data showing
showing what
what you
yo u read and
your
your recent
recent purchases.
purchases.
* * *
***
l.
1. example, a premium search from eVerify’s
For example, cVerify's people search
scarch costs $19.95 after a
$2.95 charge for a five-day trial. e.g .. Report Summary,
tria!. See, e.g.. S11111111ary,
EVERIFY(last
EVERIFY (la~t visited May 5,5 , 2017),
2017).
hup: //www .everi fy .com/sclection .php?searchType=name&fi rstname= Theodorc&lastname=Rm,tow&sta
http://www.everify.com/selection.php?searchType=name&firstname=Theodore&lastname=Rostow&sta
te=CT. This Note
te=CT. ote does
<loes not endorse this (or any other)
othcr) service
servicc as an effective
cffective way to purchase
purchase consumer
consumer
da :a.
data.
668
668
A New
New Privacy
Privacy Harm
Harm
Consumers’ access
Consumers' access to the private prívate online
online activity
activity of their pcers may seem
their peers
far-fetched, but it is an increasingly
far-fetcbed, increasingly comrnoncommon problem.
problem. In India,, for example,
ln India example,
consumers can
consumers can buy a person
person’s purchase history
's purchase from websites
history from websites like eBay eBay and
Amazon." In China,
Amazon.2 China, joumalists
journalists have have reported
reported buying
buying individuals’
individuals' GPS data, data ,
bank balances,
bank balances, hotel and room information
hotel and information (with
(with screenshots
screenshots of the room),
room), and
3
internet activity
internet activity for roughly
roughly 700 yuan, yuan, or $101 While there are no
USD.' While
$1 O1 USD.
reports of
reports of these data types
these data types being available for purchase
being available purchase in the United
United States,
States, the
U.S. economy
U.S. economy includes
includes thousands
thousands of of data brokers—companies
brokers - companies “whose primary
"whose primary
business
business is collecting personal information
collecting personal information about
about consumers
consumcrs from a varietyvariety of
sources
sources and aggregating,
aggregating, analyzing,
analyzing, and sharing sharing that information,
information, or
4
information
information derived
derived fromfrom it”2
it" 3
4-t
56— that sell personal
hat sel! personal data to a diverse array of
diverse array
actors.
actors.
2014, the Federal
In 2014, Federal Trade
Trade Commission
Commission (FTC)(FTC) published
published a study
study of the
commercial practices
commercial practices of of nine data data brokers
brokers documenting
documenting the breadth
breadth of theirtheir
data collection.
data collection. Acxiom,
Acxiom, one of of the largest
largest data brokers,
brokers , acknowledges
acknowledges that it
6
average of
has an average of over
over 3000
3000 data segments"5 on every
data segments every U.S. consumer/’
consumer.
Datalogix,, a broker
Datalogix broker that provides
provides data data to businesses spending of nearly
businesses on the spending nearly
every U.S. household,
every U.S. household, has collected
collected data on more than one trillion trillion dollars
dollars in
7
consumer spending.
consumer spending.7 8In the aftermath
aftermath of of the FTC
FTC report,
report, several
severa! journalists
journalists
have explored this
have explored this self-regulated industry, 8 finding
self-regulated industry,*' finding it expansive profitable. 9
expansive and profitable.1
22.. Aritra Sarkhel

See Aritra Alawadhi, How Your Personal Data
Sarkhel & Neha Alawadhi, Se/Is Cheaper
Data Sells 1ha11
Clieaper than
Chewing Gum: How lndia India’s
's Fast-Growing
Fas1-Growi11gData /11d11s1ry
Dala Brokerage Industry Is Selling /11/ormc11io11
Selli11gPersonal Information
Cheaply to 10 Anyone Who Ash, and Wlzy
Asks, a11d that's Dangerous.
Why 1hca's Dangerous, ECONOMICTIMES
ECONOMICTIMES(Feb. 28, 2017),
28. 2017),
http://tech.economictimes.indiatimes.com/news/internet/how-your-personal-data-seils-cheapei-than-
http ://tech .eco nom icti mes .ind iat imes .com/new s/ internet/h ow-you r-person a 1-da ta-se 11s-chea per-than-
chewing-gum/57380518
chcw [hereinafter /11dia
ing-gum/573805 l 8 [hereinafter 's Brokerage lndus1ryl.
India's Industry].
3. See Personal Data Is up fo
Persona! Dala forr Sale in China, N.Y. 2017, 2:55 PM)
POST (Jan. 66,, 2017,
N .Y . POST
[hereinafter
[hereinafter Personal Data],
Da1al, http://nypost.com/2017/01/06/personal-data-is-up-for-sale-in-china;
http://nypost.com /2017/01/06/personal-data-is-up-for-sale-in-china; Rao Li
Dong & Li Ling, Ling, Soulhern
Southern Repor/er
Reporter 700 Yuan Yua11To Buy Colleagues on 011 the lncl11di11g
Whereabouts, Including
1/ie Whereabouts, 1he
the
Opportunity
Opport1111ity To Open Rooms, Internet Ca/es
Rooms, llllernel O1her II
Cafes and Other Records, SOUTHERN
11 Records. METROPOLISD. (Dec.
SOUTHER METROPOLIS
12, 2016),
2016), http://epaper.oeeee.eom/epaper/A/html/20l6-12/12/content_103959.htm
http: //e paper.oecee .com/epaper/A/html/20 16-12/ 12/content_l 03959.htm (original
(origi nal in
in
Mandarin).
Mandarín).
4.
4. FTC Data Daw Brokers: A Cal/ Call Jor Accou11tabili1y,FED. TRADE
fo r Transparency and Accountability, TRADE
COMMISSION
COMMISS ION 3 (May 2014), 2014), http://www.ftc.gov/system/files/documents/reports/data-brokers-call-
http://www.ftc.gov/system /files/documents/reports /data-brokers-call-
transparency-accountability-report-federal-trade-commission-may-2014/140527databrokerreport.pdf
transparency-accountabi I ity-report-federa 1-trade-co mmi ssion-may -20 l 4/ l 40527databrokerrepo1t .pd f
[hereinafter FTC Data
[hereinafter Brokers],
Dcaa Brokersl.
5. Data segments
segments are co consumer categories derived
nsumer categories derivcd from a data (such as a consumer's
cons umer's
marital status,
marital stat purchases, and attenclance
us, vehicle purchases, attendance at baseball
baseball games) and subseq ucnt inferences that are
subsequent
based on that data.
data. An examp
example of a data segment
le of segment is the category "Soccer Moms,”
category "Soccer "might include
wh ich “might
Moms," which
all women
ali women between
between the ages of 21 and 45, with chi children,
ldren , who have purchased sporting goods within the
purchased sporting
yearsl -1"Id. at 19.
last two years[.l” 19. The nine brokers
brokers the FTC stud studied so ld both actual and derived
iecl sold derived data to
Id.
buyers.. Id.
buyers
66.. segments are consumer
Data segments consumer categories
categories derived
derived from a data (such as a consumer's
consumer's
marital status,
status, vehicle purchases, and attendance
vehicle purchascs, attendance at baseball
baseball games) and subsequent inferenc es that are
subseque nt inferences
based
based on that data.
data. Examples
Examples of data data segments
segments include
include “Soccer
"Soccer Moms,”
Moms," which, examp le, might
which, for example,
include all women
include ali women between
between the ages of of 2211 and 45,
45, with children,
chi lclren, who have purchased
purchasecl sporting
sporting goods
within the last two years.”
ycars." Id.Id. at 8.
7. Id. at 9.
Id.
8. See, e.g., Paul Boutin,
Boutin , The Secrelive
Secretive World Selli11gData
World ooff Selling Abolll You,
Dala About You. NEWSWEEK
NEWSWEEK
(May 30, 20 2016), http://www.newsweek.com/secretive-world-selling-data-about-you-464789;
16), http://www.newsweek.com/secretive-wor ld-sclling-clata-about-you-464789; Steve
Kroft, The Data Brokers: Selling Your
Kroft, ormmio11, CBS N
!11f
Your Personal Information, (Ma r. 9, 22014),
e w s (Mar.
NEWS 0 1 4 ),
http://www.cbsnews.com/news/the-data-brokers-selling-your-personal-information;
http: //www.cbs new s.co m/news/the-daca-brokers-sel ling-your-persona l-inform ation : see also Da1a
a/so FTC Data
669
669
Y ale Journal
While most brokers

While brokers generate
generate profits
profit by selling
sclling data to commercial
commercial entities,
entities,
many have begun to generate
many generate significant
significant revenue
revenue by also selling
sclling data to
individual consumers. 10 Of the nine firms the FTC studied
individual consumers."' studied in 2014,
2014, three
offcred these services
offered scrviccs and together
together generated
gencrated more than $52 million
million in annual
revcnue. The data products
revenue. products they sold old were
werc designed
designcd primarily
primarily for individual
individual
consumers, who use the
consumers, thc “products
"products for such purposes
purposc as tracking
tracking the activities
activities
executives and competitors,
of executives competitors, fmding
finding old friends,
fricnds, researching
rcsearching a potential
potential love
11
interest or neighbor,
interest ncighbor, networking,
nctworking, or locating
locating court records.”
rccords." "
While a growing
While growing number
numbcr of privacy
privacy scholars
scholars have written
writtcn on thethc data
12
brokcr industry,1
broker industry, 3 this Note is the thc first to consider
consider the implications
implications of an
unregulated data market
unregulated market that allows
allows individual
individual consumers
consumers to purchase
purchasc
information about others without
information about others without theirthcir knowledge
knowlcdge or consent.
conscnt.
Considering a New Privacy

A. Considering Privacy Harm
Over the past two decades,

Over dccadcs, privacy
privacy law and scholarship
scholarship have been prepre-
occupied by a central question:
occupied qucstion: what
what is the
thc harm in a privacy violation? 13
privacy violation?1’
Courts require
Courts require plaintiffs
plaintiffs to show
show a concrete,
concrete, particular
particular harm before
bcfore they
thcy will
14
recognize a privacy
recognize privacy violation.1
violation. 4 This legal requirement
requiremcnt has led privacy
privacy scholars
scholars
Brokers, supra note 4, at 17 (describing (describing self-imposed

·clf-imposed contractual
contractual protections
protecrions that some brokers brokers
unilaterally adopt).
unilaterally adopt).
9. See, e.g., Emily Steel, Fi11a11cial
Steel, Financial Worth ooff Data
Worth Dalll Comes in i11at Under
U11dera Penny
Pe1111y a Piece,
FIN. TIMES
FIN. TIMES (June(Junc 12, 2013. 2013, 8:11 8: 11 PM),
PM) . http://www.ft.eom/intl/cms/s/0/3cb056c6-d343-l
http: //www.f t.com / intl/cms /s/0/3cb056c6- d343-1 Ie2-b3ff- l e2-b3ff-
00144feab7de.html (describing
00144feab7de.html (clescribing how the thc “multibillion-dollar
'·multibillion -do llar dataelata broker
broker industry
industry profits
profits on the
thc trade of
thousands of details
thousands cletails about
about individuals
indivicluab ... f, which]which l often
often are sold for a fraction
fraction of a penny
penny apiece.”).
apiece.").
10.
10. FTC Data Brokers,
Brokers,ssupra upra note 4. at at34.34.
11. Id.
11. Id .
12. Rebecca Lipman,
See, e.g., Rebecca 011/i11e
Lipman , Online Privacy and the Invisible Market fo forr Our Data,
:20
.20 PENN S ST.
t . L. RREY.
e v . I777,788 (2016): Amy J. Schmitz,
l l , 788 (2016); Schmitz. Secret Consumer
Consu111erScores Seores and Segmentations:
Seg111e111arions:
Separmi11g “Haves"
Separating "llav es" from
Jrom “Have-Nots",
"/lc11•e-Nors", 2014 MICH. MICH. ST. L. REV. REY. 1411; David David C. Vladeck,
Vladeck, Consumer
Co11su111er
Prorecrion in an
Protection a11Era ooff Big Data Data Analytics, 42 OHIO ÜHIO N.U.
N.U . L, L. REV.
REY. 493,493. 498 (2016);
(2016): Ashley
Ashley Kuempel,
Kuempel.
Comment. The Invisible
Comment, lnl'isih/e Middlemen:
Middleme11:A Critique and a11dCall
Cal/ foforr Reform ooff the Data Daw Broker Industry.
lndusrry. 36
Nw, J. INT’L
Nw. INT'L L. & & Bus.
Bus. 207207(2016).
(2016).
13. See, e.g., M. M . Ryan Calo. Boundariesof
Calo. The Boundaries o f Privacy Harm.flarm,86 8 6 IND. L.J. 1131, 1132
l D.L.J.l131,1132
(201 1). The focus on digital
(2011). digital privacy's
privacy's harm has evolved, evolved, at least partially,
panially. in response
respom,e to early critiques
critiques
L1at digital
fiat digital privacy
privacy interests
interests were economically
economically inefficient
inefficient or could
could not be rooted rooted in viable constitutional
com,titutional
claims. See. e.g.,
claims. See, e.g., Robert
Roben H. Bork, The Right Righr to ro Privacy:
Pril'llcy: The Construction
Consrrucrio11ooff a Constitutional
Co11stirwio11a/ Time
Time
Bomb, in i11 PRINCIPLES
PRINCIPLESOF CONSTITUTIONAL
CONSTITUTIO AL INTERPRETATION
INTERPRETATION311 31 l (1990);
( 1990); Richard
Richard A. Posner,
Posner , The
Economics ooff Privacy, 71 A AM.m .E co n . R
ECON. ev . 405 (1981).
REY. ( 1981 ).
14.
14. See, e.g., Spokeo
Spokeo v. Robbins,
Robbins , 136 S. S . Ct. 1540 (2016)
(2016) (vacating
(vacating and remanding
remanding the
Circuit for ‘‘elidfingl
9th Circuit "e lid!ingl independent
inclependent 'concreteness'
·co ncretcness ' requirement”
requirement ·· in its injury-in-fact
injury-in-fact analysis);
analysis); see also
a/so
!.1 re Google,
In Google, Inc.lnc. Privacy
Privacy Policy
Policy Litigation,
Litigation , Case
Case No. C-12-01382-PSG,
C-12-01382-PSG, 2013 WL 6248499, 6248499, at *3 (N.D.
Cal. Dec. 3, 3 . 2013) (dismissing
(dismissing plaintiffs’
plaintifü · complaints
complaints against
against GoogleGoogle for compiling
compiling personally
personally
identifiable information
identifiable infonnation across across different
different Google
Google services,
services, because
because plaintiffs
plaintiffs failed
failecl to meet
meer Article rn
Article III
standing requirements
standing requirements by showing howing “(1) "( I) [plaintiff)
fplaintiffl has suffered
$Uffered an ‘injury
'i njury in fact'
fact' that is (a) concrete
concrete and
particularized and
particularized ancl (b) actual or imminent, imminent, not conjectural
conjectural or hypothetical;
hypothetical: (2) the injury is fairly
traceable to the challenged
traceable challcngcd action action of the lhe defendant;
defendant; and ancl (3) it is likely,
likely , as opposed
opposecl to merely
merely speculative,
speculative,
rhe injury will be redressed
that the redre ssed by a favorable
favorable decision”);
decision"): see also a/so Calo,
Calo. supra note 13, 13. at 1132 ("A
p-ivacy harm must
privacy mu,r be ‘cognizable’,
·cog nizable '. ‘actual,’
'ac tual.' ‘specific,’
'specific.' ‘material,’
' material.' ‘fundamental,’
•fundamental.· or ‘special’
'specia l' before
before a
court will consider
court consider awarding
awarcling compensation.”).
compensation.'').
670
670
A New Privacy Harm
15
to devote considerable encrgy
energy to idcntifying
identifying (or dismissing)) 15 the harms that a
(or dismissing
16
violation of privacy can cause.
cause.1'’
17
17
Scholars have mapped privacy harms that flow from the collection,
aggregation
aggregat1on, 1suse
. , 18 19and
use,, 14 .
d.1ssemmation
and dissemination . 20 f
20 of
d. . ¡ . e
1g1ta mtonnat10n.
o digital · 21 Th
information/ 1 These b arms
ese harms
15. See, e.g., STEWART

STEWART A. BAKER, SKATING ON STILTS:
BAKER, SKATING STILTS: WHY WE AREN'T AREN’T STOPPING
STOPPING
Tomorrow ’s T
T0MORR0W'S errorism (2010);
TERRORISM (2010); A mitai E
AMITAI tzioni .T
ETZIONI, L imits 0F
he LIMITS
THE of P PRIVACY
rivacy (1999); Richard A. Posner,
(1999); Richard
Privacy, Surveillance,
S11rveil/a11ce, and Law.law. 75 U. CHI. Cl-11. L. REV.
REV. 245, 25 1 (“Privacy
245, 251 tcrrorist 's best friend
("Privacy is the terrorist’s
").
...... . . ”).
16. For examp
example, le, Daniel Solove
So lovc sought
sought to map
map all ali privacy harms that can be connected
privacy harms connected
to digital
digital activity.
activity. See Daniel
Daniel J. Taxonomy ooff Privacy, 154 U.
Solove, A Taxo110111y
J. Solove, U. P a . L. REv.
PA. 477. 482 (2006)
R ev . 477, (2006)
(providing
(providing a “comprehensive
"co mprehensive and concrete” concrete" de description
scription of harms associated
of harms information collection,
associated with information collection,
processing,
processin dissemination,, and
g, dissemination and intrusion). Recent scholarship
intrusion). Recent scholarship has built especially with
efforts, especially
built on his efforts,
respect
respect to the discriminatory
discriminatory implications
implication s of of "big data." See e.g
·'big data." e.g.,., Schmitz,
Schmitz, supra note 12; see also a/so
Kuempel,
Kuempcl, supra note 12, at 207 (underscoring (underscor ing the thc discriminatory impli ca tions of data
discriminatory implications commod itizat ion) .
data commoditization).
In a 2015 2015 article
article surveying
surveying the historyhistory of of privacy
privacy regulation
regulation in the United State s, Maur
United States, Maureen Ohlhau se n
ee n Ohlhausen
and Alexander
Alcxander OkuliarOkuliar conclude
conclude that inquiries
inquiries into the type typc and scope scope of harm, hann , along with the
possibility
possibility of of remedy,
remcd y, remain
remain the best bcst way to determine
determine how legally to respond
how legally respond to a privacy concern. See
privacy concern.
Maureen
Maurecn K. Ohlhauscn Ohlhausen & Alexander
Alexander P. Okuliar, Co111petitio11,
Okuliar , Competition, Co11s11111er Protecrion, and The
Consumer Protection, The Right
lApproach] to Privacy
/Approachj Privacy,, 80 A ntitrust L.J. 121.
ANTITRUST 121, 153-55 (2015). Neverthcless , sorne
(2015) . Nevertheless, some privacy scho lars
privacy scholars
consider
consider the harms harm s related
related to privacy
privacy violations
violations to be thoroughly mappcd , and
thoroughly mapped, and some scholars have
sorne scholars
looked
looked to move move away from a focus
away from focus on privacy
privacy harm. See Paul Ohm, lnformation, 88 S. CAL. L.
Ohm, Sensitive Information,
REV.
REV. 1125, 1125, 1164-65
1164-65 (2015)
(20 15) (providing
(providing exampexamples les of scholars moving away
scholars moving away from a focus privacy
focus on privacy
harm).
harm).
17. See, e.g.. Julie E. Cohcn,
e.g., Julie Cohen, Examined Lives: Informational /ormational Privacy and
/11 cmd the Subject
as Object, 52 STAN. STAN. L. R ev . 1373, 1426 (2000);
REV. (2000); Paul M. Shwartz, Shwartz. Privacy and a11d Democracy in
Cyberspace, 52 VANO. V a n d . L. REV.
R ev . 1609, 1656 (1999); (I 999); Solove,
Solove , supra note 16, at 493 ("Not on ly can
("Not only direct
ca n direct
awareness
awareness of of surveillance
su rveillance makemake a personperson feel
fcel extremely
extremely uncomfortable,
uncomfo,table , but it can also cause cause that person
person
to alter her behavior.
behavior . .... . . Iead[ingl
lead[ingl to self-censorship
self-censorsh ip and inhibition.”).
inhibition.").
18. See, e.g..
e.g., Big Data: A Report on 011Algorithmic Systems, Opportunity, Opport1111i1y , a11d
and Civil
Rights, E xec .
EXEC. O
ÜFFICE
ffice PRESIDENT
president (May
(May 2016),
2016),
http://www.whitehouse.gov/sites/default/files/microsites/ostp/2016_0504_data_discrimination.pdf;
http: //www. whitehouse .gov/sites/dcfaul t/fi les/m icrosites/ostp/20 16_0504 _data _discrim ination .pdf ;
Daniel JJ.. S
DANIEL olove , T
S0LOVE, heD
THE igital P
DIGITAL erson : T
PERS0N: echnology ANO
TECHNOLOGY Privacy in
and PRIVACY IN THE Information AGE
the lNFORMATION Age 1-10
(2004)
(2004) (describing
(descr ibin g the tailored “digitall dossiers"
tailored '•digita dossiers” that are co collected
llected and how this can be harmful lrnrmful in the
context
contcxt of government
government access access to information); Raymond Daniel
information); Raymond Daniel Moss,
Moss. Note, Enforcemellf
Note , Civil Rights Enforcement
in the Era oo/f Big Data: Dara: Algorithmic Discrimination and the Computer Co111p11ter Fraud and Abuse Act, 48 COLUM. COLUM.
HUM.
HUM. R ts . L. R
RTS. ev . (forthcoming
REV. (forthcoming 2017). 2017).
19. See, ee.g.. Balkin , l11for111a1ion
Jack M. Balkin.
.g., Jack Fiduciariess and the First Amendme11t,
Information Fid11ciarie Amendment, 49
U.C. D avis L. R
DAVIS ev . 1183 (20
REV. (2016);
16); Jonathan Response, Engineering a11
Zittrain, Response,
Jonathan Zittrain, an Election: Digital
Gerrymandering
Gerryma11deri11gPoses a Threat to Democracy, 127 H a RV. L. R
HARV. ev . F. 335,
REV. 335, 335-36 (2014),
335-36 (2014),
http://harvardlawreview.org/2014/06/engineering-an-election;
http:/ /harvardlawreview.org /2014 /06/e ngineering -an-election ; Bruce Schneier, Schncier, Why Uber's ‘God View'
'God View’
Is Creepy, CNN CNN (Dec. (Dec. 44,, 20 2014,
14, 8:03 AM), AM) , http://www.cnn.com/2014/12/04/opinion/schneier-uber-
http ://www.cnn.com/20 14/12/04/opinion/schneier-uber-
privacy-issue;
privacy-i ssue; Jonathan Zittrain, Facebook Could Decide an Election
Jonathan Zittrain, A11yo11
Witho11tAnyone
Electio11Without Fi11di11
e Ever Finding Out,
g Out,
NEW REPUBLIC
NEW REPUBLIC (June (June 1, 20 2014),
14), http://www.newrepublic.com/article/117878/information-fiduciary-
http: // www.newrepublic.com /a rticle/117878 /information-fíduciary-
solution-facebook-digital-gerrymandering.
so lution -facebook-d igital -ge rrymandering.
20. In
ln recent
recen! we well-publicized
ll-pub licized instances, commerciall entit
instances , both commercia entities hackers have
ics and hackers
used the threat thrcat of dissemination
dissemination to try to extort extort concessions
concess ions from individuals. Balkin , supra note 19,
individuals. See Balkin, 19,
at 1187-94
1187-94 (describing
(describing Uber’sUbcr's efforts
effo rts to “dig
"dig up dirt”dirt" on a critical
critica l Buzzfeed
Buzzfced reporter);
reponer); Laurie Segall ,
Laurie Segall,
Ashley Madison Users Now Facing Extortio11, CNNMONEY (Aug.
Facing Extortion, (Aug. 21 21,, 2015,2015, 7:00 PM), PM),
http://money.cnn.com/2015/08/21/technology/ashley-madison-users-extorted.
http: //mo ney.cnn.com/2015 /08/2 1/technology /as hley-madison-users -ex torted.
21. See, ee.g.,
g ., Solove,
So love, supra note 16, at 492-94 (providing a '·comprehensive
492-94 (providing “comprehensive and
concrete” description of harms
concrete·· description harms associated
associated with information
information collection,
collcction, processing,
processing , dissemination,
dissemination. and
intrusion);
intrusion); see a/so also TI·IE
THE WHITE
WIIITE HOUSE, Consumer Data Privacy in a Networked World: World: A Framework
For Protecting Privacy and a11d Promoting Innovation lnnovation in the Global Digital Economy (2012), (20 12),
http://www.whitehouse.gov/sites/default/files/privacy-final.pdf;
http ://www.w hitehou se .gov/s ites/default /files /privacy-final.pdf; FED.
FEO. TRADETRAOE COMM'N, Pro1ec1i11
C0MM 'N, Protecting g
Consumer Privacy in an Era ooff Rapid Change: Recommendations Reco111111enda1io11s Jor B11sinessesand Policymakers
fo r Businesses
(2012),
(20 12), http://www.ftc.gov/sites/default/files/documents/reports/federal-trade-commission-report-
http:/ /w ww.ftc .gov/s ites/defaul t/fi Ies/documents /repons /federal-trade-commission-report-
protect ing-con su mer-pri vac y-era-rap id-cha n ge- recom mendati on si 120326pri vacyreport.
protecting-consumer-privacy-era-rapid-change-recommendations/120326privacyreport.
671
671
Journal on Regulation
Yale Journal Regulation Vol. 34, 2017
22 22
range from less tangible—
range""’ tangible-including
including ill easecase or anxiety
anxiety at the prospect
prospcct of
being constantly monitored 23 (which
constantly monitored23 (which can also lead sel f-censorship 24),
lcad to self-censorship24),
consumer manipulation
consumer manipulation companies, 25 and voter
by companies,25 votcr manipulation
manipulation by
26 27
campaigns -toto more tangible
campaigns20— tangible harms,
harms , such
sucb as blackmail27
blackmail stalking. 28
and stalking.2*
Idcntified harms also manifest
Identified harms manifest in social sorting discrimination, 29 an
sorting and discrimination,29
30 31
incrcascd vulnerability
increased vulncrability to cyber attacks,30 and identity
cyber attacks, idcntity theft.3
theft. 1
Scholarship that has analyzed
Scholarship analyzed the
thc privacy
privacy implications
implications of the data broker broker
industry discuss
industry discuss harms
harms parallel
parallel to those that Daniel
Daniel Solove
Solove and others
othcrs have
previously identified.
previously identified. David Vladeck’s
Vladeck's analysis
analysis of the broker broker industry
industry
highligbts three
highlights thrcc privacy
privacy harms—
harms-identity
identity theft
thcft (the most urgent),
urgent), data breaches,
breache ,
and the
thc unrestrained
unrestrained collection
collcction of sensitive,
scnsitivc, personal data. 32 Rebecca
personal data.32 Lipman’s
Rebccca Lipman's
work underscores
work underscores both how data brokers brokers provide
provide capacity
capacity for third parties
parties to
delivcr targeted
deliver advertising, 33 as well as how these
targetcd advertising,33 thesc datasets
datascts can facilitate
facilitate
34
harmful social sorting.'4
harmful social sorting. Amy Amy Schmitz
Schmitz argues
argues that data sales can encouragecncourage
22. See M. Ryan Cato. Calo. The Boundaries ooff Privacy Harm. 1/arm. 86 IND.IND. L. J. 11311131 (2011)
(describing the boundaries
(describing boundaries of “objective”
"objcctive .. harms—involving
harms-involving financial,
financia!, dignitary,
dignitary, or other
othe r tangible
tangible loss—
loss-
.md “subjective”
and "subjective" harms—involving
harms - involving psychological
psychological ill-ease or distress).
distress).
23 .
23. e.g ., Solove,
See, e.g., Solove, supra note 16, at 493 (“fDjirect
("fDjirect awareness
awareness of surveillance
surveillance [can]
fcan]
:11ake
make a person feel fecl extremely
extremely uncomfortable
uncomfortable ...... . "); see alsoa/so Tatiana
Tatiana Siegel.
Siegel , Sony Hack 1/ack Fallow:
Fa/10111:
Exernlives Now "Afraid"
Executives "A/raid" To To Send Emails, Emails, HOLLYWOOD
HOLLYWOOD RREP. ep . (Dec.
(Dec. 17. 17, 2014),
http:// www.hol lywoodreporter .com/news/son y-hack-fal lout-executivcs-afraid- 7 58506.
http://www.hollywoodreporter.com/news/sony-hack-fallout-executives-afraid-758506.
24. See, e.g., Cohen,
Cohen. supra note 17, at 1426 (“[P]ervasive
("'[P]ervas ive monitoring
monitoring of every first
move or false start will, will, at
al the margin,
margin, incline choices
choices toward the bland and the mainstream.”);
mainstream."); Shwartz.
Shwaitz ,
supra note 17, 17. at 1656 (arguing
(arguing that the internet’s
internet's constant
constant surveillance
surveillancc of the "naked "naked thought’s
thought's digital
expression short-circuits
expression short-circuits the individual’s
individual 's own process of decisionmaking”).
decisionmaking").
25. See. ee.g
See, g .,.. sources
sources cited in supra note 12; 12; Andrew Hasty, Hasty. Note, Treating Consumer
Note , Trealing Co11s11111er
Da1a Like OH:
Data Oil: HowHoll' Re-framing Digital Digi1al Interactions
!11teractio11s Might Bolster the the Federal Trade Commission’s
Commission 's
New Privacy Framework, 67 FED. COMM. COMM.L.J.L.J. 293, 300 (2015).
300(2015).
26. See, ee.g.,
g ., Bruce Schneier, Candida1es Won’t
Schneicr, Candidates Wan't Hesitate
ll esitcue To Use Use Manipulative
Ma11ip11/a1ive
Advertising To Score Votes,
Votes, GUARDIAN
GUARDIAN (Feb. 4, 2016, 6:45 AM),
AM).
http://www.theguard ian .com/commentisfree/2O l 6/feb/O4/presidenti al-elect ion-voter-data-mani pulati ve-
http://www.theguardian.com/commentisfree/2016/feb/04/presidential-election-voter-data-manipulative-
ad vertisi ng-pri vacy.
advertising-privacy.
27. Balkin, supra note 19, at 1187-94 (describing
See, e.g., Balkin, (describing Uber’s
Uber"s attempt
attempt to find
embarrassing information
embarrassing infonnation on a reporter rcporter to dissuade
dissuade her from continuing
continuing to write negativenegative stories about
compa.ny); Segall,
the company); Segall. supra note 20.
28. See, ee.g.,
See. Rcmsburg v. Docusearch,
g .. Remsburg Docusearch, Inc.,
lnc., 816 A.2d 1001 1001 (N.H. 2003) (describing
(N .H. 2003) (clescribing a
New Hampshire
Hampshire resident’s
resident's purchase
purchase of an acquaintance’s
acquaintance's personal information
information from an information
information
broker in order to stalk and ultimately
broker ultimately murder
murder her).
29. See, ee.g., Frederik Zuiderveen
g ., Frederik Zuiderveen Borgesius
Borgesius et al„ Open Data,
al., Open Daw, Privacy,
Pri1•acy. and FairFair
Infor111lltio11
Information Principies: To11•ard.1·
Principles: Bala11ci11g
Towards a Balancing Framewor/.., 30 BERKELEY
Framework, BERKELEYTECH. TECII. L.J. 2073,
2073, 2091-93
(describing the
(2015) (describing thc privacy
privacy interest
intcrest in avoiding
avoiding social
soc ial sorting,
sorting, which involves
involves “obtain[ing]
"obtain[ing] personal
a,d group data in order
and order to classify
classify people and populations
popularions according
according to varying varying criteria”
criteria"' and
discrimination); Margaret
discrimination); Margaret Hu, Big Data Blacklisting,
Blacklis1i11g.67 FFLA.
la . L. R ev . 1735
REY. (2015).
1735(2015).
30. Alexander Tsesis,
Alexander Tsesis, The Right to Erasure: Privacy,
Pril'acy, Data Brokers,
Brokers. and the Indefinite
/11defi11ite
Re1entio11ooff Data, 49 WAKE
Retention WAKE FORESTFORESTL. R REY. 433. 454-59
ev . 433, 454-59 (2014) (describing
(describing how the prominence
prominence of
delta sale and bulk data brokers
data brokers exacerbates
exacerba.tes data vulnerability).
vulnerability).
331.
1. Daniel J.J . Solove, ldentity Thei,
Sol ove, Identity Privllcy, and the
Theft, Privacy, tite Architecture
Architeclure ooff Vulnerability,
Vulnerability, 54
f-lASTINGS
H astings L L.J.
.J. 121227,
2 7 ,1229
1229 (2003).
(2003).
32. Vladeck, supra note 12, at 501-12.
Vladeck, 501-12.
33. Cf. Slade Bond, Bond , Doctor Zuckerberg: Or, Or, How
11011·I Learned
Leamed To Stop Worrying Worrying and
Lv1•eBehavioral
Love Behuvioral Advertising,
Ad\'enising. 20KAN.J.L.
20 KAN. J.L. & & PUB.POL’Y
PUB. PoL·Y 129 (2010).
129(2010).
34. Lipman.s11prn
Lipman, supra note 12, 12,at781-82.
at 781-82.
672
672
New Privacy
A New Privacy Harm
Harm
discrimination
discrimination and reinforce preexisting power
reinforce preexisting power imbalances through the secret
imbalances through
35
scoring segmenting of consumers
scoring and segmenting consumers’' economic
economic value However,, these
value.. ' 5 However
important concerns
irnportant concems do not contemplate
contemplate distinct, harms that may stem from
distinct , new harms
information.
the sale of digital information.
This Note
Note adds to the scholarship
scholarship on data sales by arguing arguing that the
creation of a mark
creation market individuals to buy data on their peers enables
et for individuals enables a new
privacy
privacy harm: “relational control.” Relational
"relational control." Relational control occms when
control occurs individuals
when individuals
acquire
acquire the private
prívate data of those in their their social or professional networks. When
professional networks. When
data brokers
brokcrs sell consumer individuals, they allow
consumer data to individuals, buyers to learn about
allow buyers
the behavior
behavior and motivations
motivations of those whose whose data they purchase. insights
These insights
purchase . These
allow the buyers to influenceinfluence the decisions around them,
thosc around
decisions of those leading to
them , leading
potential harms unrecognized
potential unrecognized by privacy
privacy scholarship date .
scholarship to date.
This Note
Note proceeds
proceeds in six parts. Part I surveyssurveys the data broker industry and
broker industry
the market
markct for data that is sold to individuals.individuals. Part II reviews existing U.S.
reviews existing
commercial
commercial privacy explores how the law fails to protect
privacy law and explores consumers
protect consumers
from or provide
provide remedies
remedies for most rclational
relational control harms . Part
control harms. IU elaborates
Part III elaborates
on the theoretical
theorctical premises
premises of the relational outlines why this
control harm and outlines
relational control
threat is likely
likely to grow.
Part IV assesses
asse sses the interventions
intervention s that scholars technologi sts have
scholars and technologists
offered
offered to combat commercial
combat commercial privacy
privacy threats
threats and explains
explains why these reforms
reforms
fail to remedy
remedy consumer
consumer exposure
exposure to relational explains why
control. Part V explains
relational control.
two recent
rccent frameworks—Paul
frameworks - Paul Ohm’s Ohm ' s “sensitive
"sensitive data” theory and Jack Balkin's
data " theory Balkin’s
“information fiduciaries” theory—offer
" information fiduciaries" theory - offer possible
possible paths to reduce likelihood
reduce the likelihood
of relational
relational control,
control , although
although neither
neither is designed
designed to prevent relational control
prevent a relational control
harm.
hann .
Finally,, Part VI proposes
Finally proposes a number
number of doctrinal shifts in existing
doctrinal shifts existing privacy
privacy
law that may reduce reduce consumer
consumer exposure
exposure to relational
relational control.
control. Congress
Congress and
legislatures could also move to protect
state legislatures protect certain information as
certain types of information
sensitive and impose
sensitive impose heightened
heightened diligence
diligence and consent standards (or
consent standards (oranan ouh·ight
outright
ban) on transactions
transactions involving
involving these
thesc types of information.
infonnation. Common
Common law courts
could also expand
expand tort law to allow allow consumers
consumers harmed
hanned by relational control to
relational control
sue where
where information
information was wrongly wrongly used or sold. However, However, none of these
proposals
proposals is a panacea,
panacea , and,
and , further,
further , each could prove economically
economically disruptive.
disruptive.
Though there are
Though arc a number
number of ways to reduce reduce consumer
consumer exposure,
exposure , the problem
of relational
relational control
control is not easily
easily sol
solved.
ved.
l.I. The Data

Data Broker
Broker Industry
Industry and the Market
Market for Buying
Buying People ' s Data
People’s
This Part
Part introduces
introduces what is currently
currently known broker
about the data broker
known about
industry
industry and the sale of consumer
consurner information
information to individuals.
individuals.
35. Schmitz, .supra

supra note 12.
12 .
673
A. An Expansive
Expansive U.S. Broker Industry’
Brok er lndustr y
The data broker

broker industry
industry in thethc United
United States
Statcs has expanded
expanded considerably
considerably
o ver the past few
over fcw years. A 2016 NewsweekNewsweek report estimates
estima tes that the industry
industry
includcs bctwccn
includes between 2500 and 4000 data brokers.36 brokcrs .36 Unlike
Unlike large
largc companies
companies like
Googlc and Facebook, 37
Google Facebook, data brokcrs
brokers try to avoid name namc recognition37
recognition while
38
collecting
collecting data on American
American consumers.38
consumers.
Brokcrs collcct information
Brokers collect information from a combination
combination of public records, rccords ,
publicly available information,
information, and non-public, 39
publicly available non-public, proprietary sources.39
proprietary sources. Major
Major
public sourees
public sources of data are federal
federal and state governments,
governments, which whieh provide
provide
consumer information
consumer information relating
rclating to recreational
recreational and professional
profes ional licenses;
lieenses;
ban.kruptcies; driving
bankruptcies; driving histories; voter registration;
histories; voter registration; mortgages;
mortgages; and birth, birth ,
maiTiage, divorce,
marriage, divoree, and death records .40 Data brokers also scrape
deatb records.40 crape publicly
publicly
available data from social
available social nctworking
networking sites
sitcs and blogs,
blogs , and buy and sell private prívate
data from digital serviccs. 411 Of
digital services.4 Ofthe
the nine data brokers
brokcrs the
thc FTC surveyed
survcyed in 2014,
eight bought
eight bought data from commercialcommercial entities,
entitics, including
including purchase
purcha e information
information
(sueb dates of transactions,
(such as dates transactions, dollar
dollar amounts
arnounts spent,
spcnt, and types
typcs of card used),used),
aggregated transactional
transactional data from financial 42
and aggregated financia! services
serviccs companies.42
companies. At least
one of the tbe nine
ninc brokers
brokcrs purchased
purchascd consumers'
consumers’ web browsing
browsing activities
activitie fromfrorn
43
onlinc advc11ising networks.
online advertising networks.43 As many commentators cornmentators note,note , there is no legal
regirne
regime that prevents
prevents brokers
brokers and other
other companies
companics from frorn sharing
sharing data with
cornpanies. 44 A wide array of entities—from
individuals and companies.44
individuals entities-frorn political
politieal
45
campa1gns
·
campaigns4' ant1v1rus
· ·
to antivirus compames . 46- buy and
companies46—buy an d sell
se 11data
data with
w1t bro kcrs. 47
. 11 brokers.47
36. Boutin,
Boutin, supra note 8.
37. Kroft, s11pranote 8 (“What
Kroft, supra ('"What most of you don't don 't know,
know, or are just just beginning
beginning to
realize, is that
realize, that a much greater
greater and more immediate
immediate threat
thrcat to your privacy privacy is i coming
coming from
frorn thousands
thousands of of
cornpanies you've
companies probably never
you've probably never heard
heard of, in the name
namc of commerce.").
cornmerce.").
38. Vladcck, supra
Vladeck, supra note 12, at al 498 ("Make
("Make no mistake, mistakc, there
thcrc is little question
qucstion that the thc
major data
major data brokers
brokcrs know
know more about about each
each ofof us than,
than, say,
say. for example,
example. the National
Nacional Security
Sccurity Agency,
Agency,
Interna) Revenue
the Internal Rcvenuc Service, Social Security
Service, the Social Security Administration,
Administration. or any other other government
government institution”).
institution:').
39.
39. See U.S. G Gov'T ACC0U TABILITY OFFICE,
ov ’t ACCOUNTABILITY OFFICE. GAO-13-663,
GAO-13-663, INFORMATION
INFORMATION
RESELLERS C
RESELLERS CONSUMER
onsumer P PRIVACY
rivacy F FRAMEW0RK
ramework N NEEDS
eeds to TO R eflect C
REFLECT CIIANGES
hanges in IN T
TECIIN0LOGY
echnology and AND
nE MARKETPLACE
THE MARKETPLACE33-4(2013) fhereinafter
-4 (2 0 1 3 ) [h GAO Information
erein after GAO lnformarionResellersResellers]. j.
40. See FTC Data Dara Brokers,
Brokers, supra
s11pranote 4, at 11-13. 1 1- 13.
41. See id. at 13-14.
13-14.
42. See id. at 13-14.
Seeid.atl3-14.
43. See id. atat 14.
44. See. e.g., Boutin,
See, Boutin, supra
supra note
note 88 ('"As
(“As shadyshady as as itit might
might sound,
sound, the
the entirc
entire industry
industry is is
completely
completely legal.”).
legal."').
45.
45. See, e.g., Neal
See, Nea) Ungerleider,
Ungcrleider, Yes,Ye.1. Political
Polirical Campaigns
Campaigns FollowFolloiv Your
Your Browser
Browser
/-lisrory,FFASTCOMPANY
History, a STCompany (N (Nov. 20 13, 9:30
ov. 5, 2013, 9:30 AM).
AM), http://www.fastcompany.com/302I092/yes-political-
http://www.fastcornpany.corn/3021092/yes-political-
campaigns-follow-your-browser-history
campaigns-follow-your-browser-history ("There are few
("There few lawslaws preventing
preventing marketing
marketing firms
firrns working
working on
election carnpaigns (or,
election campaigns (or, for that matter, selling laundry)
mattcr, selling laundry) ...... . . ”).
").
46.
46. See, e.g.,
See, e.!/,, James
James Temperton,
Temperton. AVG AVG CanCan Sell Sel/ Your
Your Browsing
Browsing and SearchSearch History
1/isrory toro
Adverrisers. WIRED
Advertisers, WiRED (Sept.
(Sept. 18,2015),
18, 2015),http://www.wire d .co.uk/art iclc/avg-privacy-po licy-browser-search-
http://www.wired.co.uk/article/avg-privacy-policy-browser-search-
("While AVG
data (“While A VG has not utilised models to date,
utilised data models date, we may, in the future, future, provided
provided that it is
anonymous, non-personal
anonymous, non-personal data, data, and we are confident
confidenl that
1hat our users uscrs have sufficient
sufficicnl information
informati on and
control to make
control rnakc an informed
informed choice.”).
choice.").
A New
New Privacy Harm
Privacy Harm
B. Data Sales to Indi vidual Consumers

Individual
Selling big data is lucrative.

Selling lucrative . The nine brokersbrokcrs surveyed generated a
surveyed generated
combined
combincd $426 million
million in annual revenue . In general,
annual revenue. revenue sternmed
general, this revenue stemmed
48
from three business
business lines: marketing
marketing,, risk mitigation
mitigation,, and “people
"people search.”
search." '
Most relevant
Most rclevant to this Note Note’s ' s inquiry
inquiry is people
people search,
search , as the services tbat
services that
49
comprise
compri se people search are “often
people searcb intended for use by individuals
"often intended individuals.”4'." TheThe FTC
FTC
noted that
tbat "“users
users utilize
utilize people products for such purposes
search products
people search purposes as tracking
competitors, finding
the activities ooff executives and competitors, friends , researching a
finding old friends,
records ." º
5
potential love
!ove interest or neighbor,
neighbor, networking, or locating court records.”50
locating court
Three of the nine brokers
Three offered people
brokers offercd search products
people search generated a
products and generated
51
combined $52.69 million
combined $52.69 annual revenue.
mi Ilion in annual revenue."1
The number
number of of brokers
brokers offering
offering people
people search
search services
service s in the UnitedUnited
States
States remains unknown.. In 2014
remains unknown reporter Julia Angwin documented her
2014,, rcporter Angwin documented
attempts to opt out from
attempts from over
over 200 data brokers brokers,, including sixty-four that
including sixty-four
52
specialized people search
specialized in people search service
services."'
s. In 2015 2015,, columnist Cynthia Alice
columnist Cynthia Alice
Andrews compiled
Andrews compiled a directory
dircctory of the websites
websites and privacy policies of 257
privacy policies
people
peop le search
·
searc 11 services.53
serv1ces. 53
With few exceptions,

With little is known
exceptions , little known about information that
about the types of information
these brokers
brokers sell to consumers.
consumers. Some well-known
well -known brokers Spokeo only
brokers like Spokeo
sell information
information derived
derived from public sources. However
public sources. hundreds of
However,, there are hundreds of
brokers
brokers that offer
offer people search services
people search services in the United
United States, unlikely
States , and it is unlikely
that
tbat each refrains from selling
each refrains sclling non-public information. A 2013 GAO report
11011-publicinformation. report on
the data broker
broker industry notes,, without
industry notes naming specific companies, that U.S.
without naming specific companies ,
brokers offer people
brokers offer people search services that incorporate
scarch services "proprietary
incorporate data from “proprietary
sources”
sources" in addition
addition to information
information that consumers available or
publicly available
consumers make publicly
47.
47 . See ee.g.,
.g ., Lois
Lo is Beckett,
Beckett , How
f-low Microsoft and Yahoo Are Poli1icia11s Access
Ar e Selling Politicians Access to10
You, PPRO PUBLICA(June
r o PUBLICA (Jun e 11, 2011, 20 11, 11:45
11:45 AAM), http://www .propubli ca .org/a rticle/how-microsoft-a nd-
M), http://www.propublica.org/article/how-microsoft-and-
yahoo-are-selling-politicians-access-to-you
ya hoo- are-se llin g-pol iticians-access- to-yo u (("'fT]he“ [T]he credit reporting giant Experian pe rform s a ·ct
performs o uble-
‘double-
blind’ betweenn Mi
blind' match betwee Microsoft's
crosof t's data and camp campaigns’ data.. Yahoo uses another mass
aig ns' data massive comp any ,
ive data company,
Acxiom.
Acx iom . Both Experian and Acxiom Acx iom also offer similar matching for comm commercial c lients who want to
ercial clients
find previous
prcv ious customers online.”). onlin e ."). The use of double-blind
doubl e- blind or other
oth er anonymization
anon ymization features is
particularly susceptible
susce ptible to de-anonymization,
de- anonymization, even by a “regular" nsumer. See infra Part TTI
consumer.
"regular" co III..
48. See FTC Dala Data Brokers,supra
Brokers,s upra note 4, at 23.
49. Id. at 34.
50..
50 td. (emphasis
Id . (emph added)..
as is added)
51.
5 1. Id. Sorne
Some brokers
broker s offer limited
limit ed versions of of their people search produ cts to
sea rch products
consumers
con sumers for free A spokesperson
spokes person for the people peo ple search broker Whit epagcs claimed
broker Whitepages sea rch
claim ed that its free search
service received
rece ived 55 million
milli on unique
uniqu e visitors every month.month . See Kaveh f-low Family
Wadd ell , How
Kave h Waddell. TreeNow
FamilyTreeNow
Makes
Makes Stalking
Sralking Easy, ATLANTIC
ATLANTIC (Jan. 17, 201 7),
2017),
http://www.theatlantic.com/technology/archive/2017/01/the-webs-many-search-engines-for-your-
http ://w ww.theatlantic .co m/technology/a rch ive/20 17/O1/t he-we bs-many-se arch-engines-fo r-yo ur-
personal-information/513.323
persona l-inform ation/5 I 3323 (“With volu me of visitors, we do our
("With that volume our best to make sure we’re onlyy
we ' re onl
offering
offe ring up landline telephone
landlin e te lcphone numb numbers addr esses" to users who don
ers and addresses” ' t pay for fits
don't [its $30 a month
“Premium”
"Premium " service].
servicel .... . ..”)
")
52. See Julie
Juli e Angwin,
Angw in , Privacy
Pri vacy Tools:
Too ls: Opting
Op1i11g Out from Broke rs (Jan.
f rom Data Brokers 30 , 2014
(Jan . 30. 2014), ),
http://juliaangwin .com/ pri vacy- 1001s-o pti ng-out -from-data-brok e rs.
http ://ju Iiaang win .com/privacy-tools-opting-out-from-data-brokers.
53. See Cynthia
Cy nthi a Alice
Al ice Andrews, Breaking
Andr ews, Breaki ng It Dow11: The Dara
lt Down: Data On Data Brokers,Broke rs, FFUPl ip
d ia (Feb. 09, 2015
M eEDIA 2015), http ://flipthemedi a .com/2015 /02/breakin g-data-data-brok ers.
), http://flipthemedia.com/2015/02/breaking-data-data-brokers.
675
Yale Journal
Joumal on Regulation
records. 54 And,
exists in public records.54 And , as noted, brokers in other countries
countries have begun
individuals consumer
to sell individuals consumer data that originates
originates from, among
among others,
others ,
proprietary 55
sources
proprietary sources in the United
United States like eBay and Amazon.
Amazon.55
U.S . Commercial
II. Gaps in U.S. Commercial Privacy
Privacy Law
U.S. commercial
commercial privacy
privacy protections
protections are derived
derived from distinct,
distinct ,
intersecting authorities
intersecting authorities—- including
including federal and state statutory
statutory law, tort law,
ageney regulations, promulgated
agency regulations, promulgated industry
industry best practices,
practices, and private
prívate contractual
contractual
agreements. This Part surveys
agreements. surveys how these authorities
authorities provide few
fcw checks on the
sale of consumer
consumer data.
A. Statutory Priva cy Protections

Privacy Prot ections in the Commercial
Commercia/ Sphere
The United
United States has adopted patchwork , sectoral approach
adopted a patchwork, approach to federal
56
privacy law in the commercial
privacy commercial sphere.56
sphere. The Thc Telecommunications
Telecommunications Act bars
disclosing , or permitting
ISPs from using, disclosing, pcrmitting access to “individually
"individually identifiable
identifíable
::ustomer proprietary
customer proprietary network
network information”
information" for purposes
purposes outside
outside of the
:,rovision
provision of thc telecommunications services from which
the telecommunications services which thethc information
information is
derivcd .57
derived.57
Bcyond ISPs , the Fair Credit
Beyond ISPs, Credit Reporting
Reporting Act (FCRA)
(FCRA) imposes
imposes an array of
obligations on consumer
obligations consumer reporting
reporting agencies
agencies and offers protections
protcctions for personal
58
credit information.
credit information.''5 For example,
example, the FCRA grants individuals
individuals the right to
request a copy of their
request their credit
credit report, limits the purposes
purposes for whichwhich a credit
report
report can be uscd ,59 and obligates
used,5* obligates agencies
agencies to correct information. 60
correct errant information.60
The Health
Health lnformation
Information Portability
Portability and Accountability
Accountability Act (HIPAA)(HIPAA)
governs how
governs doctors and medical
how doctors medica! services
services must
mu t protect the data of their
61
patients. HJPAA
patients.6' HIPAA mandated
mandated that the Secretary
Secreta1y of Health and Human Services Services
(HHS) promulgate
(HHS) promulgate rules for certain
certain health information
infonnation controlled
controlled by providers,
providers ,
54. See GAO Information

/11/ormatio11Resellers. supra note 39, at 3-4.
Resellers, supra
55. See sources cited in supra notes 2-3.
56. See, e.g., DANIEL
See, D ANIEL J. J . SOLOVE
SOLOVE & & PAUL
P AUL H H.. SCHWARTZ,
S CIIWARTZ, INFORMATION
l NFORMAT ION PRIVACY
PR! VACY LAWL AW
790-98 (5th ed. 2015)
790-98 20 15) (describing
(describing the various privacy laws that regulate regulare distinct
distinct sectors
sec tor s of U.S.
industry); Omer
industry); Omer Tene, Primcy Law's Midlife Crisis:
Tcne, Privacy Crisis: A Critical Assessme111oo/f The Second
Critica/ Assessment Seco11dWaveWm•e ooff
Gloha/ Privacy Laws, 74 O
Global Üll!O
h io SST.
t .L J . 1217,1217
L.J. 1217, 12 17 (2013).
(20 13).
57 .
57. U.S.C. § 222 (2012).
47 U.S.C. (20 12). This
Thi~ prohibition
prohibition exists notwithstanding
notwithstanding the recent law law that
set aside
aside the FCC’s
FCC's October
Octobcr 2016
2016 rule, which would would havehavc prevented
prcvcntcd ISPs from sellingsclli ng a consumer’s
cons um cr"s data
with out their
their opt-in
opt-in permission.
permission. See Alex Johnson, Tm111pSigns Measure To Let
Johnson . Trump let ISPs
ISPs Sell
Sel/ Your
Your Data
Data
Wi1hout Consent,
Without Co11se111, NBC News (Apr. (Apr. 3, 2017), 2017). http://www.nbcnews.com/news/us-news/trump-signs-
hnp: // www.nbcncws.com /ncws /us-news /trump -signs-
measurc-let-isps-scll-yo ur-data-without-consent-n7423 16 (referring
measure-let-isps-sell-your-data-without-consent-n7423I6 (rcferring to S J. Res.
S.J. 34, 115th Cong
Res . 34. Cong.
(2017)).
(2017)).
58. See Fair Cred it Reporting Act.
Fair Credit Acr. Pub. L. No. o. 91-508,
91-508. § 601,
60 1, 84 Stat. 1114. 1128
(1970) (codified as amended
(1970) (codified ame nded in scattcrcd
scattered sections
sec tions of 15 15 U.S.C.).
U.S.C.).
59. See 15
l5 U.S.C.
U.S.C.§§ 1681b168 1b (2012).
(20 12).
60. See, e.g.,
e.g .. FCRA
FCRA SummaryS11111111ary oo/f Rights,
Righrs, EQUIFAX
EQUIFA X (last visited
visitcd Feb. 18, 18, 2017),
20 17).
http://www.equ
http://www ifax .com/pri
.equifax .com/pri vacy/fcra.
vacy/fcra.
6 1. See Hea
61. lth Information
Health lnformation Portability
Po11ability and Accountability
Accountability Act, Pub.Pub . L. No. 104-191,
110 Stat. 1936
1936 (1996)
( 1996) (codified
(cod ified as amended
ame nded in scattered
sca ttercd sections
sec tions of 26, 29 &
of26, & 42 U.S.C.).
U.S.C.).
676
676
A New
New Privacy
Privacy Harm
Harm
62
health care plans,
hcalth plans, and clearinghouses.'1
clearinghouses. ' The HHS privacy privacy rule aims aims to
safeguard ali
safeguard all “protected health information”—
"protected health individually identifiable
information "- individually identifiable
information,
infonnation, including demographic data,
including demographic data , and information rclating to a
information relating
patient’s
patient 's medical
medica! background
background and care—that
care-that these thesc entities privacy
entities hold. The privacy
rule establishes
rule establishes a set of national
national standards
standards for protecting
protecting patient
patient information
information, ,
63
including setting
including setting standards
standards for sufficiently
sufficiently dc-identified data. 3
de-identified data.'1
The Gramm-Leach-Bliley
Thc Gramm-Leach-Bliley Act (GBLA) (GBLA) and the Family Educational Rights
Family Educational Rights
and Privacy
Privacy Act (FERPA) (FERP A) regulate
regula te the financial
financia[ and education services,
education services,
64
respectively.
respectively. FERPA FERPA bars disclosure
disclosure of students’ cducational rccords.
students' educational records.1'4 The
GLBA requires that covered
GLBA rcquires financial services
covered financia! entities give notice
services entities notice of their
privacy practices,
privacy secure custorner
practices , securc customer records
records,, and provide right for consumers
provide a right consumers
65
to opt out of of data sharing with third parties.65
sharing with parties.
A particularly important piece of legislation
particularly important legislation to this Note’s
tbis Note inquiry is the
's inquiry
66
Stored Communications
Stored Communications Act (SCA),66
(SCA), passed
passed by Congress
Congress as of the
part of
67
Electronic Communications
Electronic Communications PrivacyPrivacy Act of of 1986 (ECPA).67
(ECPA). The SCA prohibits
prohibits
electronic communications
electronic communications providers disclosing digital
providers from disclosing digital communications
communications
nongovernmental entities
to nongovernmental entities without
without the consent
consent of the message’s originator or
message 's originator
•· ·
■ . 668
8
recipient.
rec1p1ent.
However, the
However, adequacy of existing
tbe adequacy federal statutory
existing federal statutory protections should not
protections should
69
be overstated
overstated and many scholars scholars have questioned
questioned their efficacy.
fundamental efficacy.69
their fundamental
A common
common critiquecritique is that these statutcs
statutes protect
protect particular channels of
particular channels of data
flow,
flow , rather
rather than certain
certain data types or data that tbat may be relevant
relevant to certain
certain
recognized private
recognized private interests.70
7
interests. For °
For example, Rebecca Lipman
example, Rcbecca Lipman describes
describes how
HIPAA does not apply
HIPAA apply to health data that is generated generated by FitBits, Google
FitBits, Google
Searches, Apple
Searches, Apple Watches , Watches, or other devices
other dcvices that comprise
comprise the Internet
Internet of
71
Things.71 Similarly, FERPA A does not impose
impose rules commercial
rules on the data that commercial
Things. Similarly, FERP
studying
studying applications
applications collect,
collect, which
which allows
allows companies
companies to make make “consequential
"co nsequential
62. See 42 U.S.C. § 1320(d)(2)

1320(d)(2) (2012).
63. See HIPAA
HfPAA Privacy Rule, 45 C.F.R. pt. 164.5 164.514(b)-(c) III.
i11.fraPart III.
14(b)-(c) (2002); infra
64. See Family Educational Rights and Privacy Act, 20 U.S.C. § 1232g (2012). (2012) .
65.
65 . See Gramm-Leach-Bliley Act,Pub. Act,Pub. L. No. 106-102, 113 Stat. 1338 (1999)
106- 102, 113
amended in scattered sections of 12 & 15 U.S.C.)
(codified as amcnded U.S.C.);; Chris Hoofnagle, Co111parative Swdy on
Comparative Study
Different
Di.ffere 111Approaches
Approaches to New Ne1v Privacy
Privacy Challenges, Particular in the Lighl
Chal/e nges, in Particular o f Technological
Light of Technological
Developments,
Developments , 8-1 B-l The United
U11i1edStates o f America,
States of America, EUR. COMMISSION:
EUR. COMMISSION: ÜIRECTORATE-GENERAL
DIRECTORATE-GENERAL JUST.. JUST.,
FREEDOM
FREEDOM & SECURITY
SECURITY 3 (May 2010), http://ec.europa.eu/justice/data-
protection/document/studies/files/new_privacy_challenges/final_report_country
protection/document/stud ies/fi les/new_privacy_challenges/fi nal_report_co untry_repo1t_b 1_usa .pdf.
_report_bl_usa.pdf.
66. 18
18 U.S.C.
U.S.C. §§2701-12(2012).
§§ 270 1- 12 (20 12).
67. Pub. L. No. 99-50899-508., 100
100 Stat. 1848 ((1986)
1986) (codified as amended in scattered
sections of 1818 U.S.C.).
U .S.C.).
68. 18 U.S.C. § 2702 (2012).
See 18
69. See,, e.g
See e.g.,., Tene,s11pra note 56, ar
Tene, supra nore at 1217 (“At bcst,
1217 (''Ar the current framework strains to
best, rhe
keep up with new developments; at worst, it has become irrelevant.”).irrelevant.").
70. e.g., Ohm, supra
See, e.g., supra note 16. 1191.
16, at 1191.
71. Lipman, supra supra note 12, at 788;7 8: id. at 803 (describing the growing number of
devices and household appliances that are connected to ro the intcrnet
internet for the purposes of convenient
remote
remole control, efficiency, and data tracking).
control, energy efficiency.
677
677
Y ale Journal
72
inferences" about
inferences” about “a "a child’s
child's intelligence
intelligence or interests.”72
intercsts." Paul Ohm notes notes how
GLBA only applies
the GLBA applies to a narrow
narrow subset
subset of of entities
entities that arc are defincd by the
defined
73
statute
statute as "financia! institution[s]." 7 Congress
“financial institution[s].”7 Congress has also relaxed relaxed certain
certain
restrictions that would
restrictions would otherwise
otherwise protect
protect certain
certain types of digitaldigital data. Ohm
notes how the Video Video Privacy Protection Act (VPPA),
Privacy Protection (VPPA), passed
passed by Congress
Congress after
after
a reporter publicized Judge
reporter publicized Judge Robert
Robert Bork's
Bork’s video
video rental
renta) records
records during
during his
Supreme Court
Supreme Court confirmation
confirmation hearings,
hearings, was amended
amended so as not to apply apply to
online video streaming after
online video streaming after Netflix
Netflix waged
waged a lengthy
lengthy campaign
campaign to relax
· 74
protect1ons.
protections.74
general rule, statutes
As a general statutes do not prevent
prevent brokers
brokers from buyingbuying and selling
selling
an enormous
enormous amountamount of of information,
infonnation, digitally
digitally produced
produced by consumers,
consumers, relating
rclating
their health
to their health and physiology,
physiology , cognitive
cognitive abilities,
abilities, interests,
interests, purchases,
purchases , wealth,
wealth,
compulsions, and social networks.
compulsions, networks. Two noteworthy
notcworthy exceptions
exceptions to this trend are
75
(flawed ) SCA and (far stronger)
the (flawed75) stronger) Children’s
Children 's Online Privacy Act
Online Privacy
76
(COPPA) . Despite
(COPPA).7'' dcscribing an outdated
Despite describing outdated technical
technical reality,
reality, courts
courts have
:ntcrpreted
interpreted the thc SCA to protect certain
protect certain digital
digital communications
communications that tbat many
many
77
applications cannot
applications cannot sell
se ll to third parties.'7
parties. The SCA, however, however, does not extend extend
social media
to social media posting
posting or comments,
commcnts, and its language—passed
languagc - passed in 1986 as part
Electronic Communications
of the Electronic Communications Privacy Act—no longer
Privacy Act-no longer coheres
coheres in today’s
today 's
technological environment. 785 In contrast,
technological environment. contrast, COPPA
COPPA provides
provides robust
robust protection
protection of
the privacy
privacy of minors.minors. Ohm notes note s how COPPACOPPA “applies
"a pplies broadly
broadly to any
'operators of
‘operators of websites
websites and onlineonline services,’
services,' without
without further limitation," 79 and
further limitation,”79
the FTC has made made clear
clear that this definition
definition expands
expands as technology
technology changes
changes to
c:over mobile
mobile apps, browser 80
cover browser plug ins, and third-party
third-party networks.80
networks. These Tbese narrow
narrow
cxccptions notwithstanding,
exceptions notwithstanding, CongressCongrcss has passed passcd no statutestatutc that imposes
imposes
checks on, or regulation
checks regulation of, data brokerbroker activity.
activity.
State legislation
State Iegislation similarly
similarly provides
provides few checks checks on broker broker activity.
act1v1ty.
California has moved
California moved to expandexpand privacy
privacy protections
protections more than any other other state,
but its regulations generally do not reach
regulations generally reach data brokers.
brokers. California
California has passedpassed
legislation that (1)
legislation ( J) expands
expands the SCA to prohibit prohibit employers
employers from looking looking at the
72. Id.
73. Ohm,Ohm.suprasupra note 16, at 1190 n.362.
16,at
74. Id. at 1140. 1140.
75. See Orin S. Kerr, Kerr. A User's GuideCuide to the Stored Communications
Commw1icatio11sAct,
Act. and a
Lcgislator's Guide
Legislator's Cuide to Amending
A111e11di11g I! , 72 GEO.
It, WASII. L. R
GEO. WASH. ev . 1208 (2004);
REY. (2004): see also
a/so Matter
Matter of Warrant
Warrant To
Search a Certain
Certain E-Mail Account
Account Controlled
Controlled and Maintained
Maintained by Microsoft
Microsoft Corporation,
Corporation, 829 F.3d
F.3d 197
(2j Cir.
(2d Cir.2016)
2016) (Lynch, J .. concurring)
(Lynch, J.. concurring) (pointing
(pointing to Ken’s
Kerr"s critiques
critiques from more than twelve
twelve years prior as
evidence of pressing need for Congress
evidence Congress to revisit
rcvisit the statute).
statutc).
76. See Child
Child Online Privacy Protection
Protection Act of 1998, 1998. Pub. L. No. 105-277.
IOS-277. 112 Stat
Stat.
2681-728, IS U.S.C. §§ 6501-06.
2681-728,15 6501-06.
77. See, e.g.,
e.g., Crispin
Crispin v. Christian
Christian Audigier,
Audigier. Inc.,
lnc ., 717 F. Supp. 2d 965 (2010).
78. See 18 18 U.S.C.
U .S.C. § 2702 (2012) (distinguishing
(distinguishing entities
cntities that provide “electronic
"elcctronic
co11munications services”
communications scrvices" (ECS) and “remote·'remote communications
communications services”
scrvices·· (RCS));
(RCS)); Ken,
Kerr , supra note 75;
inJi·aPart VI.
infra
79. Ohm,Ohm,ssupraupranote
note 16, at 1192
16.at (quoting COPPA).
1192(quotingCOPPA).
80. 16 C.F.R. pt. 312.
16C.F.R.pt.312.
678
A New Privacy Harm
Ncw Privacy Harm
private social networks

prívate social networks ofof employees
employees and and prospective
prospective employees (which <loes
employees (which does
81
not apply
apply to data brokers),8
data brokers) , 1 (2) requires
requircs businesses
busines ses that
that collect personally
collect personally
identifiable
information to prominently
prominently display
display their privacy policy
thcir privacy (which
policy (which
2
applies
applies to datadata brokers)82
brokcrs)8 and (3) requires
rcquires companies disclose what
companies to disclose what
information
information they share with
they share with other
other companies
companies for marketing
marketing purposes (which
purposes (which
83
does not).8'
<loes not). Additionally,, scholars
Additionally scholars note that, outside of
that, outside of California, othcr state
California , other state
legislatures thus
legislatures thus far
far avoided imposing new regulations
avoided imposing regulations on the data broker
data broker
. d 84
industry.84
In ustry.
B. Judicial Priva cy Prot

Limitationss on Privacy
Judicial Limitation ection
Protection
Absent statutes
Abscnt statutes,, courts
courts provide
provide little protection from
little protection from possible abuses that
possible abuses
may
may arise from the commoditization
arise from commoditization of of data. For the past
data. For fifty years,
past fifty years , courts
courts
have recognized
have recognized four four privacy
privacy torts:
torts: intrusion,
intrusion, public
public disclosure
disclosurc ofof private facts,,
prívate facts
85
false light,
false and appropriation.8'
light , and appropriation . Of Of the fourfour,, relational
relational control
control most directly
most directly
implicates
implicates the intrusion
intrusion tort,tort , as a purcha
purchaser attempts to gain acce
ser attempts access prívate
ss to private
information
information by purchasing
purchasing another’s data. The
another's data. The Sccond
Second Restatement
Restatement of Torts
Torts
defines
defines the intrusion
intrusion tort as: “One " One who intentionally intrudes
who intentionally physically or
intrudes,, physically
otherwise,
otherwis e, uponupon the solitude
solitude or seclusion
seclusion of another or his private
of another affairs or
prívate affairs
concerns,, is subject
concerns subject to liability
liability to the otherother forfor invasion
inva sion of privacy , if
of his privacy, if the
86
intrusion
intrusion would
would be hig highly offensivee to a reasonable
hly ojf'ensiv reasonable person.”86
pcrson."
In addition
1□ addition to showing
showing that data transaction
that a data constitutes an intrusion
transaction constitutes intrusion upon
upon
one’s
one ' s seclusion
seclusion (or(or satisfies
satisfies a statutory
statutory hook, like the FCRA),
hook, like FCRA), a plaintiff must
plaintiff must
also demonstrate
also demonstrate that that the harm
harm satisfies
satisfies Article
Article IlJ III standing
standing requirements.
requirements. To
show standing
show standing,, a plaintiff
plaintiff must
must demonstrate
demonstrate (1) ( 1) an injury-in-fact
injury-in -fact that is concrete
concrete
8 1. California Social Media Privacy Act of 2012, CAL.

2012, C LAB.
al. L CODE§ 980 (West 2012).
a b . CODE
82. Ca l. C
CAL. iv . C ode
CIV.C 1798.83{b)(2
ODE§§ 1798.83(b) 006).
(2006).
83. C a l. C
CAL. 1798.83(a)( l), (e)(6)(A) (2006); see Lipman,
iv . CODE § 1798.83(a)(1),
Clv 12, at
Lipman. supra note 12.
794.
84.. See, e.g., Danielle Keats Citron, The Privacy Policymaking ooff State
84 SLote Attorneys
General,
General, 9292 NOTRE
NOTRE D ame L.
DAME L. R 8 1O (2016) (highlighting the efforts of former FTC
ev . 747, 810
REY.
general to investigate data brokers under state Unfair
Commissioner Julie Brill to press state attorneys general
statutes). Historically, state legislation has focused on data security
and Deceptive Acts and Practices statutes).
rather than privacy. See, e.g..
e.g., The Vincent R. R. Johnson, Cybersecurity,
Cybersec urity, Ideality
ldentity Thefr, li mits of
Theft, and the Limits of
Tort Liability, 57 S.C. L. REV. 255 (2005) (describing a number of state data security laws and
L. REV.
California’s oft-discussed and widely praised Security Breach Tnformation
highlighting California's Information Act); Ohm, Ohm,
1127 n.3. However, this trend may be shifting, as state legislatures, attorneys
supra note 16, at 1127 general,
attorncys general,
and
and privacy
privacy advocates look to use state power to protect consumer privacy. Golden,
e.g ., Erin Golden,
privacy. See, e.g.,
Minnesota
Minn esota Legislature
Legisla111re Pushes Back on 0 11 Internet
/11terne1 Privacy, STAR TRIB
Privacy , STAR UNE (Mar. 30, 2017),
TRIBUNE
http://www.startribune.com/ininnesota-legislature-pushes-back-on-internet-privacy/417670943;
http://www.startribune.com/min nesota-legislature-pushes-back-on-internet-privacy/417670943; Press
Press
Release,
Relcase , Maura Healey, AllAttorney
om ey General ooff Massac husetts, AG Reaches Se11/
Massachusetts, e111
Settlement wi1h Ad
e111with verlising
Advertising
Company Prohibi1ing
Prohibiting 'Geofencing' Around Massach11
'Geofe11ci11g' Aro1111d Massachusetts fl ealthcare Fac
se11s Healthcare ililies (Apr. 44,, 2017).
Facilities 2017),
http://www.mass.gov/ago/news-and-updates/press-releases/2017/2017-04-04-copley-advertising-
http://www.mass .gov/ago/ncws-and-updates/press-relea es/20l7 /2017-04-04-coplcy-advertising-
geofencing.html.
85. Prosser , Privacy, 48 C
85. See, e.g., William L. Prosser, CAL.
a l. L REV.
L..R ( 1960).
ev . 383, 389 (1960).
86. R estatement
RESTATE MENT (S (SECON
econd D)) of 6528 (AM.
TortsS § 652B
OF TORT Law I[NS
(A m . LAW n stT.. 1977) (emphasis
added).
679
679
Yale Journal
Vol.34,2017
particularized, 87 (2) “fairly

and particularized, "fai rly traceable
traceable to the challenged
challenged conduct
conduct of the
defendant, and (3) likely to be redressed
defendant, redressed by a favorable
favorable judicial decision." 88
judicial decision.”88
These twin standing
These standing and tort requirements
requirements have led courts to reject most
privacy claims
privacy claims that challenge
challenge the sale of information.
infonnation.
In Shibley
Shibley v. Time, Inc., !ne., an Ohio
Ohio court
court dismissed
dismissed a plaintiffs
plaintiff's suit against
against
magazine publishers
magazine publishers that sold subscription
subscription requests advertisers. 89
requests to direct mail advertisers.89
court held that although
The court although the purchasers
purchasers of the lists couldcould learn
lcam about the
plaintiff's lifestyle,
plaintiff s lifestyle, the sale of lists would would not “cause
"cause mental suffering,
suffcring, shame
humiliation to a person
or humiliation person of ordinary sensibilities." 90 Similarly,
ordinary sensibilities.”90 Similarly, in Dwyer v.
American Express
American Express Co., an IllinoisIllinois appellate
appellate court rejected
rejected a plaintiffs
plaintiffs privacy
privaey
suit that objected
objected to American Express's sale of consumer
American Express’s consumcr profiles
profiles that were
91
derivcd
derived from their their spending
spending habits.9
babits. 1 The DwyerDwyer court similarly
similarly held that
American Express’s
American Express's sale of of consumer
consumer profiles
profiles did not meetmeet the standards
standards for
one of
of the four
four types of privacy
privacy tort.
torl.
occasion a New
On one occasion New Hampshire
Hampshire court, faced faced with a particularly
particularly grisly
murder,
murder, left the door
door ajar that a data broker
broker might be liable for negligence,
negligenee,
where criminal
where criminal activity could have
activity could have been predicted.
predicted. In Remsburg v. v. Docusearch,
Inc., 92 a New
Inc.,92 Hampshire resident
New Hampshire resident purchased
purchased an acquaintance’s
acquaintance's personal
personal
information from an information
information information brokerbroker in order
order to stalk and ultimately
ultimately murder
murder
particular targeted
her. Due to the particular targeted nature of the New Hampshire Hampshire resident’s
resident's
inquiries, 93 the court
inquiries,93 court found
found that an early data broker broker might be liable for
negligence
negligence if the buyer's manifested
buyer’s manifested activity suggested
activity suggested foreseeable
foreseeable criminal
criminal
misconduct against
misconduct against the target
target ofof his data acquisition.
acquisition. However,
However, the court noted
possibility of this narrow
that the possibility narrow exception
exception runs againstagainst the general
general
presumption that “a
presumption "a private
prívate citizen
citizen has no general
general duty to protect
protect others
otbers from
94
criminal attacks
the criminal attacks of third parties.”94
parties." As a general
general rule, courts have not
restricted the sale of data under
restricted under either
either tort or statutory
statutory law.
C. Agency
C. Agency Regulation ooff Data Transactions
Transactions
In contrast
contrast to the statutory
statutory and judicial
judicial remedies,
remedies, federal agencies
agencies have
proved
proved more responsive
responsive to digital privacy
digital privacy concerns.
concerns. Of recent
recent significance
significance is
:be (now
:he repealed/ 5 2016
(now repealed)b 2016 action
action by the Federal
Federal Communications
Communications Commission
Commission
87. See sources circd in supra note 14

sources cited 14 and accompanying
accompanying text (vacating the thc 9th Circuit
ruling and remanding
remanding because thc the claim failed to satisfy standing
sta nding requirements).
requirements).
88. Spokeo v. Robbins,
Spokeo Robbins, 136 S. Ct. 1540,1547
1540, 1547 (2016).
89. Shibley v. Time,
Shibley Time , Inc..
Inc .. 341 N.E.2d 337 (Ohio App. 1975). 1975).
90. Id. at
ar 339.
91. Dwyerv.Am.ExpressCo
Dwyer v. Am. Express Co.,.. 652652N.E.2d
N.E.2d 1351
1351 (111. App. 1995).
(III.App.1995).
92. 1001 (2003).
816 A.2d 1001
93 . The resident sought
93. sought at different times the date of birth, social security
al different secur ity number,
number. and
addrcss, for one person,
home address, pcrson, and the
thc resident
residenr paid over $200 for the thc information.
information. See id. at
ar 1006-07.
94. Id. at 1006-07; cf.
td. ej. Seinfeld 71ie Finale
EINFELD,. The Fina/e (television
(television broadcast
broadcasr May 14, 14, 1998)
1998)
("You
(“ don ' t have to help anybody!
You don’t That's what this country’s
anybody1That's country", all
ali about!”).
about! ..).
95. See supra note 57.
57 .
680
New Privacy
A New Privacy Harm
Harm
(FCC)
(FCC) to require ISPs to disclose
rcquire ISPs disclose the types of information they collcct
of information collect and gain
96
consumer consent
consumer consent to selsellI their
their data.
data.96 Had gone into effect,
Had it gone privacy rule
effect, the privacy
would have required
would have ISPs to disclose
required ISPs disclose the types
types of information collect,
information that they collect,
97
the purposes
purposes for which
which the data are used, used, and whatwhat information
information they share. 7
they share.9
98
Beyond
Beyond the purview
purview of of ISP regulation,98
regulation, the FTC
FTC has been leading
been the leading
advocate consumer privacy,
advocate for consumer privacy, issuing
issuing overover 170 privacy complaints against
privacy complaints against
99
companies for
cornpanies for privacy
privacy violations.99
violations. The FTC FTC derives
derives its authority from Section
authority frorn Section
5 of
of the
thc Federal
Federal Trade
Tradc Commission
Commission Act Act to prohibit
prohibit “unfair dcceptive acts or
"unfair or deceptive
practices.” 1
ºº
practices." 101' Under
Under this authority,
authority, the FTC targets an array
FTC targets array of commercial
of commercial
privacy practices. For
privacy practices. For example,example, the FTC
FTC entered
entered into a consent
consent decree
decree with
Snapchat after
Snapchat after the agency
agency learned
learned that the company company stored messages
stored messages on its
101
servers,
servers, despite
despite its claims
clairns that those
those messages
rnessages would disappear.'01 As part of
would disappear.
the consent
consent decree,
decree , Snapchat
Snapchat agreed
agreed to submit
submit to twentytwenty years
years of monitoring to
of monitoring
102
ensure it did not deceive
ensure deceive customers.
customers. "L The FTC has entered similar
entered into similar
consent
consent decrees
decrees with
with Facebook,
Facebook, when
when in its early
early days the
tbe company
company did not
103
adhere
adhere to its own own privacy
privacy policies,1 apps
policies, 03 as well as other apps whose privacy
other whose privacy
policies
policics are deceptive opposed to merely
deceptive (as opposed merely vague lawyerly , as is the
vague and lawyerly,
, 104
104
norm).
nonn).
The FTCFTC has also, on occasion,
occasion, moved against data brokers.
moved against 2006, a
brokers. In 2006,
data broker
data broker was
was ordered
ordered to pay civil penalties
penalties after
after the FTC
FTC alleged
alleged that it
96. Brian Fung

Brian Fung & Craig Timberg, Tite
Craig Timbcrg, The FCC Just 111 Sweepi11gNew
s t Passed Sweeping Ne111Rules To
Protect Your Online Onli11ePrivacy,
Privacy, WASH. (Oct. 27, 20
POST (Oct.
WASH. POST 2016), http: // www.washingtonpost.com /news/t he-
16), http://www.washingtonpost.com/news/the-
switch/wp/2016/10/27/the-fcc-just-passed-sweeping-new-rules-to-protect-your-online-privacy/
swi tch/w p/20 16/ I 0/27 /the -fcc- just-pa sse d-sweeping-new-rules-to-protect-your-onl ine-pri vacy/ (“But
(" But the
FCC may have littl
FCC littlee jurisdiction—or
jurisdiction - or appetite—for
appetite - for regulating
regulating the data practices of
data practices of individu
individualal Web
companies; Wheeler has repeatedly
companics; Wheeler repeatedly declined
declined to extend
extend new regulations
regulations to the sector.”).
sector.").
97. Id.
98. Cf. Report and Order
Cj. Repon Order on Remand,
Remand, Declaratory
Declaratory Ruling,
Ruling , and Order,
Order, In the Matter
Matter of
Protecting
Protecting and Promoting
Promoting the Open Open Internet, F.C.C. Red.
Intern et, 30 F.C.C. Red. 5601,5609-10
5601 , 5609-10 (20 (2015)15) (“The Intern et
("The open Internet
rules . ... . apply
rules apply to both both fixed
fixed and mobile
mobile broadband
broadband Internet
Internet access . . . '[B]roadband
service .....
access service Internet
‘[Broadband Internet
access service'
access service’ (BIAS)
(BIAS ) . ... . is defined
defined to be: A mass-market
mass-market retail service by wire or radio
retail scrvice radio that provides
provides
the capabi
capability
lity to transmit
transmit data receive data
data to and receive data from aallli or substantially
substantially ali Internet endpoints.
all Internet endpoints,
including
includin g any capabilities
ca pabiliti es that
that are incidental
incident al to and enable
enable the operation
opcration of the comm communications serv icc,
unicat ions service,
but excluding
exclud ing dial-up Internet access
dial -up Internet access service.
service. This
This term
term also encompasses
encompasses any service service that the
Commission
Commission finds finds to be providing
providing a functional
functional equequivalent
ivalent of the scrviceservice described
describcd in the previousprevious
sentence, or that
sentence, that is used to evade evade the protections
protections set forth
fo1th in this Part.”
Pan. " (emphasis removed)).
(emphasis removed)).
99. Daniel
Daniel JJ.. Solove
Solove & Woodrow Hartzog, The FTC and ihe
Woodrow Hartzog, Common Law of
the New Co111mo11 of
Privacy, 114 COLUM.
Privacy. COLUM.L. L. R 583, 600, 610 (2014).
ev . 583,600,610
REY. (2014).
100. 15
15 U.S.C.
U.S.C. §§ 45, 52 (2012);
(2012); see Andrew Scrwin , The Federal Trade
Andrew Serwin, Commission
Trae/eCommission
and Privacy: Defining
Dejining Enforcement
E11force111e111 and Encouraging
E11co11raging the Adoption Practices , 48 SAN DIEGO
Adoptio11ooff Best Practices, DIEGO L. L.
REV. 809,
REY. 809,8811 11 (2011)
(20 11) (tracing
(tracing the FTC’s
FTC's evolving
evo lvin g role in the enforcement
cnfor cement of consumer protection).
cons um er protection).
101.
1O l. Electronic Privacy
Electronic Privacy Information
lnformation Center,
Center , In re: Snapchat (last
/11 re: (last visited
visited Apr. 1,
2017), http:
2017), http://epic.Org/privacy/intemet/ftc/snapchat/#response.
//e pic.org /privacy / internet / ftc/s napchat /ltresponse.
102. Brett Malina,
Brett Molina, Snapchat Settles Comp/aim with FTC, USA TODA
Se11lesPrivacy Complaint TODAY Y (May
8, 20
2014), http://www.usatoday.com/story/tech/2014/05/08/snapchat-ftc/8853239.
14),http://www.usatoday.co m/story/tec h/20 14/05/08/s napchat -ftc/8853239.
103. Press
Prcss Release,
Release , Federal
Federal Trade
Trade Commission,
Comm ission , Facebook
Facebook Settles
Settles FTC Charges
Charges That It lt
Deceived
Deceivcd Consumers
Consumers by Fai Failing
ling To Keep
Keep Privacy
Privacy Promises
Promises (Nov.
(Nov. 29,29, 20 2011), http: //www.ftc .gov/news-
11), http://www.ftc.gov/news-
events/press-releases/2011/11/facebook-settles-ftc-charges-it-deceived-consumers-failing-keep.
events/press-re leases/201 1/ 1 l /face book-settles-ftc-charge s-it-decei ved-consumers-fai Iing-keep.
104. See FTC Data Brokers, 11pranote 4.
Brokers ,ssupra at 42.
4, at42.
681
Yale
Yale Journal
violated the FCRA

violated FCRA by furnishing
furnishing credit
eredit reports subscribers. 105 More
reports to subscribers.105 More recently,
recently,
in 2015, the FTC charged data broker
FTC charged broker Sequoia
Sequoia One with “knowingly
"knowingly selling
selling the
financia! information
financial information of applicants
applicants for payday
payday loans to a scam operation
operation that
took millions
took millions of dollarsdollars from consumers
consumers by debiting
debiting their
their bank
bank accounts
accounts or
16
charging their
charging their credit
credit cards
cards without
without their consent." º
their consent.”1 06
However, these
However, thcse actions
actions reflect
reflcct the outer
outer bound
bow1d of the FTC’s
FTC's authority
authority to
check
check the activity
activity of data brokers.
data brokers. The FTC may only pursue
FTC pursue action
action against
against (1)
commercial activity
commercial activity that violates
violates existing
existing law, or (2) activity
activity that involves
involves the
07
broker knowingly
broker knowingly facilitating
facilitating crimes.1
crimes. ' 07 The recent
recent FTC brokerbroker report
report
highlights the agency’s
highlights agcncy's limited
limited jurisdictional
jurisdictional reach—the
reach - the FTC can “only"only call for
transparency and accountability,
transparency accountability, they cannot mandate it without
cannot mandate without supporting
supporting
18
legislation."
legislation.” 108º In the case of the sale of consumer
consumer data to otherother consumers,
consumers, the
FTC would not
FTC would authority or justification
not have the authority justiftcation to allege
allege unfair
unfair business
business
practices or any other
practices other statutory
statutory violation
violation
Contractual Restrictions
D. Contractual Restrictions on the Sale ooff Digital Information
Digital Information
obstacle to the selling

One legal obstacle selling of information
information to individuals
individuals stems
stems from
certain contractual
certain contractual agreements
agreements that individual
individual companies
companies may require
require when
when
they sell data
data to brokers.
brokers. The FTC reportreport noted
noted that companies
companies that sell data to
broker "may also prohibit
brokers “may prohibit data
data brokers
brokers from re-using
re-using or re-selling
re-selling data without
without
pennission; decoding
permission; decoding or reverse
reverse engineering
engineering the thc data;”
data;" or require
require “a"a written
written
agreement affinning
agreement affinning that the data broker
broker will only use the data for a specified
specified
1
purpose." 1º099 However,
purpose.” However, state
state and federal
federal statutes
statutes do not require
require these
110
protections , which
protections, which buyers
buyers or sellers
sellers self-impose
sclf-impose on an individual
individual basis.11
basis. 0
III
III.. The Threat
Threat of Relational Control
ofRelational Control
This Part introduces

introduces the concept
concept of relational
relational control
control and explains
explains both (i)
how
how the sale of personal information to individuals
of personal information individuals can be harmful
harmful and (ii) why
the sale of
of consumers’
consumers' data will likely
likely expand
expand in the coming
coming years.
105. Stipulated Final Judgment

Stipulated Judgment and Order Order for Civil Penalties.
Penalties, Permanent
Permanent Injunction,
lnjunction ,
and Other
Other Equitable
Equitable Relief,
Relief , United States v. Choicepoint
Choicepoint Inc.,lnc. , No. l:06-cv-00198-JTC
1:06-cv-00198-JTC (N.D.
(N.O. Ga. Feb.
15, 2006),
15, 2006), http://www.ftc.gov/sites/default/files/documents/cases/2006/01/stipfinaljudgement.pdf.
http://www.ftc.gov/si tes/defau lt/fi les/doc uments /cases/20 06/0 1/sti ptinalj udgement .pdf.
106. Staff. FTC Cites 2015
CQ Roll Call Staff, 2015 Successes
Successes in Privacy,
P1fracy, Data Security
Security Actions.
Actions,
2016 WL 2759289
2759289 (Apr. 6,2016).
6, 2016).
107.
107. Cf. Lipman,
C/. Lipman, supra
suprn note
note 12,
12, at
at 790 (“If
("Jf users do not
not do their homework
homework on what
information their
information thcir apps are collecting
collccting about them,
them , and the app makers
makers are not foolish enough
enough to outright
lie about
about what they are doing, doing. the FTC’s
FTC's ability to control how companies
companies share
sharc our data is very
limitcd.'').
limited.”).
108. Id. at 789 (emphasis
(cmphasis removed).
removed).
109. Brokers, supra note 4, at 17.
See FTC Data Brokers, 17. For
Far more on how these contractual
contractual
prnvisions could be useful
provisions use ful hooks to prevent
prevent relational
relational control,
control, see
sec infra Part V.
110. Emily Steel, Disparate NeMork o0JC0111panies
Disparate Network f Companies Is Difficult
Dijficult To Bring to Heel.
Nee/. FIN.
FIN.
Ttvms
T im es (June 12, 2013, 2013, 8:118: 11 PM), http.7/www.ft.com/intl/cms/s/0/a0cb7b5e-d343-lle2-b3ff-
http ://www.ft.co m/intl/cms/s/0/aOcb7b5e-d343- I Ie2-b3ff-
00144feab7de.html.
00144feab7de .html.
682
682
New Privacy
A New Privacy Harm
Harm
There may be legitimate

There legitimate reasons
reaso ns why a person would want
person would records
want to buy records
another’s digital
of another's digital activity,
activity, whether
whether to use as a screening mechanism or to
screening mechanism
increase transparency.
increase transparency . However,
However , these possible benefits are not central
possible benefits central to this
Note’s
Note 's inquiry. This Note
inquiry. This Note highlight
highlightss a particular
particular problem—relational control -
problem - relational control—
that may accompany
accompany the sale
sa le of consumer
consumer data
data to individual
individual buyer
buyers.s.
The premise of relational
premi se of relational control
control proceeds assumptions . First,
proceed s from two assumptions. First,
certain informational
certain informational advantages
advantages have powerful
powerful effects members of
among members
effects among of the
same social
socia l or professional
professional network.
network . Second,
Second , these types of information eitber
information either
111
are
are 111 or will soon be avaavailable
ilable for lega
legall purchase.
purchase.
Informational Asymmetries as Tools far

A. Informational Social Influ
fo r Social ence
Influence
Information drives
Information human society.
driv es human society. The need for information information is why
112
intelligence gathering
intelligence gathering is an essential
essential tool
too! of statecraft.11-
statecraft. Even
Even outside of the
national security realm,
national security realm , however,
however , all
ali human actions are influenced
human actions influenced by a wide
array of factors
factors and variables,
variables, many of of which
which are arc indiscernible
indiscernible to both the
113
decision
deci maker and observer.11’
sion maker observer. Nevertheless,
Neverthel ess, the individual ca
tbe more an individual cann
access
access relevant
relevant data,
data , the more easily
easily that individual actions of
predict the actions
individual can predict
another
another person or group.
Not ali
Not all information
inforn1ation is useful.
useful. A link to a person’s Facebook page or public
person 's Facebook
Twitter profile
Twitter profile may not prov provide
ide hidden
hidd en behavioral opportunity to
insights or the opportunity
behavioral insights
114
influence
influ However,, information
encc . 114 However information that reveals
reveals a person's
person’s private activity can
prívate activity
help explain
explain that person’s
person 's interests
interests and observable
observable behaviors. ctment
behaviors. In the current
digital climate, myriad
digital c limate , myriad data types
types can provide
provide insights about the se
these private
dynamics.
dyn amic s.
In the aggregate,
aggregate, social network
network data can revea! “underlying social
reveal the "underlying social
processes
proces ses that drive network
network dynamics,
dynamics , such as the tendency rcciprocity ,
tendency for reciprocity,
115
transitivity,
tran sitivity , or the need for group group balance
balance .."” 1b A specific person 's social
specific person’s social
111.
111. ThereTh ere are no 110confirmed
confirm ed reports
reports in the UnitedU11 ited States
States of user
sellin g user
of brokers selling
purchase
purchase history,
hi story , browsing
browsi11gdata, or other sensitive i11formati on to individual
sensiti ve information consumcrs.
indi vidual consumers.
112. See, e.g., SUN SUN Tzu,Tzu, THE THE ART OF OF W WAR (Lionel
ar (Lio 19 10),
tra11s., 1910),
nel Giles, trans.,
http://classics.mit.edu/Tzu/artwar.html
http://classics.mit.edurrzu /artwar. html (“Hence (" Hence the saying: If you k11ow know the enemy and yourself ,
k11owyourself,
and know
you need
need not fear the result of a hundred battles. If l f you know yourself
yourself but not 1101the enemy, for every
victory
victory gained you will will also suffer
suffer a defeat. If lf you know neither yourself,, you will
11eithcrthe enemy nor yourself will
succumb in evcryevery battle.”).
battle.").
113. See, e.g.,
e .g., KATHLEEN
KATHLEEN M. GALOTTI, MAKING DEC1S10NS
MAKlNG DECISIONS MATTER: HOW
THAT MATTER: How
P eople F
PEOPLE ace Important
FACE MPORTANTL FE C
LIife hoices 67 {2005)
CHOICES (2005) (“People
{'' People do not havehavc direct introspective access to
intro specti ve access
manyy of
man of their higher order cognitive
cognitive processes.
processes. That is, they don't don ' t always know why they feel or think think
the way that they do.”) do.") (internal
(interna ! reference omitted);
reference omi ttcd); Ci Cindy
ndy Dietrich, Decision Making:
Di etri ch. Decision Making: Factors that
Influence Decision
lnf/uence Decision Making
Making,, Heuristics Used, and Decision Outcomes,
ll euristics Used, Outcomes , 2 INQUIRIES
1 QUIRIESJ. J. 1-2 (2010)
(20 10)
(surveying
(survey ing psychological research on human
psychological research human decision making). making) .
114.
114 . But see Ashley Feinberg, This Is Almosr
B111 Almost Certainly James Comey Comey's T,vitter
's Twitter
Account,
Account , GlZMODO
GIZMODO(Mar. 30, 20 2017). http://gizmodo.com/t his-is-almost-ccrtai11ly-j ames-comey-s-tw i1ter-
17), http://gizmodo.com/this-is-almost-certainly-james-comey-s-twitter-
- l 79384364 1.
account-1793843641.
accou11t
115. Arun Sundararajan
Sundararajan et al., Research Research Commentary, lnformation in Digital,
Commentary, Information
Economic,
Economic, a11d and Soc
Social ,vorks , 24 INFO.
Networks,
ial Net INFO.SYS. 883 , 895(20
SYS. RES. 883,895 13).
(2013).
683
Y ale Journal
network data can similarly

network similarly map that person’s interactions 116-co nversations ,
person 's interactions"6—conversations,
117
rivalries, romantic
rivalries, romantic interests,
interests, and bitter pasts."'
pasts. An individual’s
individual 's browsing
browsing data
can revcal
reveal what causescauses that person
person to feel joyful
joyful or stressed,
stressed, as well as what
person reads,
that person reads, watches,
watches, plays,
plays , or listens
listens to for information,
information, levity,
levity , and
118
distraction. These
distraction. These data capture
capture compulsions,
compulsions, neuroses,
neuroses , and lusts,1
lusts, 18 and help
119
revea! personality
reveal personality flaws and strengths."4
strengths. Biometric data provide
Biometric provide even more
granularity: wearable technology
granularity: wearable technology can capture capture sleep cycles,cycles, the frequency
frequency of
sexual activity,
sexual activity, exercise
exercise patterns,
pattems, and heart
heart rate responses
responses over time—atime-a record
peoplc 's bodies
of how people’s bodies respond
respond to the joys, joys, frustrations,
frustrations, curiosities,
curiosities, and
. . of
mmuttae
minutiae o fdday-to-day ¡·e
ay-to- d ay life.1
11e.120
20
While the effects
While effect of covert
covert access
aecess to these thcse data types has not yet been
studied, scholars have
studied, scholars havc explored
explored how someonesomeone with a favorable favorable access
access to
information advantaged in a variety
information are advantaged variety of contexts. Researchers studicd
eontexts. Rescarchcrs studied email
traffic in a recruiting
traffic recruiting firm, finding
finding that “access
"access to information
information strongly
strongly predicts
predicts
the number
number of projects
projects completed
completed by each individual
individual and the thc amount
amount of revenue
revcnue
that person generates." "1211 Information
person generates.” Information accessacccss can also provide provide means
means to
devclop
develop productive
productive relationships.
relationships. In experiments
experiments that simulated
simulated
communication between
communications between negotiators,
negotiators, researchers
researchers found that bargainers bargaincrs used
"informat ional and relational
"informational relational messages
mcssages to establish
cstablish a positive
positivc social tenor
tenor in the
thc
interaction," which
interaction,” which facilitated
facilitated more efficient negotiations. 122
efficient negotiations.1 22 Scholarship
Scholarship has
also explored
explored how informational
informational asymmetries
asymmctries provide provide advantages
advantages that can
un d ermme
undermine e f...:
. efficiency .
11c1ency m
in mar kets 123
. markets1 an d influence
23 and . fl uence both
111 . hi ps 124
bot 11 peer relationships1
re 1at1ons an d
24 and
125
broader social
broader social networks.1
nctworks . 25
116. See, e.g., Jure Leskovec,

See, Circ/es: Facebook
Le,kovec, Social Circles: Facebook (last visited Feb. 18. 2017), 2017).
http://s
http nap.stanford.edu/data/egonets
://snap .Stanford .edu/data/egonets-Facebook
-Facebook .htm I. 1.
117. Grcgory Ferenstein,
Gregory Predicting Love
Ferenstein , Predicting Love and Breakups
Breakups with with Facebook
Facebook Data,
Data,
1ECIICRU
TEC hC runch CH (Feb. 14, 2014),
2014) , http://techcrunch.com/2014/02/14/facebook-love-data/.
http://techcrunch.com /2014/02/14/facebook-love-data/.
118.
118. See, e.g., Wolfie Christl & & Sarah Spiekermann, Networks ooff Control:
Spiekermann. Networks Control: AA Report
on
0 •1 Corporate Surveillance,
Corporate S11rvei/la11ce, Digital
Digital Tracking,
Tracking, Big Big Data
Data & & Privacy
Privacy 12-17 (2016), (2016),
h:tp://www .pri vacy lab.at/wp-contcnt/uploads /20 16/09/Christl-Networks _ K_o. pdf.
h:tp://www.privacylab.at/wp-content/upIoads/2016/09/Christl-Networks_K_o.pdf.
119. Jones , 565 U.S. 400,
Cf. United States v. Jones, 400,415
415 (2012) (Sotomayor.
(So tomay or, J., concurring)
concurrin g)
(::.rguing that access
(arguing access to GPS data enabled cnabled the state to learn of any citizen’s
citizen', “trips
"trips to the psychiatrist,
p,ychiatrist, the
pp.astic surgeon, the
astic surgeon, lhe abortion
abortion clinic,
clinic, the AIDS treatment
treatment center,
center, the strip club, the criminal
criminal defense
defense
attorncy, the by-the-hour
attorney, by-the-hour motel,
motel , the
rhe union meeting,
meeting. the mosque,
mosque, synagogue
synagogue or church,
church. the gay bar and
on and on” on" (internal
(interna ! citations
citations omitted)).
omitted)).
120.
120. See, e.g., Sarah Kellogg,
See, E1•ery Breath
Kellogg. Every Breath YouYou Take:
Take: Data
Data Privacy
Privacy and
ami Your
Your
Wearable Fitness
Wearable Fitness Device,
Device. 72 J. Mo. B. B. 76 (2016).
76(2016).
12 l.
121. Ara! et al„
Sinan Aral Productivity Effects
al., Productivity Effects ooff Information
!11J
or111atio11 Dijf11sio11
Diffusion in
in Networks
Nerworks I1
(MIT Sloan Sch. of Mgmt. Working
Working Paper No. 4683-08,
4683-08, 2007),
http: //dspacc.mit.edu/bitstrcam/handle/l 721. I /65404/SSRN-id I085354.pdf.
http://dspace.mit.edu/bitstrcam/handle/1721,1/65404/SSRN-id 1085'.l54.pdf.
122. Joydecp Srivastava &
Joydeep Srivastava & Dipankar
Dipankar Charkravarti, Channe/ Negotiations
Charkravarti, Channel Negotiations withll'ith
btfor111atio11
Information Asy111111erries:
Asymmetries: Co11ti11ge111
Contingent !11jlue11ceo0JC01111111111icatio11
Influence f Communication and a11dTrustworthiness
Trus1worthi11ess Reputations.
Reputations. 46
J. MMARKETI
arketing R es . 557 (2009).
GRES.
123. See, ee.g
See, g .,.• Antonio
Antonio Cabrales
Cabrales et el a].. llidden Information.
al.. Hidden !11for111atio11, Bargaining Power,
Bargaining Power, anda11d
E[ficiency:an Experiment,
Efficiency: Experi111e11t, 14 EXP. ECON. 133,
14 133. 134 (2011)
(20 11) (describing
(describing how “the "t he theory
thcory of markets
markets with
asymmetric information
asymmetric information has been becn a ‘vital
'vital and lively
livcly field of economic
cconomic research,’"
research:·· which has observed
observed
asymmetric information
"that asymmetric information led to economic
cconomic inefficiency,
inefficiency. and could
could even
e ven destroy
dcstroy an efficient
cfficicnt market"
market"
(irtemal references
(internal references omitted));
omitted)); id. id. at
ar 134-37 (reviewing
(rcviewing existing
exis ting scholarship
scholarship on informational
informational
684
684
A New
New Privacy
Privacy Harm
Harm
This Note’s
Thi s Note opening
's op ening hypothetical
hypothetical illustrates
illustrates how asymmetric access to
asymmetric access
information about another’s habits
information about another ' s habits can change
change the trajectory
trajectory of conversations
conversations,,
affect what
affect what people
people think
think and fcel
feel,, and influence
influence a target’s decisions about
target ' s decisions
whom to hire
whom hire.. This
This is not the only
only possible cxample - an informational
possible example—an informational edge
can givc
give an individual
individual the capacity
capacity to nudge, manipulate , and ultimately
nudge , manipulate, ultimately exert
, , . d . . s. 126
control over another
contro 1over anot her person’s group’ss major
person s or group ec1s10n . 1-6
maJor decisions
Suggestt Private Consumer lnformation

B. Factors that Sugges Information Wilt Availableefor
Will Be Availabl for
Indi vidual Purchase
Individual
Relational control
Rclational control is premised
premi sed on the availability
availability of one’s prívate ,
one ' s private,
127
information being
information being available purchase by individual
available for purchase consumers . ~ This
individual consumers.
128
information
information is already being sold.
already bcing sold.1 2* As previously
previously discussed,
discussed, brokers
brokers in other
countries have
countries have begun selling consumer
begun selling consumer data that was not already publicly
already publicly
129 130
available Little prevents
availablc . 129 Little prevents U.S. brokers
broker s from
from soon doing same.. 130
doing the same
addition,, severa!
In addition several other factorss suggest
other factor information sold
suggest that the types of information
in the incipient
incipient people search market
people search market will increase over the next few years,
incre ase over years ,
further exposing
further exposing consumers
consumers to a relational control threat. These
relational control These factors should
factors should
significant concerns
raise significant concerns for privacy
privacy scholars
scholars,, lawmakers, consumers .
lawmakers , and consumers.
asymmetries
asymmctri cs in business business relationships);
relationship s); JamesJames E. Parco. Parco, Price-Setting
Price -Se1ti11g Power
Power and lnjormatio n
and Information
Asymmetry
Asy 111111etry in Sea
Sealed Bidding,
[ed Biddin g, 27 M MANAGE.
anage . D ecis . E
DECIS. con . 413 (2006).
ECON.413
124.
124 . See, e.g.,
See, e .g ., Cyril Tomkins.
Cyril Tomkin s, Interdependencies,
ln terdep e11de11c ies , Trust
Tm st and Information ation in
lnf or 111
Relationships,
Relationship s, Alliances
Alliances and Networks Networks,, 26 ACCT., ÜRGS. ORGS. & & SOC’Y n.10, 166-67 (2001)
16 1, 166 n.10,
Soc ' Y 161,
(describingg the
(describin the relati
relationship between information
onship bctween access and
infarmati on access and trust
tru st development in social networks, and
the challenges
chall enges posed by infa information asymmetries);
rmati on asymmetri es); Nermin Eyuboglu & Osman Osman A. !11formational
A . Atac, Informational
Power:
Po,ve Means
r: A Mea ns fo r Increased
/11c reased Control in Channels
Channe/s o off Distribution,
Distrib111io11, PSYCHOL. M ARKETING (1991)
PSYCll OL. & MARKETING ( 199 1)
125. See, ee.g.,
See, .g .. Nicoleta
Ni coleta B alau & Sanj
Balau Sonjaa Utz,
Utz, Exposing Information
ln fo rmation Sharing
Sharin g as
as Strategic
B ehavior; Power as
Behavior: as Responsibility
Responsibilit y and "Tru “Trust"
st" Buttons,
Butt ons, 46 J. J. APPLIED
APPLIED Soc. PSYCHOL. 593 (2016);
Soc. PSYCHOL.
Jeong Hwang et al. Information
al.., lnf or111 Asymmetry,
atio11 Asym111 Social
etry , Soc ial Networking
Networ king Site
Sit e Wordof
Wordof Mouth, Mobilityy
Mouth , and Mobilit
Effects 011
E.ffects on Soc
Socialial CoCommerce
mm erce in Korea Korea,, 17 CYBERP B EHAV. &
SYCI-IOL., BEHAV.
CYBERPSYCHOL., & SOCIAL NETWORKING
NETWORKING 117 117
(2014).
(20 14) .
126. Cf.
Cj. R
RICll
ichardARD H.H. T haler & C
THALER ass R. S
CASS SUNSTE
unstein IN,, N udge ; ITMPR
NUDGE: ECISIONS
OVING D ecisions
mproving
A bout
BOUT H EALTH,, W ealth
1-Iealth EALTH,, ANDand H 1-IAPPI NESS(2009) (arguing
appiness (arguin g on 0 11 a macro levelleve) that experts
experts can off er
can offer
certain architectures that drasti
cen ain choice architectures drastically affectt consumer decision
call y affec maki ng).
decision making).
127. While
Wh ile not the the focus
facus of this thi s Note, the thc possibility
possibilit y of individuals
indi vidu als using their
professional roles to secure data on others
profe ssional roles others in their network
network should not be overlook ed, as
be overlooked, employe es at
as employees
both Facebook and the NSA NSA have, in the past, past , used their accessaccess to view the the data others not outside of
data of others
professional interest. See See Bruce Schneier,, Why
Bru ce Schneier Why Uher's
Ube r 's 'God‘God View'
View' Is Creepy,
Creepy, CNN (Dec. 4, 2014),
CN N (Dec.
http://www.cnn.com/2014/12/04/opinion/schneier-uber-privacy-issue/index.html
htt p://w ww .cnn.com/ 20 14/12/04/opini on/schneier-uber-priv acy-issue/ index.html (“In ('' In the early
earl y years
years of
Facebook, employees
Facebook , emplo yees had a master password that enabled them to view vi cw anything
anythin g they wanted in any
account. NSA employees occasionallyy snoop on thcir
empl oyees occasionall their friends
fri ends and
and partners. The agency even
partn ers. The even has name
has a name
for
far it; LOVEINT.”).
it: L OVETNT .").
128.
128 . See GAO Information
See lnf or111ati Resellers,
o11 Rese llers , supra notenote 39, at 3-4 (describing
(describin g public and
publi c and
proprietary
propri etary data flows for people search services in the
fl ows far the United States).
Unit ed States).
129. See
See supra notesnotes 2-3.
130.
130. See ge
generally
nera l/y supra
rnp ra Part 11 II..
685
Vol.34,2017
Expansion of
1. The Expansion ofData
Data (and Data Holders)
Holders)
With each digital advancement

advancement over ovcr the
thc past 30 years—from
years - from internet
intcrnet
acccssible personal
accessible personal computers, smartphoncs, 131
computcrs , to smartphones,1 31 to wearable
wcarable technologies,
technologies,
and now automated assistants 132- both the
automated personal assistants132—both thc type and amount
arnount of data
that consumers
consumers produce has increasedincrcased dramatically.
dramatically. A similar
similar expansion
expansion has
occurred
occurred with rcspect
respect to the number
number of entities—
entities - including
including ISPs, websites,
ISPs , websitcs,
domains, applications,
domains, applications , internet-connected
internet-connectcd devices,
devices, and brokers—that control 133
brokers - that control1 33
34
sell 1 4 this data.
and sell1 data . These trends suggest
suggcst that consumers
consumers mayrnay soon be able
ablc to
purchasc many new
purchase ncw types of personal
personal data.
lnformation Is Cheap
2. Information
brokers make hundreds

While data brokers hundrcds of millions
millions of dollars
dollars in annual
135
revcnues
revenues,, buying personal data in bulk is astonishingly
astonishingly inexpensive.1"
inexpensive. Basic
information about a person’s
information person 's age, gender,
gcndcr, and location
location is worth
worth a mere $0.0005
pcr person. 136 More targeted
per targetcd commercial
commcrcial information—such
information -s uch as persons
pcrsons looking
purchasc a car or a vacation—
to purchase vacation-is is only marginally
marginally more expensive
cxpensive at $0.0021
pcrson . 1377 Marketcrs
per person.1 Marketers will pay $0.11 to know that a woman is pregnant pregnant and
138
sccond trimester.1"
in her second trimester. While the cost of data increases
incrcases with the intimacy
intimacy of
thc infonnation
the information, , the prices pcr person remain
per rernain low—
low-$ $0.26
0.26 per person will buy
access to lists of people with specific health conditions conditions or taking certain
13 1. See GAO Information

131. l11/ormatio11Resellers,
Rese l/ers . supra note 39, at 22.
132 . See, e.g., Ingrid
132. ln grid Lunden,
Lunden , Google
Goog le Assistant,
Assistant, its Al-based
Al-based PersonaI
Perso nal Helper,
He/per, Rolls
Ro/Is
cut
out to Nougat
Nougat and Mar shmallow
Marshmallow 1/andsets.
Handsets, TECIICRUNCH
TECHCRUNCH (Feb.
(Fcb. 26, 2017),
2017),
http://techcrunch .com/2017 /02/26/goog le-assista nt-its-ai-bascd- personal-helper-ro lls-o ut-to-nougat-and-
http://techcrunch.com/2017/02/26/google-assistant-its-ai-based-personal-helper-rolls-out-to-nougat-and-
rnarshmallow-han dsets (describing
marshmallow-handsets (descr ibing the company’s
company's “answer
"a nswe r to Apple’s
Apple 's Siri and Amazon's
Arnazon's Alexa”).
Alexa").
133 . The proliferation
133. prolifcration of data controllers
controllers is modeled
model ed compellingly
compellingly by theDataMap.
theDataMap , a
-esearch project
research project in Harvard
Harva rd University’s
Un iversity"s Data Privacy Lab. See, e.g.. e.g., Survey
Survey oo/f Popular
Pop ular Free Apps,
Apps,
THEDATAMAP
t (accesscd Apr. 18, 2017),
h e D a t a M a p (accessed 2017), http://thedatamap.org/mobile2014/apps.php.
http: //thedatamap.or g/mobile2014 /a pps.php.
134. e.g .. Brian
See, e.g., Bria11Naylor,
Nay /or, Firms Are A re Buying,
Buy ing, Sharing
Shari11g Your Online
011/i11eInfo.
In/o. What
Wltat Can
Ca11
Vou
^ou Do Abou t
About lt ?,
It?, NPR
NPR (July 11,
11, 2016),
2016),
http ://www .npr.or g/sec tions/a lltech considered/ 2016 /07 / l l /48557 1291/finns-are-buying-sharing-your-
http://www.npr.org/sections/alltechconsidered/2016/07/ll/485571291/firms-are-buying-sharing-your-
online-i nfo-what-can-yo u-do-abou t-it (describing
online-info-what-can-you-do-about-it (desc ribin g the observations
observatio ns of former FTC Commissioner
Commissioner JulieJulic
Brill, who noted that companies
Brill, companies the vast amount amo unt of information
infonnati on that companies
co mpan ies shared
sharcd with each
eac h other,
including “what
including "wha t Web pages we visit, where we’re we're shopping,
shopping. whowhu we’re
we're interfacing
intcrfacing with on social
media-ali of that information
media—all information is available
availab le to be collected
co llccrcd by entities
entities that park themselves
themselvcs on the thc various
websites"): Meta S. Brown,
websites”); Brown. When and Where To 7o Buy Consumer
Consu111erData (And 12 Companies
(And 12 Companies Who Sell It), lt) .
FORBES(Sept.
FORBES (Sept. 30,
30. 2015),
2015), http://www.forbes.com/sites/metabrown/2015/09/30/when-and-where-to-buy-
http://www.forbes.com/sitcs/metabrown/20 15/09/30/when-and-whcrc-to-buy-
consumer-data-and- 12-eornpanies-who-sell-it/#6d 19b0e73285:
consumer-data-and-12-companies-who-sell-it/#6d l 9b0c73285: GAO Information
l1,jormati o11Resellers,
Rese llers. supra
supra note
39. at 22-27.
135. See , e.g.,
See, e.g .. Emily Steel,
Stccl. Companies
Companies Scramble
Scra111b/efo Jorr Consumer
Conswner Data,
Data , FIN.
FIN. TtMES
TIMES
(June 12,12. 2013),
2013), http://www.ft.eom/cms/s/0/f0b6edc0-d342-l
http://www.ft.co m/cms/s /0/fUb6edcO-d342-l Ie2-b3ff-00144feab7de.html;
le2-b3ff-00144feab7de.html; Emily Steel, Steel.
Disparate Network
Disparate Netwo rk oojf Companies
Companies Is Difficult
Difficult To BringBrin g to Heel,
/-lee /, FIN. TIMES (June 12, 2013),
FIN. TIMES 2013),
l:ttp://www .ft.com/intl/cms/s/0 /aücb7b5e-d343- I Ie2-b3ff-00l44feab7de.html.
http://www.ft.eom/intl/cms/s/0/a0cb7b5e-d343-l Ie2- b3ff-OOl 44fea b7dc.html.
136. Steel. Financial
Emily Steel. Financia/ Worth
Wonh oo/f Data Comes in at Under a Penny Penny a Piece,
Piece , FIN.
FIN.
TTMES(June
TIMES (Jun e 12,2013),
12.20 13), http://www.ft.eom/intl/cms/s/0/3cb056c6-d343-l
http ://www .ft.co m/ intl/c ms/s/0/3c b056c6- d343- l Ie2-b3ff-00144feab7de.html.
Ie2-b3ff-OO l 44feab7cle.html.
137. Id.
138. Id .
Id.
686
A New
New Privacy
Privacy Harm
Harm
prescriptions.1139
prescriptions. 2*’9 Data
Data marketed
marketed to individuals significantly more
individuals is significantly expensive
more expensive
140
than bulk
bulk data
data purchases.14
purchases. 0 AndAnd while
while the price
price will likely
likely vary depending on
vary depending
whether
whetber the records
records are available
available publicly
publicly or purchased from proprietary
purchased from proprietary
sources,
sources, thus
thus far consumer records of
consumcr records of either
cither type have not been
type have been prohibitively
prohibitively
. "for
expensive
expens1ve .
ior interested
mtereste b uyers. 141
d buyers.1 41
Regulators Facc
3. Regulators Face Economic
Economic and
and Legal
Legal Roadblocks
Roadblocks
As noted
noted in Part II, there
there are fcw
few legal obstacles
obstacles to the purchase
purchase and sale
142
of
of most
most online activity.142 The United
online activity. United States’ scctor-by-sector approach
States' sector-by-sector approach to
privacy
privacy regulation
regulation leaves
leaves few general
general rules governing
governing what peoplc may do with
what people with
a * 143143
data.
data .
This
This legal context
contcxt seems
seems unlikely
unlikely to change soon. Not
change soon. Not only dramatic
only is a dramatic
shift of
sbift of U.S. federal
federal statutory
statutory law unlikely,
unlikely , but data sale is an enormous,
enormous, multi-
multi-
billion-dollar
billion-dollar industry that also provides
industry that provides many
many positive benefits - including
positive benefits—including tbe
the
many free services
many services that are offered online. Any
offered online. Any significant change to U.S
significant change U.S..
privacy law would
privacy implicate nearly
would implicate nearly every
cvery commercial
commercial industry constitute a
industry and constitute
significant
significant departure
departure from longstanding
from longstanding privacy law. Further,
U.S. privacy Further,
constitutional roadblocks may
constitutional roadblocks may stymie
stymie possible
possible interventions. Many First
interventions. Many First
144
Amendment scholars
Amendmcnt scbolars assert assert that data
data sale likely
likely constitutes
constitutes protected
protected speech,1
speech, 44
139. Id.
Id. The Financial
Financia/ Times released released a pricing
pricing calculator
ca lculator for a wide array ar ray of
information
inforrnation about about one’s
one's demographics,
dernographics, property,
property, family information , property,
family and health information, activities, and
prop erty, activities,
consumption
consumpt ion habits.
habits. Selecting
Selecting ali all possible
possible price tags yields roughly a rate of
yields roughly of $4.8449 person. See
$4.8449 per person.
Emily
Enüly Steel et al., at., How Much Is Your Personal Personal Data Worth?. FlN. TIMES
Worth ?, FIN. TIMES (June 12, 2013, 2013, 8:11 PM),
http://www.ft.eom/cms/s/2/927ca86e-d29b-l
http:/ /www.ft.com /cms /s/ 2/92 7ca86e-d29b- l Ie2-88ed-00144feab7de.html.
Ie2-88ed-00 l 44feab 7de.htrnl.
140. For cxarnp
For example, le , Everify.com charges users $$19.95
Everify.co111charges 19.95 for a premiurn
premium searc
search,h, in addition
addition
to a 19.95 monthlyrnonthly flat-usage
flat-u sage rate. See supra note 1. l. Spokeo
Spokeo charges $4.95 per month
charges $4.95 (quota -
rnonth for a (quota-
limited)
lirnited ) search
searc h of information
information that is collected co llccted from publicly publicly available sources . See SPOKEO,
available sources. SPOKEO,
http://www.spokeo.com/purchase
http:/ /www.spokeo.com/purchase?pid=3270475 ?pid=32704751121 I 121&q=Theodore+Rostow&type=name&url=%2FThe
&q=Theodore+Rostow&type=narne&ur1= %2FThe
odore-Rostow%2FTexas%2FSan-Antonio%2Fp32704751121.
odore-Rostow %2 FTexas %2 FSan-Antonio %2Fp32704751 l 2 l .
141. See Personal
Personal Data Data,, supra
supra note 3 (“fT]he ("fTJ he private
private information
information of many citize ns
rnany citizens
cann be freely purchased
ca purchased by stranstrangers
ge rs for just
just 700 yuan,
yuan, or $101$1 OI USD.”);
USO."); Sarkhel Alawadhi, supra
Sarkhel & Alawadhi, supra note
2 ("For anywhere between
("For anywhere between Rs 10,000-15,000
10,000-15,000 Jrough [roughly ly $$150-230 USD], we were offered
150-230 USO], personal data
offered personal
of upto I1 lakh
ofupto lak h [100,000]
[100 ,000] people
people in Bangalore,
Bangalore. Hyderabad
Hyderabad and Delhi.”).Oelhi.").
142. See, e.g., Neal Ungerleider,
Ungerleider, Yes Political Politica l Campaigns
Campaigns Follow Fol/ow Your BrowserBrowser
History,
His101)', F ast C ompany
FASTCOMPA Y (Nov.
(Nov. 5,2013,9:30
5, 2013, 9:30 AM), AM). http://www.fastcompany.com/302l092/yes-political-
http: // www.fastcompany.corn /3021092 /yes- political-
campaigns-follow-your-browser-history ("T
campaigns-follow-your-browser-history (“There
herc are few laws law s preventing marketing firms
preventing marketing working on
finns working
election campaigns
election campaig (or, for that matter,
ns (or, matter. selling
elling laundry)
laundry) from leveraging
leveraging publicly available
publicly avai census and
lable census
voter registration
voter regis tration data and cor correlating
relatin g it with thingsthin gs like, say,, purchased supermarket
like , say loya lty card
supermarket loyalty
analytics.”).
analytics.' ') .
143. See, e.g.,
e .g., GAO Information
Informa/ion Resellers,
Resel/ers, supra note 39, at 22; Data Brokers and
“People
"Peop le Search”
Search" Sites,
Sites, PRIVACY
PRIVACY RTS. CLEARINGHOUSE (Dec.
CLEARINGHOUSE {Dec. 16, 2016),
2016),
http://www.privacyrights.org/content/data-brokers-and-your-privacy
http: // www.privacyrights.org/content/data-brokers-and-your-privacy ("[ Tlh ere are no cu
(“[T]here current federal
rrent federal
laws
law requiring
requiring datadata brokers
brokers to maintain
maintain the privacy
privacy of consumer
co nsumer data unlessunle ss they use that data credit,,
elata for crcdit
employment,
emp loyment , insurance,
insurance, housing,
housing, or other other similar purposes
purposes...... . . No federal provides consumers
federal law provides consumers with
the right to correct inaccuracies in the data
correct inaccuracies data or assumptions
assumptions made brokers.” (internal
rnade by data brokers." reference
(interna! reference
omitted)).
omittecl)).
144. See, e.g., Jane Bambauer
Bambauer,, Is Data Speech, Speech, 66 STAN.
STA . L. L. REV. ("A
(2014) (“A
57, 106 (2014)
REY. 57.
corporation
corporation that generates
generates and subscqsubsequently
uently uses
use s or sells data,
data , even revenu e stream is
evcn if the revenue ancillary to
i ancillary
its primary
primary product
product or service,
service, has a cognizable
cognizable argument
argument that that it is in the business communications ,
business of communications,
and is therefore analogous to a traditional
thercfore analogous traditional press
press corporation.”); Eugene Volokh,
corporation."); Eugene Freedom ooff Speech
Volokh, Freedom Speech and
687
687
Yale
Yale Journal
Journal on
on Regulation
which
which could
could prevent
prevent legislation
legislation that
that aimed
aimed toto stop
stop brokers
brokers fromfrom selling
selling data
data to to
consumers.
consumers. While
While this Note proposes
this Note proposes a number
number of
of regulatory,
regulatory, tort, statutory,
tort, statutory,
and
and private
priva te law
law reforms
refonns that
that would help mitigate
would help mitiga te the
the threat
threat ofof relational
relational control,
control,
these
these are
are by
by no
no means
means simple
simple or or cure-all fixes.
cure-ali fixes.
4. Anonymization
Anonymization Is Nota
Is Not a Sufficient
Sufficient Solution
Solution
Finally,
Finally, relational control
relational control will will likely
likely become
become a more more significant
significant problem
problem
due
due to to the
the well-documented
well-documented problems
problcms associated
associated with
with datadata anonymization.
anonymization.
Commercial
Commercial entities
entities andand regulators
regulators often
often respond
respond to to consumer
consumer privacy
privacy concerns
concems
145
by attempting to remove all identifying
by attempting to remove ali identifying features
fcatures from
from a data data set.1
set. 45 These
These
efforts
efforts areare pervasive
pervasive in
in data
data transactions.
transactions. For
For example,
example, the
the H1PAA
HIPAA Privacy
Privacy
146
Rule requires
Rule requires thatthat health
health data
data be be anonymized,'46
anonymized, and
and it creates
creates a safe harbor for
safe harbor for
companies
companies that
that (i) (i) remove
remove from
from datasets
datasets eighteen
eighteen types
types of
of identifiers
identifiers
(including,
(ine luding , for for example,
example, names,
names, addresses,
addres es, IP addresses,
addresses, and
and social
social security
security
numbers) and (ii) also have “[n]o
numbers) and (ii) also have "[ n]o actual
actual knowledge
knowledge [that]
[that] residual
residual information
information
147
can
can identify
identify individuals].”
individual[s]." 147 Similarly,
Similarly, a vast
vast number
number of of companies,
eompanies, including
including
ban k s, 148
banks, ' credit
ct· car d s companies,1
ere 1t cards compames,
. 149 . .
44 anti-virus .,,
ant1-v1rus software,1
soitware,
150 l
711 telecommunications
te ecommumcat1ons
. .
t h emse 1ves sell se 11

companies,1
compames, . 151 ISP
51 ISPs,1 is2 .
s, ' internet
mtemet companies,15’
compames, . 153 an d data
and d ata brokers
b ro k ers themselves
/11
/ormation Privacy:
Information Pri1•ac_1•: The Troubling
Tro11bli11g /111pli
cmions ooff a Right
Implications Righr To Stop People fro111
from Speaking
Speaki11gAbout
Abour You.You.
52 SSTAN. REY.
ta n . L. R 1049. 1051
ev . 1049. 1051 (2000) (arguing that many privacy laws regulatingrcgulating the sale and disclosure
personal information
of personal infonnation are unconstitutional under existing First Amendment law).
145. See,
145. See, e.g., FTC Data
Dara Brokers,
Brokers. supra note 4, 4. at 14.
14.
146. See
146. See45C.F.R.pt. 164.514(b)-(c)(2002).
45 C.F.R. pt. 164.514(b)-(c) (2002).
147. O
147. ÜFFICE
ffice of OF CivtL
CIVIL R RIGIITS,
ights , G GUIDANCE
uidance R REGARDING
egarding M METIIODS
ethods for FOR D e
DE-
IDENTll~CATION
identification OFPPROTECTED
of rotected H HEALTll
ealth lNFORMATION
Information in INAACCORDANCE
ccordance with TIIEH
WITIIthe ealth IlNSURJ\NCE
HEALTll nsurance
PPORTABILITY
ortability and ANDA ACCOUNTABILITY
ccountability A ACT
ct (HIPAA) P PRIVACY
rivacy R RULE
ule 7-8, D ep ’t of
DEP'T OF H ealth & H
HEALTII HUMAN
uman
SSERVS
ervs .. (2002),
(2002), http://www.hhs.gov/hipaa/for-professionals/privacy/special-topics /de-
http://www.hhs.gov/hipaa/for-professionals/privacy/special-topics/de-
identification/#standard.
identification/fstandard.
148. See, e.g., Jonathan Camhi, Barclays
148. Barc/ays Plans
Pla11sTo SellSel/ Anonymized Data to Other
A11011ymi-::.ed
Companies. B
Companies, BJ\
ank KTECJI
Tech (June 24, 24. 2013,
2013. 11:32
11:32 AM),AM). http://www.banktech.com/data-and-
http://www.banktech.com/data-and-
ana Iyt ics/barclays-p Ia11s-to-sel 1-anony mized-data-1o-other-com pan ies/d/d-idi 1296436
analyfics/barclays-plans-to-sell-anonymized-data-to-other-companies/d/d-id/1296436 (an noune ing
(announcing
Barclay's plans to sell
Barclay's ,ell aggregated
aggregatcd checking and savings account data to other private prívate companies and
govemment agencies).
government
149. See,
149. See. e.g.,
e.g .• Bernard Marr, American Express Charges into i1110the World
World ooff Big
Big Data,
DATAINFORMED
DATAlNFORMED (Jan. 13,
13. 2016, 5:30 AM), http://data-informed.com/american-express-chargcs-into-
AM), http://data-informed.com/american-express-charges-into-
world-big-data (describing new American Express business lines using customer cu,tomer data to recommend
tnird-party products to customers).
third-party customcrs) .
150. See, e.g..
150. e.g., James Temperton,
Tempcrton , AVG Can Sell Sel/ Your
Your Browsing and a11dSearch History
1-/istoryto
to
Ad1•ertisers.WIRED
Advertisers, WIRED(Sept. 18,2015),
18, 2015),http://www.wired.co. uk/article/avg-privacy-policy-browser-search-
http://www.wired.co.uk/article/avg-privacy-policy-browser-search-
AVG's updated policy to sell anonymized search
data (detailing AVG’s scarch and browser history).
151. See, e.g..
151. e.g., Bryan Clark, Comcast: ISPs Should Shou/d Be Able To Sell Sel/ Your
Your Web
Web History
/li sto!")'
Ad,•ertisers, TNW (Aug. 3,
to Advertisers, 3.2016, 1:09 PM),
2016, 1:09 PM). http://thenextweb.com/insider/2016/08/03/comcast-isps-
http://thencxtweb.com/insider /2016/08/03/comcast-isps-
should-be-able-to-sell-your-web-history-to-advertisers (reporting that AT&T had been
should-be-able-to-sell-your-web-history-to-advertisers bcen selling customer
data for over
overaa year);
year): Michael H., H .. AT&T Planning
P!a1111i11[i Sel/ Your
To Sell Your Anonymous
A11011ymous Usage
Usage Data
Dara to Advertisers.
Ad,wtisers .
PHONEARENA
PHONEARENA (July 3,3.2013,
2013, 9:37 PM). http://www.phonearena.com /news/AT-T-planning-to-sell-your-
PM) , http://www.phonearena.com/news/AT-T-planning-to-sell-your-
anonymous-usage-data-to-advertisers _id44890 (announcing AT&T plans to sell anonymized
anonymous-usage-data-to-advertisers_id44890 anonymi7cd customer
data).
152. Swati Khandelwal,
152. Khandclwal , ISPs
/SPs Sell
Sel! Your
Your Data to 10Advertisers,
Acfrerrisers, But
8111FCC Has a Plan To
Protect Privacy,
Protect Pri,•acy. HACKER
HACKERNEWS NEWS(Mar. 11, 11, 2016), http://thehackernews.com/2016/03/isp-sells-data-to-
http://thehackernews.com/2016 /03/isp-sells-data-to-
advertiscrs.html; supra note 57.
advertisers.html;
688
A New Privacy Harm
New Privacy Harm
data to other
other companies
companies afterafter stripping
stripping out personally
personally identifiable information
(PII)_ 154
(PII).154
However,, anonymization
However anonymization cannotcannot guarantee
guarantee that a person their
person is not tied to their
data, according
data , according to many
many computer
computcr scientists,
scientists, data analysts,
analysts, and privacy
privacy
155
scholars.'"
scholars. Surveys of common
Surveys common anonymization de-anonymization methods
anonymization and de-anonymization methods
reveal
revea! the ease with whichwhich computers
computers and humans humans can re-identify anonymized
re-identify anonymized
datasets.
dataset For data releases
s. For releases that are explicit (intentional, such as when
explicit (intentional, when
anonymized
anonymized and sanitized
sanitized datasets
datasets are sold)
sold) or implicit (unintentional, such as
implicit (unintentional,
156
when partially
partially or fully
fully anonymized
anonymized datasets
datasets are leaked),IM number of
leaked) , ’ a number de-
of de
anonymization attacks
anonymization attacks can re-identify datasets with ease.
re-identify the datasets
A particularly
particularly effective
effcctive attack relevant to our inquiry)
attack (and relevant involves the
inquiry) involves
attacker leveraging auxiliary
attacker leveraging auxiliary information
information or background knowledge to identify
background knowledge identify
157
the matching
matching dataset."'7
dataset. For example, Arvind Narayanan
example, Arvind Narayanan and Vitaly Shmatikov
Vitaly Shmatikov
took user ratings
ratings from the IMDB IMDB database
database and used them to expose expose user IDs
158
from among
among 500 500,000
,000 Netflix
Netflix users.l5S
users . Working
Working off
off tbe
the bypothesis
hypothesis that among
among
“Netflix subscribers who also use IMDB
"Net flix subscribers IMDB,, there strong correlation
there is a strong between
correlation between
their private
their Netflix ratings
prívate Netílix ratings and their
their public
public IMDB rating,” Narayanan
IMDB rating," Narayanan and
Shmatikov
Shmatikov discovered
discovered that “even "even a handful movies that are rated by a
handful of movies
subscriber
subscriber in both services
services would
would be sufficient identify his or her record
sufficient to identify record in
the Netflix
Netflix Prize
Prize datasct
dataset (if present
present among
among the released records) with enough
released records) enough
statistical confidence
statistical confidence to rule
rule out the possibility
possibility of
of a false match
match except
except for a
159
negligible probability."
negligible probability.” 177 In addition,
addition, Sarah
Sarah Jamie Lewis
Jamie Lewis has surveyed
surveyed how a
20GB dataset,
dataset , comprising
comprising more than 173 million million individual
individual NewNew YorkYork City
153. See e.g.,

153. e.g.. Lois Beckett, How Ya/100Are Selling Politicians Access
ll ow Microsoft and Yahoo
to You
You,, PROPUBLICA
PROPUBLICA (June 11,2011,
11,20 11, 11:45 AM),http://www.propublica
11:45 AM), .org/article/how-microsoft-and-
http://www.propubIica.org/articlc/how-microsoft-and-
yahoo-are-selling-politicians-access-to-yo u (describing the types ooff information sold
yahoo-are-selling-politicians-access-to-you interne!
sold by internet
companies to political campaigns).
154. See id. ("[Tlhe
( "IT]he credit reporting 'double-blind'' match
rcporting giant Experian performs a 'double-blind
Microsoft’s data and campaigns’
between Microsoft's campaigns' data. Yahoo uses another massive data company, company. Acxiom.
Both Experian and Acxiom Acxiom also offer similar matching for commercial clients who want to find find
online.") .
previous customers online.”).
155. See.
See, e.g..
e.g ., Paul Ohm , Broken Promises of
Paul Ohm. of Privacy: Responding to the Surprising
Failure ooff Anonymization.
A11onymizatio11, 57 UCLA REV. 1701
UCLA L. RKV. (20!0) ("A
1701 (2010) lthough it is true that a malicious
(“Although
adversary
advcrsary can use PII PU such as a name or social security number to link data to identity, as itir turnstums out. the
adversary can do the same thing using information that nobody would classify as personally
identifiable.”); Scott Berinato
identifiable."); Anonymous Data,
Berinato,. There's No Such Thing as A11011ymo11s HARV.Bus.
Data. HARV. REV. (Feb. 9,
BUS. REV. 9,
2015),
20 ng-as-anonymous -data ("Broad
http://hbr.org/2015/02/theres-no-such-thing-as-anonymous-data
15), http://hbr.org/2015/02/theres-no-such-thi (“Broadly, ir means that
ly, it
anonymity
anonymity doesn’t
doesn't ensure privacy,privacy , which could render toothless many of the world's laws and
privacy .").
consume r privacy.”).
regulations around consumer
156. See Bin Zhou et al., A Brief
156. A11011ymiza1io11
on Anonymization
Brief Survey 011 for Privacy
Techniques for
Preserving Publishing of of Social Network Data. Data, 1010 ACM SIGKDD EXPLORATIONS
SIGK.DD EXPLORATIONS NEWSL. 12
NEWSL. (2008),
12 (2008).
.es .sfu .ca/~jpei/pu bl ications/SocialNetworkAnonym ization_survey .pdf.
http://www.cs.sfu.ca/~jpei/publications/SocialNetworkAnonymization_survey.pdf.
http://www
157.
157. Xuan Ding et al., A Brief Attacks in Online Social
De-a11011y111izatio11
Brief Survey on De-anonymization
Networks LNT'LCONF.
Nerworks,, 2010 INT’L CONF. ON COMPUTATIONAL
ONCOMPUTATIONAL ASPECTSOF
ASPECTS SOC. NETWORKS
OFSoc. 611. 614.
NETWORKS 611,614.
158. Arvind Narayanan & Vitaly Vital y Shmatikov, De-a11011y111iza1io11
Shmatikov , Robust De-anonymization Large
of luirge
Sparse Datasets,
Dataseis, in EEE SYMPOSIUM SYMPOSIUM ON SECURITY AND
ON SECURITY PRfVACY (S&P)
ANO PRIVACY {S&P) (2008),
hnp://www .es.cornell .edu/~shmat/shmat_oak08netfl ix .pdf.
http://www.cs.cornell.edu/~shmat/shmat_oak08netflix.pdf.
159. Id.
159. 8.
/d.atat 8.
689
689
Yate Journal on Regulation
anonymous licenses,
taxi trips with anonymous licenscs , medallion
medallion numbers,
numbers , and other othcr metadata
metadata
could easily
easily be subsequently
subsequently re-identified 160
could re-identified along
along with the driver’s
driver 's identity.1
identity . 60
F'urther, existing
Further, existing relationships
relationships pose additional
additional challenges
ehallenges for effective
effective
anonymization. Fclix
anonymization. describes the possibility
Felix Wu describes possibility of privacy
privacy invasions
invasions by
161
"insiders" in the context
“insiders” context of data releases.1
releases. 61 Wu defines
defines “privacy
"privacy ‘insiders’
'i nsiders' [as]
thosc [whose] relationship
those [whose] particular individual
relationship to a particular individual allows
allows them to know
significantly more more about 162
significantly about that individual
individual than the thc general
general public does.”1
does." 62 Wu
notes that privacy
privacy insiders
insiders can be particularly
particularly difficult
difficult to counter,
counter, because
because
insiders “can
insiders "can exploit
exploit special knowledge gained
special knowledge gained through
tlu-ough their relationships
rclationships with
target individual
a target deduce more about
individual to deduce about that individual
individual from released
released data than
163
general public would.”
the general would." 163 Similarly,
Sim;tarly, Swaroop Poudel observes
Swaroop Poudel observes how, how , in the
164
context
context of anonymized device
anonymized device data,16 data, 4 knowledge
knowledge of a person'sperson’s particular
particular
attributes can lead to idcntifying 165
attributes individual without
identifying an individual without access
access to their PII.1
their Pll . 65
While privacy insiders
While privacy insiders may interact
interact with each
eaeh other in the physical
physical worldworld with
varying degrees
varying degrees of closeness
closeness and trust, theirtheir existing
existing knowledge
knowledge of a person person can
pair with acquired
pair acquired data to produce
produce greater
greater insight.
These four
These four factors
factors suggest
suggcst that the thc threat
threat of relational
relational control
control will
continue to grow. Consumers
continue Consumers produceproduce increasingly
increasingly revealing
revcaling data, data , which
brokcrs will continue
brokers continue to sell at a low price. price . Economic
Economic and legal obstacles
obstacles may
frustrate attempts
frustrate attempts to regulate
regulate data sales, and anonymization
anonymization cannotcannot adequately
adequately
proteet consumers.
protect consumers. In the absence
absence of any meaningful
meaningful check,
check, certain
certain individuals
individuals
will purchase
purchase cheap,
cbeap, powerful
powerful data to gain an informational
informational advantage
advantage over
their peers.
their
IV. Existing
Existing Proposals
Proposals Fail To Remedy
Remedy Relational
Relational Control
Control
examine the prominent

This Part examines prominent reforms
reforms that privacy
privacy scholars
schola rs have
proposcd to address
proposed address privacy
privacy harms
harms that stem from the sale of digital
digital
information.
infonnation.
160. Sarah
160. Sarah Jamie
Jamie Lewis.
Lewis, Please SlopStop Releasing "Anonymized"
"Anonymi,ed " Datasets,
Dataseis, LlNKEDlN
LINKED[N
PULSE(Jan.
PULSE 25, 2016),
(Jan. 25, 2016), http://www.linkedin.com/pulse/please-stop-releasing-anonymized-datasets-sarah-
http: //ww w.linkedin.com /pulse /please-stop-releasing-anonymized-datasets-sarah-
jamie-lewis.
jamie-lewis.
161. See Felix T. Wu,
161. Defi11i11g
Wu , Defining Pril'ac_vand Utility
Privacy Utility in
in Data Sets, 84 84 U. COLO.
COLO.L. R ev .
REV.
1117, 1154(2013). While
1117,1154(2013). While Wu underscores
unucrscores the unclear
unclear legal state of insider
insider attacks,
attacks, and their
their difficulty
difficulty to
countcr, neither
counter, neithcr Wu nor any other other scholar
cholar has discussed
discusscd the possibility
possibility or implications
implications of these
rdationships in the context
relationships context of peerpeer data
<lata purchases.
purchases.
162. Id.
162.
163.
163. Id .
Id.
164. See also
164. a/so infra
i11fra Section TII.B (discussing
Section 1U.B (uiscussing the relationship
rclationship between
betwecn de de-
a7onymization and
anonymization andaa relational
re!ational control
control threat).
threat).
165. Swaroop
165. Swaroop Poudel, /11/emet ooff Things:
Poudel, Internet 711ings:Underlying
U11der/yi11g Tech11ologies.Interoperability,
Technologies, lnteroperahility,
w1d Threats to Privacy and
and a11dSecurity, 31 31 BBERKELEY
erkeley T 997, 1014
ech . L. J. 997,
TECII. 1014(2016)
(2016) (“Comprising
("'Cornprising granular
granular
d..1ta with many variables,
data variables, sensor
,cnsor data can enableenable someone
someonc with knowledge
knowledge of certain certain attributes
attributes of a
identify them,
person to identify thcm. even
even without
without their
their personally
personally identifiable
idcntifiable information
information (PII)(PH) .....
. . . For example,
example.
Fitbit's movement
Fitbit’s movement data can reveal revea! someone’s
somconc's gait. Someone
Someone who knows a person’s per,on·s gait could,
could, thus,
Lhus,
idcntify that person
identify person and gain access
access to the rest of his or her Fitbit data.”
data. " (internal
(in terna! references
refercnces omitted)).
omitted)).
690
690
A New
New Privacy Harm
Privacy Harm
A. Br Industry Reforms
oker Jndustry
Broker
When the FTC releasedreleased its 2014 Report, Report , the agency proposed a series
agency proposed series of
legislative reforms
legislative reforms that that, , if enacted,
enacted , would offer
offer new privacy
privacy protections
protections for
consumers.
consumer s. The FTC signaled signaled its supportsupport for the Data Data Broker Accountability
Broker Accountability
and Transparency
Transparency Act (DATA), introduced by Senators
(DATA) , introduced Senators Rockefeller
Rockefeller and
Markey,
Mark ey, which would
would ((1) 1) bar data brokers collecting data that brokers
brokers from collecting broker s
knew were illegally
knew obtained;; (2) require
illegally obtained brokers to allow
require brokers consumers to review
allow consumers review
personal information gathered
personal information gathered aboutabout them at least once per year free ; and
year for free;
(3) empower
empower consumers
consumers to dispute dispute the accuracy accuracy of data collected, which
collected , which
166
brokers
brokers would
would then have to inve investigate correct.166 The FTC also expanded
stigatc and correct. expaoded
uupon
pon the existing
existing DATA
DATA proposals
propo sals by recommending legislatioo that would
recommending legislation
require
require consumers
consumers to opt in to the sharing sharing of any sensitive
sensitive data, such as certain
167
health data.1
data . 67 The FTC also recommended
recommended that the legislation require brokers
legislation require
to disclose
disclos e their data sources sources and notify consumers consumers when collccted collected data
168
adversely affected a commercial
adver sely affected commercial transaction.1
tran saction. 6 6 In addition,
addition , the FTC suggested
suggested
that a central web
website
site be created
created to list the largest fifty fifty data brokers provide
brokers and provide
. 169
169
links to their access tools and opt-out opt-out policies.
number of privacy
A number scholars have proposed
privacy scholars additional reforms
proposed additional reforms to
regulate broker activity.
regulate broker activity. These
These range from the advocating
advocating for legislation
legislation in line
170
with the EU'
EU’ss Data Privacy
Privacy dircctive
directive1 70 to cxpandin disclosure and correction
expandingg disclosure correction
171
requirements.1'
requirements. 1 Scholars
Scholars have called Congress to enact
called for Congress enact a law similar
similar to
California’s Right to Know
California 's Right Know Act, Act , which
which would
would require companies to revea!
require companies reveal,,
upon request,
request , the information
information they have collected about an individual
collected about individual and how
the information
inform ation is used and sold sold.1. 172‘
A recent empirical
empírica! study of consumer consumer reactions privacy disclosures
reactions to privacy disclosures
registers one critique
registcrs critique of these proposals
proposals,, arguing that they "rely[] “rely[] on the fiction
that if customers are told about the uses information , they will vote
use s of their information,
173
with their feet if they do not like the thc terms.”17’ However,, the novel
tenns ." However proposals
novel proposals
166. See Data Brok Broker Acco untabilit y and Tran

er Accountability sparency Act,
Transparency 2025, 113th Cong.
Act , S. 2025,
Schmit z, supra note 12.
(2014); Schmitz,
167. Id.
Id. at 52. framewo rks as a possible
52 . For more on sensitive data frameworks res ponse to the
poss ible response
threat ooff relational
relational control, injra Part V.
control , see infra
168. FTC Data Brakers, 4 , at 51
Brokers, supra note 4, -52.
51-52.
169. Schmitz,
Schmit z , supra note 12, at 1458.
1458 .
170 . See, e.g.,
170. Kuempel,
e.g ., Kuempe l, supra note 12; Mae Maeve Europe Is Saje
ve Z. Miller, Note, Why Eurape Safe
from
fro Choicepoint: Preventing Ca111m
m Chaicepoint: ercia/ized lde111i1
Commercialized Identity Theft Thrau.
y Thejt Through Protection and
Strang Data Pratectian
g h Strong
Privacy Laws, 39 G eo
EO.. W a íNT'L L. REV.
s h1.. INT'L
AS! (2007 ) . While
R EV. 395 (2007). ca lled for
thesc and other scholars have called
Whilc these
a more European
Europca n approach
approac h to digital
dig ital privacy
pr ivacy in the cocommercial rea lm. this Note takes the view that these
mmercial realm,
calls
ca lls are unlikely
unlike ly to succeed,
succee d , ggiven
iven the relative inelasticity U.S. privacy law in the face of
ine lastic ity ooff U.S.
dramatically
dramatica lly increased
increased concern
concem ove overr data privacy. See Jay P. P. Kesan al.. A Comprehensive
Kesa n et al., E111p irica/
Camprehensive Empirical
Cansumer Au1
Study oajf Data Privacy, Trust, and Consumer a11
Autonomy, y , 91
a111 IND. L.J. 267,3
9 1 IND. 267,347 (201 6).
47 (2016).
17 1. See Lipman,
171. Lipman , supra 78 6-96 .
12 , at 786-96.
jw/jra note 12,
172.
172 . See,
See, e.g., Mann , Note, Small
e.g., Jugpreet Mann, Sma/1 Steps for Ca11gress, Huge
fa r Congress. Stepsfa
1/uge Steps 011/i11
forr Online e
HASTINGSCOMM. & ENT. L.J.
Privacy, 37 HASTINGS L.J. 365
365,387 (2015 ).
, 387 (2015).
173. P.
P. Kesan Comprehensive
Kesa n et al., A Camprehe11 Emp írica! S111d
s ive Empirical y of
Study Trust, and
Privac_v, Trust,
aj Data Privacy,
Consumer
Cansumer Autonomy,
a11
A111 a111y, 9911 IND. L.J . 267,3
IND. L.J. 267,347 47(2 01 6).
(2016).
691
Yalc Joumal on Regulation
offercd by the authors—

offered authors-including creation of Profile
including the creation Profile Information
Information Reporting
Reporting
Agencies, likc credit
Agencies, which, like crcdit reporting
reporting agencies,
agencies, would store consumers’
consumers' data
profiles and allow consumers
profiles consumers to challenge
challenge and correct
cotTect inaccurate
inaccurate information—
information -
also would
would not protect
protect consumers
consumers from the threat of relational control. 174
relational control.1 74
B. Reforms forr Information

Reforms fo lnformation Services
In addition proposals to regulate

addition to the proposals regulate the data brokerbroker industry, scholars
recommended a number
have recommended number of interventions
intcrventions that would require require information
information
services and data holding
services holding companies
companies to protect
protect consumer
consurner privacy.
privacy. As FTC
Chairwoman Edith Ramirez
Chairwoman notcd, these proposals
Ramirez noted, proposals are usually familiar. 175
usually familiar.17 5 Calo
and others
others have proposed
proposcd that companies
companies offer a tracking-free
tracking-free version
version of their
176
service that consumers
service consumers can purchase.17
purchase. 6 Many, including
including members
members of Congress,
Congress,
called instead
have called instead for the creation
creation of universal
universal “opt-out”
"opt-out" provisions
provisions for
177
consumers to refuse
consumers refuse online
online tracking. Similarly, many scholars
tracking.177 Similarly, scholars have proposed
proposed
reforms to the increasingly
reforms statutory privacy protections
increasingly dated statutory protections described
described in Part
II.
II.111s
78
Scholars also typically
Scholars typically line up behind
behind (or critique)
critique) various
various “good
"good data
practices" frameworks,
practices” frameworks, such as the Fair Information
Information Practice Principles
Principies (FIPPs)
(FlPPs)
179
framework.
framework.174 The FTC articulated
articulated its Privacy
Privacy By Design
Dcsign (PBD) principles
principies in
2012, which
which call on companies
companies to delete consumer
consumer data that are no longer
needed and to allow consumers
needed consumers to access their data and, when appropriate, appropriate, to
change or delete information
change information that companies possess. 180
companies possess.18 0 These
Thesc principles
principies are
181
neither wholly
neither wholly novel1
novel 81 nor withoutwithout criticism,
criticism, including
including ideological
ideological
174. See id. at 346-49.

346-49.
175. Edith Ramircz, Chairwoman. FTC,
Ramirez, Chairwoman. Pril'acy Challenges ooff Big
FTC, The Privacy Big Data: A ViewView
Jrom
from the Lifeguard 's
Lifeguard’s Clwir
Chair 11 (Aug. 19,
19, 2013),
http://www.ftc.gov/sites/default/files/documents/public_statements/privacy-challengcs-big-data-vicw-
http://www.ftc.gov/sites/default/files/documents/public_statements/privacy-challenges-big-data-view-
lifeguard %E2%80%99s-c hair/I 308 l 9bigdataaspen.pdf ("The
lifeguard%E2%80%99s-chair/1308I9bigdataaspen.pdf ("'Thc emergence
emergcnce of big data is similarly similarly
breathtaking
breathtaking and potentially
potcntially game changing.
changing. But the thc challenges
challengcs it poses to consumer
consumer privacy
privacy are
familiar .....
familiar . . . The
The solutions
solutions are also familiar.”).
familiar.").
176. See Ryan Calo, Digiw l Market Manipulation,
Calo. Digital Ma11ip11latio11. 82 G eo . W ash
GEO. ASII.. L. R ev . 95 (2014).
REV. (2014).
177. See Do Not Track
Track Me Online
Online Act.Act, H.R. 654,
654. 112th Cong.
Cong. (2011);
(201 I) ; Do-Not-Track
Do-Not-Track
Online Act of 2011,
Online S.913. 112th Cong.
2011, S.913. Cong. (2011):
(2011 ): Do Not TrackTrack Kids Act of 2011, 2011, H.R. 1895,1895. 112th
Cong. (2011):
Cong. (2011); Jeff Sovem, Opting In,
Jeff Sovem, /11, Opting Out,
Ow, or No Options at All: Al/: The Fight fo forr Control ooff
lnformation, 74 WASH.L.REV.
Personal Information, WASII. L. REV. 1033 (1999).
( 1999).
178. Eugenc E.
Eugene E. Hutchinson,
Hutchinson , Note,
Note, Keeping Your Your Personal Information
lnformation Personal:
Trouble foJorr the Modern
Modem Consumer,
Co11.111mer, HOFSTRAL.
43 HOFSTRA L. REV.
REV. 1151
1151 (2015);
(2015); Mann,
Mann , supra note 172, at 37; See
Ohm. supra note 16, at 1191;
Ohm, a/so Orin S. Kerr,
1191: see also Cybercrime's Scope: Interpreting
Kerr, Cybercrime’s /11/erpre ting "Access" and
"Awhori:ation" Co111p111er
'‘Authorization" in Computer N.Y.U. L.
Misuse Statutes, 78 N.Y.U. L. REV.
REV. 1596
1596 (2003);
(2003): Orin S. Kerr,
Kerr. Norms ooff
Computer Trespass, 116 COLUM. COLUM.L. R ev . 1143 (2016).
REV. (2016).
179. Borge,ius et al., supra note 29. at 2101-06
Borgesius 2101-06 (describing
(dcscribing various
various Fair Information
lnform ation
Principies and how they
Principles thcy came
carne to be articulated).
articulatcd).
180. Id. at 23-24.
23-24.
181. See Thomas
Thomas M. LenardLenard & Paul H. Rubin., Big
H. Rubin Big Data, Privacy and the Familiar
Svlwions. 11
Solutions, 11 J.L. ECON.
ECON. & & PPOL'Y
o l ’Y 1,1. 1-2 (2015)
(2015) (describing
(describing the PBD framework
framework as “essentially
"cssentia lly a
restatement of the traditional
restatement traditional Fair Information
lnformation Practice
Practice Principles
Principies (FIPPs)
(FIPPs) of Notice,
otice, Choice,
Choice, Access
Acce,, and
Security ," which in turn embody
Security,” embody “all
"a li of the
thc concepts”
conccpts" in the 1980 privacyprivacy guidelines
guidclincs promulgated
promulgated by the
692
692
A New
New Privacy Harm
Privacy Harm
182
182
disagreement over
disagreement over the scope
scope of of consumer
consumer protection
protection regulations
regulations ' and the
never-ending struggle to kecp
ncver-cnding struggle keep frameworks up-to-date with the rapid
frameworks up-to-date rapid expansion
expansion
183
of
of data and how how they
thcy are used. ’
Regulatory FIPP
Rcgulatory F1PP or PBD frameworks
frameworks are similarly
similarly incapable
incapable of protecting
protecting
consumers
consumers from relational
relational control.
control. These
These frameworks,
framcworks , along
along with coherent
coherent
184
cyber
cyber security
security norms,1
nonns , X4 can provide useful best practices
providc useful practices for how companiescompanies
should de-identify
should de-identify and secure secure data,
data , as well as delete
delete data over over time. However
However,,
they do not address address the basic structural feature of the commercial
structural feature commercial data
environment that allows
environment allows many private actors to collect
prívate actors collect records
records of of user
user activity
activity
and sell them to interested
interested purchasers.
purchasers.
Furthermore,, it is unlikely
Furthermore unlikely that Congress
Congress will amend amend federal privacy
federal privacy
statutes either
statutcs prevent the trading
eitber to prevent trading of the digital information that relates
digital information relates to
185
regulated
regulated sectors1
sectors X5 or to establish
establish general
general privacy
privacy rules for consumer consumer
186
information
information (as some have recommended).Iw
recommended). > Federal Federal statutory privacy law has
statutory privacy
remained unchanged despite
remained unchanged despite the rampant
rampant purchase
purchase and sale of data, data , a near
constant stream of embarrassing
con stant stream embaiTassing data breachesbreaches and leaks,leak s, and an increasingly
increasingly
lengthy .
1engt hy list f d
l 1st oof documented d
ocumente privacy . h
pnvacy harms. arms. 187 w·
With b
1t one narrow narrow except10n . , 188
exception,
Congress
Congress has not passed passed a statute
statute expanding federal privacy
expanding federal protections in
privacy protections
189
more than a decade.
decade.1 ''9 Federal
Federal statutory
statutory reforms
reforms are also often poorly poorly designed
designed
to combat
combat futmefuture privacy
privacy threats. New Congressional
threats . New Congressional enactments
enactments would would face
familiar undertows
familiar undertows in the form of of swift
swift obsolescence
obsolescence,, dilutiondilution by industry
industry
190
190
lobbying,
lobbying , or the well-documented
well-documented tendency
tendency to target
target specific
specific technologies.
tcchnologies.
Organization of Economic Cooperation and Development (OECD)); see a/so

Organization also Borgesius et al., supra
note 29.a
29. att 22101-06
101-06 (describing the scope of the OECD guidelines).
182.
182. See, e.g.,e.g .. Paul H. Rubin, Regulation of
Rubin , Regula/ion o f Information Ad vertising, 4
!1ifo n11atio11 and Advertising,
COMPETITION
COMPETITION POL’Y POL'Y T NTºL 169, 169-92 (2008) (arguing that the FTC has at times overprotected
INT’L
consumers with excess
excessive innovation) .
ive regulation that curbs innovation).
183. See, e.g., Lenard
Lenard & & Rubin,
Rubin , supra note 181, 18 1, at 26 (arguing that the
commissioner's recommendation
recommend ation are “ill suited to the world of big el
" ill suitecl ata"); Omer Tene, Privacy Law’s
data”); Law 's
Midlife
Mid!ife Crisis: A Critical
Critica/ Assessment
Assess me111oo/f the Second
Seco nd Wave oo/f Global
Global Privacy Laws, 74 OHIO 01-110ST. L.J.
1217(2013).
12 17 (2013).
184. Cybersecurity Framework,
Fram ework , N at 'L INST.
NAT'L lNST. STANDARDS
STANDARDS & TEC TECH. (Feb. 12, 2014),
H. (Feb.
http://www.nist.gov/sites/default/files/documents/cyberframework/cybersecurity-framework-
http ://www.nist .govIsites/de fa u It/fi les/documents/cy be,fra mework/cybersecurity-frame work-
021214.pdf.
02 12l 4 .pdf .
185.
185. If lf Congress did reform existing statutes, digital activity, such as
statutes. other records of digital
what consumers read and watch, watch, would not be affected.
186. Kuempel. supra note 12
See, e.g., Kuempel, 170. at 395.
Miller. supra note 170,
12.. at 207; Miller, 395.
187.
187 . See generally Introduction, supra
general/y Tntroduction, supra..
188. See Genetic Tnformation
Information Nondiscrimination
Nondiscrimination Act of 2008, H.R. 493, 110th Cong .
110th Cong.
§ 22(2008).
(2008) .
189. Ohm., supra note 16, at 1125 (citing the Genetic Tnformation
See Ohm Information
Nondiscrimination Act as the only “meaningful
"mcaningful expansion of privacy law law Congress has enacted in the
last
1ast decade”).
dccacle ").
190.
190 . See Michael
Michacl Birnhack,
Birnhack , Reverse Engineering Informational
Infor111ati Privacy
o11al Priva cy Law, 15
Y ale J.L. & T
YALE TECH. (clocumenting examples of statutes that prove ineffective or stifling
ECl-1.24 (2012) (documenting
because they target particular technologies for reform). refonn ) .
693
Yale Journal
C. Privacy-Enhancing
C. Privacy-Enhancing Consumer Technologies
Technologists have
Technologists have developed
developed a number number of tools
tools to shield
shield consumers
consumers from
digital tracking,
digital tracking, such as adblockers
adblockers or cookie cookie deleting
deleting services.
services. However,
Howcvcr, these
services are unlikely
services unlikely to inoculate
inoculate a user from the threat
user from threat of
of relational
relational control.
control.
There
There are significant economic incentives
significant economic incentives for online actors
online actors to track
track consumer
consumer
. . 191w 111c . h e I th e mternet
act1v1ty,
activity,1 91 which fu .
fuel the internet’s , s free
e . .
1ree pricing
pncmg structure. 192
structure.1 TI1ese incentives
92 These . .
mcentJves
lcad to new
new tracking
tracking technologies
technologies (such 193
lead (such as web web beacons),1
beacons), 91 which
which when
when first
implemented track
implemented track consumers
consumers without
without their
their knowledge,
knowledge, and new services serviccs (such
(such
as Pokémon
Pokemon Go), which which oftenoften begin
begin with few privacy privacy protections
protections for
consumers. 194
consumers.1 Thi lag time is an inevitable
94 This inevitable consequence
conscquence of a free market market
cconomy,
economy, and ensureensure that technical
technical opt-outs
opt-outs will struggle
struggle to provide
provide sustained
sustained
protcction against
protection against relational
relational control.
control.
Additionally, array of tools— 195
Additionally, a wide array tools-fromfrom the Tor Tor browser,19"
browser, to virtual
virtual
priva te networks 196 197
(VPN), end-to-cnd
private networks (VPN),IW’ end-to-end encrypted encrypted messages,1
mcssages, 97 and encrypted
encrypted
191. Atan Henry,

See Alan Everyo11e·s Trying
Henry , Everyone's Tryi11gTo Track
Track WhatWhw YouYo11Do on 011the Web:
Web: Here's
//ere ·s
!Jow To Stop Them,
How The111, LIFEIIACKER(Feb. 22, 2012, 8:00 AM), http://lifehacker.com/5887140/everyones-
LlFEHACKER http: //lifehacker.com /5887140 /evc ryones-
-rying-to-track -what-you-do-on-the -web-heres -how -to-stop-them; Meghan Neal,
trying-to-track-what-you-do-on-the-web-heres-how-to-stop-them; Nea!. Now You You Can See
Which Websites
Which Websites Are Tracking
Tracki11g You Yo11 in Real-Time,
Real-Time, MOTHERBOARD
MOTIIERBOARD(Oct. 25, 2013. 2013. 9:35 AM), AM).
http://mo therboard.vice.com/blog /now-you-can-see-what-wcbsites-are-tracking-you-in-real-time
http://motherboard.vice.com/blog/now-you-can-see-what-websites-are-tracking-you-in-real-time. .
192. See, e.g., Lipman,
Lipman. supra note 12, 12, at 778 (“If("lf you search
search for something
something on the
Ccnter for Disease Control’s
Center Control's website,
wcbsite, say, ‘herpes
'herpes symptoms,’
symptoms,' then Lhen the CDC will tell GoogleGooglc about your
search. The CDC is not trying to profit from you,
search. you. but they use Google Googlc Analytics
Analytics to measure
measure their
websitc traffic.
website traffic. The CDC uses use, Google
Google Analytics
Analytics because
bccausc it is an effective
effcctivc free tool.
too!. It
Ir is a ‘free’
'free' tool
too!
because it is
because is quietly
quietly paid for with your data.” data. " (internal
(interna! citations
citations omitted));
omitted)); Emily
Emily Steel.
Steel. Companies
Co111panies
Scramblefor
Scramble Co11s11mer
fo r Consumer Data, FFIN.
Data, tn. TTIMES (Junc 12,
imes (June 12,2013.
2013, 8:11
8: 11 PM); How 1/ow Many
Ma11yooff Your
Your Users Set “Do "Do
Not Track”?,
Not Track"?. QUANTABLE
QUANTABLE(Feb. 2, 2,2015), http://w ww.quantable.com /a nalytics /how-many-do-not-track /
2015), http://www.quantable.com/analytics/how-many-do-not-track/
(measuring the
(measuring che percent
perccnt of users who opt out of tracking tracking as between
betwecn 8% and 15%). But 8111see Joseph
Turow, Tradeojj Fallacy:
Turow. The Tradeoff Fallacy: How Marketers Are MisrepresentingMisreprese11tingAmerican Consumers Co11s11mers and Opening
Ope11ing
The111
Them Up
Up to
to Exploitatio11,
Exploitation, U.
U. PENN
PENN (June, 2015),
I-ttp://www .ase .upenn .edu/sites/default/fi les/TradcoffFal lacy _ 1.pdf.
http://www.asc.upenn.edu/sites/default/files/TradeoffFallacy_l.pdf.
193.
193. Joanna Geary,
Joanna Tracki118the Trackers: What
Geary, Tracking Whal Are Cookies? An Introduction
lntrod11ctio11to ro
Web Tracking,
Web Trackinl/. GUARDIAN
GUARDIA (Apr. 23, 23,2012)
2012) (describing
(describing flash cookies
cookies and web beacons).
beacons) .
194. e.E/.,Brian Barret,
See, e.g., Update Your
Barrct , Update Yo11rPokemon
Pokémon Go App Now To Fix That Privacy P,fracy
Mess, WIRED
Mess, WIRED (July 12, 12. 2016),
2016), http://www.wired.com/2016/07/update-pokemon-go-app-now-fix-
http: //www.wired.com/2016 /07 /update-pokemon -go-app-now-fix-
privacy-mess (“That
privacy-mess ("That means
mcans it could havehavc potentially
potentially been able to ‘see 'sec and modify nearly all ali information
information
i11your
in your Google
Google Account.’
Account,' according
according to Google,
Google, short of changing
changing your password
password or tapping
tapping into Google
Google
Wallet. This is very bad!
Wallet. bad 1 And now you can fix fix it.”).
it.").
195. See, e.g., Kavita Iyer,
195. lyer, Best Free Tools fo forr Anonymous
A11011ymousBrowsing
Browsi11g 2016, 2016.
TECI
T ech1WORM
W orm (May 21, 21 , 2016),
2016), http://www.techworm.net/2016/05/top-free-tools-20l6-anonymous-
http ://www. techworm .net/2016 /05/top-free-tools-2016 -anonymous -
b~owsing.html.
browsing.html.
196. See, e.g..
e.g .. Adi Robertson,
Robertson , A VPN VPN Can
Can Stop Internet
lntemet Companies
Companiesjrom from Selling Your Your
Cata-Sur
D ata-B ut lt's
It’s Not a Magic 8111/et
Bullet,, THEVERGE
TIIEVERGE (Mar. 30, 2017),
http://www. theverge.com /20 17/3/25/ 15056290/vpn-isp-intcrnet-pri vacy-security-fcc-rcpeaJ (“The
http://www.theverge.eom/2017/3/25/15056290/vpn-isp-intemet-privacy-security-fcc-repeal ('The right
protect against lots
VPN can protect loes of things,
things , including
including government
governmcnt surveillance
survcillancc and malware.
malware. But the thc tool
too!
isn't a magic privacy
isn’t privacy bullet—in
bullet-in fact,
fact. experts
expens can’t
can't even agree on a great grcat VPN service,
servicc, beyond
beyond one you
makc yourself.
make yourself. While a huge number
number of companies
companics provideprovidc VPNs,
VPNs, many have potential
polcntial security
security flaws or
could put your data at risk. It’s lt's also difficult
difficult to tell how secure sccure a VPN actually
actually is,
is. and what it’s it"s doing
with your data. So what are you supposedsupposed to do if if you want to use one? onc? The short answer
answcr is to avoid free
service,. and if you consider
services, consider yourself
yourself tech-savvy,
tech -sa ,vy , look into setting
setting up your
your own.
own. Otherwise,
Otherwise, make sure a
p,.id VPN has a privacy policy you're
paid you're okay with, and can handle the thc threats you’re
you're relying on it to
protect you
protect yo u from.”)
from. ")
694
Privacy Harm
New Privacy
A New
198
desktops19*
desktops 1-—allowallow consumers
consumers to avoid tracking companies and sorne
tracking by most companies some
security agencies.
security agencies. Most websites considerably slower
websites run considerably slower on thetbe Tor browser,,
browser
and sorne
some features,
features , including
including most video streaming
strearning options, cannot work
options , cannot
199
without risking
without risking consumer
consumer privacy certain , high information
privacy .. 199 While certain, information
consumers
consumers could limit their tbeir vulnerability
vulnerability from relational control,, most
relational control
200
consumers necessary to shroud
consumers will not take the steps necessary shroud their activity.""" (And , if
activity . (And,
2011
they did
did,, their action
actionss could significan
significantly economy.).)2°
information economy
tiy disrupt the information
V. “Information Fiduciaries”" and “Sensitive

"Information Fiduciaries "Sensitive Data”: Promises and Lirnits
Data": Promises Limits
While most proposed

While propo sed reforms protection against
reforms would offer minimal protection
relational
relational privacy
privacy harms,
harms , two scholars
scholars—Paul Balkin - recently
- Paul Ohm and Jack Balkin—recently
proposed
proposed new frameworks
frameworks that
tbat could better consumers. This Part lays
better protect consumers.
out both proposals
proposals and describes
describes how each could be amended extended to
amended or extended
enhance
enhance consumer
consumer protection relational control.
against the threat of relational
protection against
Approach es to Consumer Prot

A. Two Approaches
A. ection
Protection
Ohm and Balkin Balkin tackle data abuses from two distinct fronts,, each of
distinct fronts
which is relevant
relevant to the problem
problem of relational
rclational control. Ohm
Ohm’s 's proposal
proposal is data-
centric, highlighting particular types of infonnation
highligbting particular - such
information—such as social secmity
security
numbers or medical
numbers information—that
medica! information consumers and
- that can harm consumers and,, thus, are
recognized
recognized as "sensitive." safeguards exist for certain types of
“sensitive.” Legal safeguards
“sensitive”
"sensitive " information,
information, which
which limit how commercial entitics may use these
commercial entities
202
data
data .
." " 2 Ohm advocates
advocates expanding
expanding U.S. law’s
law' s conception
conception of sensitive
sensitive data to
include three new types of information:
information: precise geolocation
geolocation data remotc
data,, remote
203
biometric
biometric datadata,, and commuoications
communications metadata."
metadata.
197. See, e.g., Craig

e.g., Cr aig Timberg, Newestt Andr
Timb erg, Newes Androids
oids Will
Wi/1 Join iPhones in Offering Default
O.ffe ring Default
Encryption,
Encrypli on, Blocking
Blocki ng Police,
Po/ice, WASH.
WASI-I.P ost (Se
POST (Sept.
pt. 18, 2014
2014), htcp://www .washin gtonpost.co m/news/t he-
), http://www.washingtonpost.com/news/the-
switch/wp/2014/09/18/newest-androids-will-join-iphones-in-offering-default-encryption-blocking-
sw itch/w p/20 14/09/ J 8/newes t-a ndroid s-wi 11-joi n-iphon es-in -offering-defau It-encr yption-blocki ng-
police.
pol ice.
198.
198 . See, e g.g.,
., Privacy for
fa r Anyone
Anyo ne Anywhere,
Anyw here, T ails AILS (last visited Feb. 2017 ),
Feb . 18, 2017),
http://tails.boum.org/
http: //tail s .boum. org/ (providing
(providin g a free encrypted
encr ypted operating
operatin g system
syste m that users loa d onto comput
user s can load computersers
and storage dev devices).
ices).
199. See NoScript
NoScripl (last visited Apr. Apr. 1,1,2017),
2017), http://noscript.net/ (providin g a Firefox
http ://nosc ript.n et/ (providing
extension
ex tension that bloc blocks scriptss from loading on untrusted
ks script untru sted websites).
200. See KeKesan,
san. supra note 170. 170.
201.
201 . See, e.g.,
e.g., John E. Dunn,
Dunn, Best
Bes/ 7 Online
Onlin e Privacy
Pri vacy Tools 201620/6 - VPNs, Anonymous
A11011 y mo11s
Search,
Search , and Browser
Browse r Secrecy,
Secrecy, Tech World,
ECIIWORLD (last visited Apr .
Apr. I,
1, 2017 ),
2017),
http://www
h11p://w ww .techworld.com/security/best-7-online-privacy-tools-2016-vpns-anonymous-search-browser-
.tec hworld. co m/sec urity /best-7-onl ine- pri vacy -too ls-20 i 6-v pns-a nonymous-sea rch-bro wse r-
secrecy-3633529/
sec recy-3633 529/ (" (“If
lf it was only adverti
advertisers,
scrs, privacy
pri vacy would be challenging
challcn ging enough almo st every
enou gh but almost
popular
popul ar free service, including
includin g seasearch engines,
rch eng social
ines, soc ial media, webm a il, now ga
storage and webmail,
medi a, cloud storagc thers
gathers
intrusive
intru s ive amounts of of personal
personal data as a fundamental model. ").
fund amental part of its business model.”).
202.
202. Regulatory
Reg ulator y interventions
inte rvention s that protect inform ation include
prote ct sensitive information HHS 's
inc lude the HHS's
HIPAA
HTPAA anonymization rules and ancl the FTC’s
F'TC' s COPPA
COPPA rule,
rule , which enumerates
enum erate s in its definition sen sitivc
definition of sensitive
information
informati on a user’s
user's first
fir st and last name,
name , address
addr ess (including
(includin g street namc and name of city
strcct name c ity or town and
telephone number).
numb er). SeeSee 45 C.F.R.
C. F.R. pt. 164.514(b)-(c)
164.514 (b)-(c) (2002); C. F.R. pt. 3312
(2002 ); 16 C.F.R. 12(2 014 ) .
(2014).
203. See Ohm, 1143 -44 .
Ohm , supra note 16, at 1143-44.
695
Y ale Journal
Balkin's proposal, on the other

Balkin’s proposal, other hand, is entity-centric,
entity-centric, and offers
offers a new set
certain data controllers
of limits on what certain controllers may do with the consumer consumer data
entrusted to them. Entities
entrusted likc commercial
Entities like commercial ISP ISPs and popular
popular applications
applications
control vast quantities
control quantities of information
information that they have, at times, times, used to harm or
manipulate consumers. 2044 Balkin
manipulate consumers.2'1 argues that these commercial
Balkin argues commercial entities
entities should
should
understood as “information
be understood "information fiduciaries”
fiduciaries" that owe duties
duties to their
their consumers.
consumers.
The duties
duties that Balkin
Balkin sketches
sketches would
would prevent
prevent these entities
entities from using
using data in
ways that directly harmed
ways harmed the consumers
consumers that entrusted
entrusted their data to them.
presently constituted,
As presently constituted, neither
neither approach
approach offers
offers meaningful
meaningful protection
protection
against relational
against rclational control.
control. Ohm's
Ohm 's conception
conception of sensitive
sensitivc data is too narrow
narrow and
overlooks myriad
overlooks myriad information
information that couldcould be used to manipulate
manipulate consumers.
consumers.
Balkin 's conception
Balkin’s conception of harmful
harmful activity
activity misses
misses the possibility
possibility that the sale of
information
information can pose an indirect threat threat of
of consumer
consumer harm. Nevertheless,
Nevcrthelcss, each
proposal provides
proposal provides a coherent
coherent framework
framcwork that could better better protect
protect consumers
consumers
from relational
relational control.
control.
B. Sensitive Data and Relational

B. Relational Control: Novel Protections and Conceptual
Novel Protections Conceptual
Gaps
2
Ohm describes
describes sensitive
scns1tive information "showstopper" º5 that can
information as a “showstopper”205
summon robust
summon robust protections
protections out of otherwise
otherwise lax privacy
privacy regulations,
regulations, if data arcare
206
sufficicntly sensitive.
sufficiently sensitive. "6 For example,
cxample, concern
conccrn for sensitive
scnsitivc data is observable
ob ervable
FTC's recommendation
in the FTC’s rccommendation that data brokersbrokcrs establish
establish opt-out provisions
provisions for
207
protections for particular,
most data, but opt-in protections particular, sensitive
sensitive data.207
data. A sensitive
sensitivc
approach to consumer
data approach consumer privacy
privacy is particularly
particularly appealing
appealing in light of thethc few
limits privacy law places
limits that U.S. privacy places on the sale of digital
digital information. A key
information.
featurc
feature of the "sensitive
“sensitive information”
information" movement
movement is that it frequently
frequently spurs
purs
208
Hatutory and regulatory
statutory regulatory action,2™
action, while
while also being being fueled
fueled by private
prívate
209
industry.
industry.2"4 Trade groups, like the Network
Trade groups, Network Advertising
Advertising Initiative
Initiative and the
Digital Advertising
Digital Advertising Alliance,
Alliancc, and majormajor companies
companies offer
offer their
thcir own (often
civcrgent)2' "0 guidelines
divergent)"1 guidelincs on what information
information is sensitive
sensitive and, unlike
unlike normal
211
éata, cannot
data, cannot be sold for profit.2"
profit. Noting these features,
Noting fcaturcs, Ohm observes
observes that, for
204. e.g.,supra
See, e.g., notes 19-20 and accompanying
supra notes accompanying text.
205. Ohm, supra note 16, at 1129.
Ohm,
206. Id.
207.
201. Brokers,supra note 4, at
FTC Data Brokers,supra al 54.
208. See supra note 202 and accompanying
accompanying text.
209. Ohm, supra note 16,
Ohm, ("f Privare industry
16. at 1138 (“[Private industry actorsl
actorsl are probably
probably motivated
motivatcd to
combination of moral compunction,
draw these lines by a combination compunction, ethical
ethical norms,
norms. market
market demand,
demand. and fear of
consumer backlash
consumer backlash or government
govemment regulation.”).
regulation.").
210.
210. See, e.g., id. at 1138-40; Jim Brock,
See, Brock, VetYet Another
A11other(Better)
(Beller) Definition ooff Sensitive
Defi11itio11 Se11si1ive
Boundaries jorr
fo Ad Targeti11g.
Targeting, PRIVACYCHOICE
PRIVACYCIIOICE (Dec. 14, 2011),
2011).
http: // blog.privacychoice.org /201 l / 12/ 14/yet-anothcr-better-definition-of-sensitive-boundaries-for-ad-
http://blog.privacychoice.org/2011/12/14/yet-another-better-definition-of-sensitive-boundaries-for-ad-
ta:-Jeting (arguing
targeting (arguing that the various
various different
different industry
industry standards
,tandards for sensitive
sensitive boundaries
boundaries should
should coalesce
coalc ce
along the lines of Google’s
Google ·s definition).
dcfinition).
21 l.
211. s11pranote 16, at 1138-40.
Ohm, supra
See Ohm, 1138-40.
696
A New
New Privacy Harm
Privacy Harm
212
212
privacy advocates,, sensitive
privacy advocates sensitivc data “may
"may be the only
only game town" " that can
game in town”"
secure protections
secure where so many
protcctions where other proposals
rnany otber proposals have failed.
havc failed.
1. Possible Protections
1. Possible Protections Against Relational Control
Against Relational Control
A number
number of Ohm’s proposals,
of Ohm's proposals , if implemented,
implemented , could could yield
yield value
value in the thc
looming
looming fight fight against relational control.
again st relational control. First,
First, Ohm’s
Ohm ' s threethree new types types of of
“sensitive”
"sensitive " datadata—precise
- precise geolocation
geolocation data, remoteremote biometric
biometric data data (including
(including
213 are
iris scan
sean and facial facial recognition),
recognítíon) , and communications
communications metadata"1 metadata -—are
particularly
particularly dangerous
dangerous in the context context of relational
relatíonal control. Communications
control. Communications
metadata can offer
metadata powerful maps
offer powerful maps ofof an individual’s social networks and reveal
individual ' s social networks revea!
214 metadata
changes in interactions.
changes interactions.214 For For example,
example, Facebook
Facebook communications
communications metadata
can predict
predict with
with surprising
surprisiog confidence
confidence when
when individuals
individuals will begin romantic
begin a romantic
. t,· 21s
re 1at10ns 1p. '
relationship."1
Second,
Second , OhmOhm argues
argues that U.S.U .S. law should
should evolve
evolve to categorize certain
categorize certain
216
types of datadata as sensitive
sensitive data data “no
"no matter who holds
matter wbo it." A
holds it.”216 core challenge for
cballenge
sensitive data
sensitive data as a partial remedy to relational
partía! remedy control is that
relational control thc vast
that the majority
vast majority
of
of relevant
relcvant U.S. law requires requires only
only “particular actors in particular
"particular actors scctors " to
particular sectors”
217
have any any safeguarding
safeguarding responsibilities
responsíbilitícs for the information. 7 As discussed
tbe information."1 discussed in
218 219
Part II, the constant
constant trading
trading of of data"1
data ' weakens
weakens most most U.S.U.S. sensitive
sensitive datadata laws.
laws."15
Ohm calls for a signíficant
significant expansíon
expansion of U.S. law,
ofU.S. arguing that for certaín
law , arguíng certain types
of sensitive information,
of sensítive informatíon, “we should extend
"we should privacy protection regardless of
cxtend privacy protcction regardless of the
ºfi 1 . l . " 22º
specific
speci 1c relationship.”"20
re at1011s11p.
Third,, Ohm argues
Third argues that U.S. U.S. laws should
should recognize
recognize sensitive
sensitive data even
when
when in unstructured
unstructured forms.
forms. Unlike
Unlike structured
structured data that contain
contain only one typetypc
of information,
of information, like an email address, unstructured
ao email address , unstructured data
data exist
exist “at
"at the whim
whim of
221
the person
person doing
doing data cntry entry—-' ‘comments’
comments ' or '‘notes.’”""1
notes. "' example,, Google
For example
For Google
maintains
maintains a collection
collection of of every
every search
search query
query anyone
anyone has entered,entered , which
which is
perhaps
perhaps the world’sworld's largestlargest database
database of incidentally
incidentally collected sensitive
collected sensitive
information.222 222While technical capacity
information . While technical capacity has traditionally
traditionally limited
limited one’s
one's capacity
capacity
212. Id.
ld . at
atl11136.
36.
213.
2 13. Id. at 1143-44.
1143-44.
2214.
14. Leskovec,
Les kovec, supra note 116.1 16.
2215.
1S. Robinsonn Meyer,
See Robinso Meyer , When You Fall Fa// in Lo
Love,
ve, This Is What Facebook Sees, Sees,
Atlantic
AT LAN TI C (Feb. 15,15. 2014
2014). ), http://www.theatlantic.com/technology/archive/2014/02/when-you-fall-in-
http ://www.th eatl antic .com/technolo gy/ archive/2014 /02/when -you -fa ll-in-
love-this-is-what-facebook-sees/283865.
love-th is-is-what-fa cebook- sees/2838 65.
2216.
16. Ohm,,ssupra
Ohm note 16,
upranotel at 1190.
6, atll 90.
217. Id.
218.
2 18. See Christl Spiekermann., supra note 118, at
Chri stl & Spiekermann ar 45-50 studie s of
45-50 (surveying major studies
dataa transmissions that found that •·37
dat “37 of the 50 most popular
popul ar websites transferred information about
every
eve ry click to ovc
overr 30 third parti es, 22 of them even to more than 60 third parties. The website
parties,
dictionary.com
dictionary .co m transmitted data on every page request to 234 externa! services” (interna!
external services" refe rences
(internal references
omitted)).
omitt ed)) .
219.
2 19. See supra Section
Scction Il.A.
11.A.
220. Id. at
ar 1192.
1192 .
221.
221 . Id. at
at 1192-93.
1192-93.
222. Id. at
at 1193.
1 193 .
697
697
retricve valuable
to retrieve valuable or tailored
tailored information
information fromfrorn massive,
massivc, unstructured
unstructured datasets
datascts
Google's, the
like Google’s, tbc rapidly
rapidly expanding
cxpanding state of computational
computational power, alongalong with
scraping, natural
an array of web scraping, natural language
languagc processing,
processing, and machine
macbine learning
learning
too 1
s, 223
ena bl
tools,"" enablee companies .
compamcs to capture capture and d
an separate .
separatc sensitive. d ata from
sens1ttvc data .., vast,
1rom
unstructured collections.
unstructured collcctions. Google
Google researchers,
researcbers, for example,
examplc, have used machine-
machine-
learning techniques to automatically
learning techniques automatically distinguish
distinguish fluílu symptoms
symptoms from other
searcb queries
search querics analyzed
analyzed from the “billions
"billions of individual
individual searches
scarches from 5 years
224
Google web search
of Google scarch logs.”""4
logs." The power
power of these
tbese new tools
tool underscores
underscores the tbe
necd
need to consider possiblc affirmative
consider possible affirmative protection
protection requirements
rcquirements on unstructured
unstructured
data.
Significant Gaps
2. Significant Gaps with Respect
Respect to Relational
Relational Control
Control
If implemented,
implemented, these thesc three
threc proposals
proposals might reduce
reduce certain
certain manifestations
manifestations
relational control.
of relational control. Nevertheless,
Nevertheless, Ohm’s
Ohm's proposal
proposal is not designed
designcd with
rclational control
relational control in mind. As presentlyprcsently constituted,
constituted, it can provide
providc only
marginal protection
marginal protection against
against the
thc threat
thrcat of relational
relational control.
control.
Ohm's proposals
Ohm’s proposals do not address
addrcss many
many information
information types that can be used
relational control.
to exert relational control. Data
Data that provide
provide deep insights
insights into both behavior
behavior
:J.nd interactions—
and interactions-forfor example,
cxample, browser
browser history,
history, calendar data, purchase
calendar data , purchase
reeords,
records, and social
social network
network metadata—are
metadata-are particularly
dangerous in the handsbands
of peers.
pcer s. To protect
protect against
against or manage
manage the risk of relational
rclational control,
control, Ohm’s
Ohm 's
proposal would
proposal would need to be significantly
significantly expanded
expanded to include
include as sensitive
sensitive a
larger body of data. Recognizing
much larger Recognizing these data types as sensitive sensitivc could
triggcr new regulatory
trigger regulatory requirements,
requirements, limiting
limiting the
thc circumstances
circumstanccs in which whicb this
information could
information could be transferred
transferred through,
tbrough, among
among others,
others, thetbe FIPPs of “purpose
"purpose
specification" and “use
specification” "use limitation,”
limitation," which
which can reducereduce the likelihood
likelihood that
sensitive data will wind
sensitive wind up in thethc hands ofof data brokers
brokers who are in turn free to
sel! data to individual 225
sell individual consumers
consumers that cannot
cannot show a validval id purpose.225
purposc.
C. Information
C. Jnformation Fiduciaries
Fiduciaries and Relational Conh·ol: A Theoretical
Relational Control: Theoretical Path To
Improve Sale and Storage
Improve Storage Practices
Practices
Balkin also looks to jumpstart

Like Ohm, Balkin jumpstart privacy
privacy scholarship
scholarship by arguing
arguing
tbat a fiduciary
that rclationship 226 exists
fiduciary relationship226 exi ts between
between consumers
consumers and data holders.
holdcrs.
223.
223. 1194;
See id. at 11 Liune Colonna,
94; Liane Tawnomy and Classification
Colonna, A Taxonomy Classijicarionooff Data
Data Mining,
Mining,
15 SMU & TECH.
SMU SCI. & TECII. L. R ev .309,
REV. 309, 332-34
332-34 ( 2013).
(2013).
224. Ohm, supra note
Ohm, supra note 16,
16. at 1195
1195 (quoting
(quoting Jeremy
Jcremy Ginsberg
Ginsbcrg et aal..
t. Detecting Influenza
De1ecri11g/11jl11
enza
Evide111ics
Epidemics Using Search
Using Search Engine
Engi11eQuery Da1a.457 NATURE
Que,y Data, NATURE 1012.
1012, 1013 (2009)).
225. Id. at 1138.
1138.
226. Other scholars have have also proposed some
sorne fiduciary
fiduciary obligations
obligations for information
information
services. See N
strvicc,. See NEIL RICIIARDS. INTELLECTUAL
eil RICHARDS, INTELLECTUALPRIVACY:
PRIVACY: RETHINKING
RETHINKINGCrVIL
CIVIL LIBERTIES
LiBERTIESIN IN THE
THE DIGITAL
DIGITAL
AGE 282 (2015); Jerry
AGE Selj-Surveillance Privacy,
Jcrry Kang et aalt,.• Self-Surveillance Privacy, 97 IOWA
IOWi\ L. REV.
REV. 809,
809,8812,
12, 831-32 (2012);
831-32(20 12);
Markets and
Kenneth C. Laudon, Markets a11dPrivacy,
Privacy, COMMS.
COMMS. ACM 92, 101 101 (Sept. 1996). See generally
general/y Richard
R.W.
R Knowledge in
Brook~. Knowledge
.W . Brooks, in Fiduciary
Fiduciary Relations,
Re/a1io11s, PIIILOSOPinCi\L FOUNDATIONS
in PHILOSOPHICAL FOUNDATIONSOF OFFIDUCIARY
FIDUCIARY LLAWaw
(Andrcw S. Gold & Paul B. Miller
(Andrew Miller eds.,
cds., 2014).
698
698
A New Privacy
Privacy Harm
Balkin argues
Balkin argues this relationship,
relationship, like other fiduciary
1ike other relation ships , can be
fiduciary relationships,
regulated
regu 1ate d
?b7
221 . h
without . ¡
violating
w1t out vio atmg freedom . freedom of contract
contract
2228
28
or the First First
229
Amendment.229
Amendment.
230
Balkin analogizes
Balkin analogizes information
information servicesservices and service providers
service providers-' doctors
to doctors
and lawyer
lawyers, s, who
wbo owe a common-lawcommon-law duty of loyalty and confidentiality confidentiality to
231
their clients
clients and patients Balkin proposes
patient s..2’1 Balkin proposes that certain duties of loyalty and
ccrtain duties
attach to a wide array
care attach array of of entities
entities,, "“including]
includ[ing] bookstores,
bookstores, search engines ,
search engines,
ISPs,, email providcrs
ISPs providers,, cloud cloud storagestorage services
services,, providers
providers of physicalphysical and
streamed video
strearned video,, and websites websites and social social networks
networks when they deal in our
232
intellectual data”
intellectual data " (information fiduciaries)."'"
(information fiduciaries). Under Balkin
Undcr Balkin’s framework , each
' s framework,
of these
tbesc entities
entities wouldwould owe consumers consumers some degree degree of fiduciary obligation s
233
233
when controlling
when controlling their data.
data .
with Obm
As witb Ohm’s sensitive data proposal,
' s sensitive proposal, Balkin's information fiduciaries
Balkin’s infonnation fiduciaries
framework is ill-suited
framework ill-suited as proposed proposed to protect protect consumers
consumer s frorn relational
from relational
control. Balkin’s
control. Balkin ' s framework
framework is designed designed to protect
protect consumers
consumers from direct ill ill
234
treatment
treatment by the companies
tbe companies that initially
initially collect
collect their data
data ,
, " '4 rather
rather than from
the indirect
indirect relational
relational abuses transaction s enable. Balkin
abuses that data transactions Balkin doesdoe s not
explore wbetber
explore whether and how to extcnd extend fiduciary
obligations to data sale.
Concerned that such obligations
Concerned obligations would undermine the financia!
would underminc financial viability
viability of
235
information
information services
services ,2 Balkin also disputes
, 0 Balkin disputes,, at least to some
sorne extent,
extent , the idea
227.
227. Balkin,, supra note 19,
See Balkin 19 , at 1205 (“The
("Th e idea fiduciar y duties gives us
ide a of fiduciary usaa way
out of the neo-neo-Lochnerian
Loc hnerian modcl model that bind bindss First Amendment
Firsr Amendm ent freedoms
frecdoms to contractual freedom. Tt
contra ctual freedom. It also
offers
offe rs us a way of ex explaining
plaining why cen certain
ain kinds of information
inform ation are matters of private co nce rn that
prívate concern
governments
go vernments ca cann protec
protectt through
throu gh reasonable
reasonabl e regulation.
reg ulation. My centralce ntral point is that certain kind s of
ce rtain kinds
information co constitute
nstitut e matters of private prí vate co concern
nce rn not becabecause
use of their
the ir content,
co111em , but soc ial
beca use of the social
bue because
relationships that produ produce them .") .
ce them.”).
228..
228 A maj major dilemma raised in pri
or dilemma privacy
vacy scholarship
scho larship is how to treat co mpan y' s
trea t a company’s
privacy
privac y policy, and to what ex extent privacy
tent the priva should be understood as a contract
cy policy should bind s both
contra er that binds
consumers
co nsumers to (often-unco
(often-unconsidered)nsidered) ag agreements
reements and co companies
mpani es to prior promises of privacy.privacy . See, e.g ., M.
See. e.g., M.
Ryann Ca
Rya Calo, Against
lo , Aga inst Notice Skepticism
Skepti cism in Pri Privacy Elsew here), 87 NOTRE
vacy (and Elsewhere), NOTRE DAMEDAME L. L. REV.
REY. 1027
(2012)
(20 ; Daniel
12) ; Dan iel J.J.Solove
Solove, PrivacySe/f-Ma11
, Privacy Self-Management
age men1 a11 and
d the Dilemma,126
ConsentDilemma,
theConse111 H a r vL.
126HARV. . L. R e v1880
REY. . 1880
(2013)
(201 ; Sovem,
3); Sove supranote
rn , supra note177.177.
229.
229. See,, e.g.
See e.g.., Volokh,
Volokh , suprasupra note 114, at 1051 105 1 (arguing that many privacy laws
regulating
reg ulating the sale and disclosure disc losure of of personal information are unconstitutional
personal information under existing Fir
uncon stituti onal under st
First
Amendment
Am endment law) law)..
230. Compare Prot Protecting
ccting and Promoting
Prom oting the Open Int Internet,
ernet , 80 Fed. 19,738 ,
Fed . Reg. 19,738,
19,741
19 ,74 1 (Apr.
(Apr . 13 13,. 20
2015) (defining
15) (defi nin g a broadband
broadb and internet
intcrnet access Teleco mmuni cations Act of
access service) with Telecommunications
1996,
1996 , Pub. L. No. 104- 104-104,
104, § 3(a)(2),
3(a)(2) , 110 Stat.Stat. 56,56 , 58-60 (1996) (co difi ed at 47 U.S.C.
( 1996) (codified 153(24))
U.S. C. § 153(24))
(defining
(definin g an information servicc). service).
231.
23 1. BalkinBalkin,supra 1205 .
notee 19, at 1205.
, supra not
2 3 2 ..
232 Id. at 1221122 1 (quoting NEIL RICI-IARDS,
(q u o tin g NEIL INTELLECTUAL PRIVACY:
RICHARDS, INTELLECTUAL RETHINKING
PRIVACY: RETHINKING
CIVIL
C iv il LLiBERTIE S in
ib e r t ie s D ig it a l AGE
t h e DIGITAL
IN THE 282 (2 015
A g e 282(2 )) .
0 1 5 )).
233. Balkin does does not specify
spec ify the exact ex act scope obliga tions , which may also
sco pe of these obligations,
differ dcpendin
differ dependingg on the informationinformation fiduciary’s
fiduc iary's co commercial
mmerc ial activities. e.g ., Balkin,
See , e.g.,
activities . See, supra note 19,
Balkin , supra 19 , at
1228.
1228.
234..
234 e.g., id. at 1187-94
See, e.g., 1187-9 4 (desc(describing rece nt Facebook
ribin g a recent stud y aimed at
Face book study
manipulating
manipul ating the voting preferences
prefe rences of its users).
use rs).
235.
23 5. See id. at 1227 (" (“It cannot be the case that the basic business model of free or
lt cannol
subsidized online serv services
ices inherently violates fiduc fiduciary
iary obligations therefo re ca
obliga tions and therefore illega l.
cann be made illegal.
‘Fiduciary’
' Fiduc iary' does not mean ‘not profit. "') .
' not for profit.’”).
699
699
Yalc Journal
that fiduciary obligations should
should trigger
trigger liability
liability for possible,
possible , indirect
indirect harms
harms to
cnd-users. 236
end-users.2’6
Nonetheless,
Nonetheless, Balkin
Balkin’s's framework
framcwork can be extended extended to combat
combat the threat
thrcat of
relational control
relational control without
without threatening
threatening the basic viability viability of a free services
services
model. The responsibilities
model. responsibilities of information
information fiduciaries
fiduciaries could be expanded
expanded to
what data companies
limit what companies can sell scll to brokers
brokers and, in particular,
particular , the terms
terms of
agreemcnts. The 2014 FTC report
these agreements. report notes that tbat some
sorne data sellers
sellers demand
demand
237
consumer protections
consumer protections in their contracts
contracts with brokers.2'7
brokcrs. Contractual
Contractual provisions,
provisions,
if consistently
consistently applied
applied across
across most information
information services
services and service
service providers,
providers,
could protect
could protect consumers
consumers to a significant
significant degree
degree from the thc possibility
possibility of
relational control.
relational control. Unlike
Unlike many other other harms
harms associated
associatcd with data broker broker
238
practices,
practices,*" relational control
relational control becomes
becomes a possibility
possibility whenwhen data brokers
brokers sell
consumcr information individuals. Accordingly,
consumer information to individuals. Accordingly, restrictions
restrictions on subsequent
subsequent
sales, re-identifying
sales, re-identifying anonymized
anonymized data, and the thc use of data beyondbcyond a specified
spccified
purposes could
set of purposes could mcaningfully
meaningfully limit the ability ability of interested
interested consumers
consumers to
purchase data.
purchase
While Balkin
While Balkin does not discussdiscuss how or if fiduciary fiduciary obligations
obligations might
Jxtcnd to data sales,
extend sales, his fiduciaries
fiduciaries framework
framework could crediblycredibly be extended
extended to
oblígate companies
obligate companics to store data securely,securely, and restrict
restrict what third parties
parties and
brokers may control,
data brokers control, sell, and use. use . A broader
broader construction
construction of ftduciary
fiduciary
obligations that extends
obligations extends to data sale and storage
storage does not stretch Balkin Balkin’s's model
beyond its intended
beyond intendcd scope,
scope, as restrictions
restrictions on what data can be sold are included included
among the fiduciary
among fiduciary obligations
obligations for doctors
doctors and lawyers
lawyers and, more importantly,
importantly ,
consistent with the general
are consistent general implicit
implicit and explicit
explicit assurances
assurances that information
information
f:duciaries make to consumers
fiduciaries consumers thatthal they
thcy may be trusted
trusted with consumer data. 239
consumer data.239
VI. Doctrinal
Doctrinal Rccornrnendations
Recommendations in Light
Light of Relational
Relational Control
Protecting consumers
Protecting consumers from relational
relational control
control presents
presents a considerable
considerable
challenge, given
challenge, given the inflexible
inflexible state of U.S. privacyprivacy law and the thc legal
challengcs posed
challenges po ed by both the First First Amendment
Amendment and contract
contract law. Further,
Further,
because the threat
because threat of relational
relational control
control both emerges
emerges from a wholly
wholly legal
activity (data purchase)
activity purchase) and is the manifestation
manifestation of quintessential
quintessential human
instincts (to learn about one’s
instincts one's peers
pecrs and make choices choices based
based on that
infonnation), there is no single answer
information), answer to this threat
threat that remains
remains consistent
consistent
with U.S.
with U.S. law. Part VI offers
offcrs some initial doctrinal
doctrinal recommendations
recommendations to protect
protcct
consumers from the
consumers thc threat
relational control.
control. As these
thesc proposals
proposals are the first
respond to the relational
to respond relational control
control harm, they are not exhaustive
cxhaustive and unlikely
unlikely
236. (" everthcles,, if we impose

See id. (“Nevertheless, irnpose fiduciary obligations
obligatiom, that are too broad, it
rnight follow that online service providers
might providers could not make any money at all ali from this data because
becausc the
dua might be used in some
data sorne way to some
sorne end-user's
end-u,er's disadvantage.”).
disadvantage.").
237. Dala Brokers,
See FTC Data Brokers , supra note 4,4. at
al 16-17.
16-17.
238. lntroduction .
See supra Introduction.
239. Balkin ,su
See Balkin, pra note 19,
supra 19. at 1203-05.
700
New Privacy
A New Privacy Hann
Harm
to offer
offer a comprehensive
comprehensive solution. Note invites
solution . This Note invites follow-up proposals and
follow-up proposals
remedies
remedies in the years
years ahead.
A. Congressional Privacy Re
Congressional Privacy forms
Reforms
Congress
Congress should
should pass legislation
legislation that unambiguously
unambiguously protects
protects consumers
consumers
from a significant
frorn significant relational
relational control
control threat:
threat: the content
content and meta-data
meta-data of
electronic
electronic communications.
communications. The SCA prohibits prohibits providers
providers of electronic
electronic
communications
communications services
serv1ces (ECS) (ECS) from from divulging
divulging the contents ofof
the contents
communications
comrnunications to private parties while
prívate parties while those communications are "“in
those communications in
240
electronic storage."
electronic storage.’'"4'1 ltIt also prohibits
prohibits providers
providers of of a remote
remote communications
communications
service (RCS) from
service from divulging
divulging the contents communications "carried
contents of communications “carried or
24 1
maintained
rnaintained on that service.”2
service." 41 However,
However, these prohibitions contain significant
prohibitions contain significant
gaps. The SCA allowsallows entities
entities that qualify
qualify as neither
neither ECSECS nor RCS to disclose disclose
242
communications
communications to third parties,242parties , as well as ECS providers disclose the
providers to disclose
243
content
content ofof communications
communications that are not in electronic electronic storage."4'
storage . Additionally,
Additionally ,
the SCA offers
offers no protections
protections for the metadatametadata associated
associated with the content content of
244
communications.
communications.
Congress should
Congress should claseclose these gaps by passingpassing legislation
lcgislation that prohibits
prohibits any
person
person or entity from disclosing,
entity from disclo sing, without
without consent,
consent, to non-governmental
non-govemmental persons
persons
entities the content
and entities content and metadata metadata of of other
other formsforms of electronic
electronic
communication.
communication. Already,
Already , there is political interest in some
political interest reforms. In
sorne of these reforms.
245
2016,, the House
2016 House of Representatives
Representatives passed passed the Email
Email Privacy
Privacy ActAct,, 419-0.
419-0."42
The House Bill amends amends 18 U.S.C. § 2702 to bar (1) an ECS from selling selling to
third parties
parties the content
content of of any communication
communication “that "that is in electronic
electronic storage
storage
with or otherwise stored,
otherwise stored, held , held, or maintained
maintained by that service,”
service ," and (2) an RCS
from
frorn selling
selling to third parties
parties the content
content of any communication
communication communications
communications
246
"“that
that is stored, held,
he ld, or maintained
maintaincd by that service."
service.”246 This expand s
Thi s language expands
the scope
sco pe of of the SCA to protect the content cont ent of of aallli w
wire
ire and electronic
electro nic
communications
co mmunic ation s that are controlled
contr olled by an EC ECSS or RCS.
RCS.
240.
240 . 18 U.S.C.
U.S .C. § 2702(a)(1)
2702(a)( I) (2012).
(201 2) .
241.
241 . 18 U.S.C.
U .S.C . § 2702(a)(2)
2702(a)(2) (2012).
(201 2).
242. Sec See Wesley
Wes ley College
Co llcge v. Pitt
Pitts,
s, 974 F. Supp.
Supp . 375 (D.(D . Del. 1997) (“Thus,
("Thu s. a person
who docs
does not
nor provide
prov ide an electronic
elecrro nic communication
com muni cation service
serv ice (like Ferguson and Hud Hudson)
so n) can
ca n disclose
disclose or
use with
wirh impunity
impun ity the contents of an electronic communication
clcc tronic co mmu nication unlawfully
unlaw fully obtained
obtaincd from electronic
storage.”).
storage."').
243.
24 3. Jennings
See Jennin gs v. Jennings, 7366 S.E
Jennin gs . 73 S.E.2d 242, 245
.2d 242,2 45 (S (S.C. 2012)
.C . 201 2) (holding that emails
"“were electronicc storage.,
we re not in electroni storage” afrcr
after plaintiff
plaintiff “left
"left the single copie
copiess of
of his e-mails on the Yahoo!
Yahoo 1 server
and apparently did not download thcm them or save anoth
another of them in any other location”).
er copy ofthem location") .
244.. Cf. 18 U
244 U.S.C. 2702(a)(3) (2012) (prohibitin
.S .C. § 2702(a)(3) (prohibitingg an ECS or RCS from “knowingly
"knowingly
divulgfingl
divul g[ingl a record or other information pertaining
pcrta ining to a subscriber .... . . to any government entity”).
gove rnment entity").
245.. H.R.
245 H.R. 699, 114th Cong. Con g. (2016),
(2016 ) . http://www.congress.gov/bill/114th-
http ://www. con gress .gov/bill/11 4th-
congress/house-bill/699/text;
co ngress/ house-bill /699/text ; Dustin Volz, Email ail Privacy Bill
E111 Bi/1 Unanimously
U11a11i111ous/y Passes U.S. House,1-/ouse ,
REUTERS
R EUT ER (Apr.
(Apr. 27, 2016, 2016 , 4:56 AM), AM) , http://www.reuters.com/article/us-usa-congress-email-
http://www.reut ers.com/article /us-usa-congress -email-
idUSKCN0XOlJ7.
idUSK CNOXO IJ7 .
246.
246. H.R. 699,
699, 114th Cong.
Cong . § 2(a)(l)(A)-(B) (2016).
2(a)( l )(A)-(B) (201 6).
701
Y ale Journal
Yale Journal on Rcgulation
Regulation 34, 2017
Vol. 34,
The Email Privacy Act does doe s not currently

currcntly impose
impo sc any restrictions
rcstrictions on any
person or entity
person entity that does not qualify
qualify as an ECS or RCS but nonetheless nonethcless might
somchow acquirc clectronic communications.
somehow acquire electronic communications. The Email Email Privacy
Privacy Act also does
addrcss the sale of
not address of metadata—which
metadata - which can provide provide clear
clear maps of social
relationships
relationships and how they evolve evolve over
over time. When
When the Senate
Senatc next considers
considers
Email Privacy
the Email should (1) amend
Privacy Act, it should amend the proposed
proposcd legislation
legislation to move
away from an entity-centric
away cntity-centric regulatory
regulatory model with respect rcspcct to the thc sale of
communication
communications, s, and (2) adopt
adopt new protections
protcctions against
against the commercial
commercial sale of
metadata . Such an amended
metadata. amended EmailEmail Privacy
Privacy Act wouldwould provide
provide meaningful
meaningful
protection against
protection against thethc abuse
abuse of a particularly
dangcrous typetypc of data. The law
would also
would reflcct both Congress’s
also reflect Congress's longstanding
longstanding preference
preference for narrow
narrow privacy
privacy
reform s and longstanding
reforms longstanding U.S. commitment
commitment to the privacy privacy of written written
· 247247
expression.
exprcss1on .
Congress could
Congress could make
makc an array
array ofof changes
changes to existing
cxisting federal
federal statutes
statutes and,
rcsult , meaningfully
as a result, meaningfully limit (but not eliminate) eliminatc) the threat
thrcat of relational
rclational
248
control.
control.' Howcver
However these changeschangcs are unlikely,
unlikely , due
duc to the
thc fact that data sale
has become
become such such an important
important part of the internet
internct economy,
economy, the difficulty
difficulty
inhercnt mounting a major lobbying campaign,249 249
inherent in mounting major lobbying campaign , and that Congress Congress is likely
prioritize privacy
to prioritize privacy reforms
reforms in the national
national security
security space in the thc near
near term
tcrm over
those in the commercial
those sphcre .250 Additionally,
commercial sphere.250 Additionally , while
whilc updating
updating existing
cxisting
privacy rules in laws such as HIPAA
privacy HIPAA and FERPA FERPA would would likely
likcly prove
bencficial, it could
beneficial, could also have have unintended
unintcndcd negative
ncgativc effects
cffects on the economy,
economy,
removing
removing a significant
significant income stream
incomc stream from free applications
applications and sites sitcs that
collect data related
collect relatcd to one’s health or education.2^1
one's health 251
education.
B. Privacy
B. Priva cy Torts Reconsidered
Common law courts

Common courts could
could also provide
provide an ex post remedy
remedy for victims
victims of
relational control
relational control and related
relatcd privacy
privacy harms
harms by extending
extcnding existing
cxisting privacy
privacy and
negligcnce rcflect contemporary
negligence torts to reflect contemporary technological
tcchnological sensibilities.
sensibilitics.
247. See 18 U.S.C. § 1702 (2012) (201 2) ("Whoever

(" Whoever takes any letter,
letter, postal
pos tal card,
ca rd , or package
pac kage
fof another)
[of ano ther J . .... or ope ns. secretes, embezzles, or
opens, o r destroys the same,
same. shall
shall be fined
fincd under this title or or
impri so ned not
imprisoned nor more than five years,
yea rs, or both.*’).
both ."').
24 8.
248. general/y supra Parts II
See generally TI & IV.
lV .
249 .
249. See
See,, e.g., Ohm , supra note 16,
e.g., Ohm, 16, at 1140.
1140.
250. See, e.g., Richard A A.. Hertling
Hertlin g & & Kaitlyn McClure,
McClur e, In
/11Congress: Trade. Privacy,
Pril-acy .
Fiscal 20 17, L
."'isca l Year 2017, LAW360
aw 360 (Apr. 24.20 16), http://www.law360.com/articles/788308/in-congress-trade-
24. 2016), http ://www .law360 .com/ articl es/788308/ in-co ngres s-trade-
privacy- fisca l-ycar-201 7; Republican/Conservative
privacy-fiscal-year-2017; Republicc111 /Co11serva1ive Bills
Bilis Supported
Supp orted and Opposed,
Opposecl, M ap L iGHT (Jan.
MAPLIGIIT (Jan . 25,
25 ,
201 7), http://maplight.org/us-congress/interest/Jl
2017), http ://maplight.or g/us-congress/ interest/J 1100/bills.
25 1. See, e.g.,
251. e .g., Thorin Klosowksi, um ooff Health
Kloso wk si, Lots /l ea/ti, Apps
App s Sell
Sel/ Your Data.
Data. Here's
1/ere's Why,
Why.
LIFEIIACKER (May 9, 2014,
LlFEHACKER 20 14, 10:00 AM). http ://lifehacker.com/lots-o f-hea lth-apps-are-s ellin g-yo ur-dat a-
AM), http://lifehacker.com/lots-of-health-apps-are-selling-your-data-
heres-why- l 574001 899.
heres-why-1574001899.
702
A New
New Privacy
Privacy Harm
1. Peer Data Purchase

1. Peer Purchase as Privacy
Privacy lntrusion
Intrusion
The Second Restatement of Torts defines

Second Restatement defines the tort of intrusion intrusion upon
seclusion
seclusion as follows:
follows: “[o]ne
"[o]ne who intentionally
intentionally intrudes, physically or otherwise,
intrades, physically otherwise,
upon the solitude
solitude or seclusion
seclusion of another
another or his privateprívate affairs
affairs or concerns,
concerns, is
subject
subject to liability
liability to the other
other for invasion
invasion of his privacy, intrusion would
privacy, if the intrusion
252
be highly offensive
oflensive to a reasonable
reasonable p e r s o "n . TThe
person. h e Restatement's
Restatement’s CommentsComments
clarify
clarify that the intrusion intrusion may involve involve sornesome form of investigationinvestigation or
examination into a person’s
examination person 's private
private concerns,
concerns , "as “as by opening
opening bis his private
prívate and
personal
personal mail mail, , searching
searching his safe
safc or his wallet,
wallet, examining
examining his prívate
private bank
account,, or compelling
account compelling him by forged forged court order order to permit
permitanan inspection
inspection of bishis
253
personal
personal documents.”253
documents." possible that courts could view the purchase
Thus, it is possible
Thus, purchase
of a peer’s sensitive data-
peer ' s sensitive data— such as their emails or GPS data—as
their emails data- as an
investigation tbat
investigation that intrudes
intrudcs on their
thcir seclusion.
seclusion.
Courts
Courts to date have held that the thc sort of incursions
incursions uponu pon privacy
privacy that result
result
254
from data sale fall well short of the “highly "highly offensive” standard. 4 Relational
offensive " standard." Relational
control
control poses two new dilemmas dilemmas for common conunon law courts to consider consider in the
years ahead.
ycars ahead. First, as a preliminary
preliminary matter, whether a plaintiff
matter, whether plaintiff can claim a
privacy
privacy interest
interest in the data that are legally controlled controlled by a third party. Second Second,,
whether
whether an acquaintance’s plaintiff's data is highly offensive
purchase of the plaintiffs
acquaintance's purchase offensive to
a reasonable
rcasonable person.
ltIt is a structural
structural fcature
feature of
of the
thc digital
digital age that one’s one ' s personal
personal data, over ovcr
which
which it was once possible possible to exercise
exercise sole control,control , are now inevitably
inevitably
255
possessed
possessed by some sorne third parties."
parties. 5 Whatever
Whatever one does online online will be recorded
recorded
by many entities—among
many entities - among them the commercial
comrnerciaJ ISPs,
ISPs , third party advertisers,
advertisers ,
host websites
websites (as well as perhaps perhaps an array of state intelligence agencies).
statc intelligence agencies).
Internet users
Internet users should
should not lose their privacy
privacy interests
interests in theirthcir most intimate
intimate data
simply because
simply structure of
because the structure of the internet
intemet does not allow allow them to operateoperate
online without
online without sornesome actors
actors gaining
gaining control
control over over the records
rccords of their onlineonline
256
activity.256
activity. This view is supported
supported by Justice concurrcnce in U.S.
Sotomayor’s concurrence
Justice Sotomayor's U.S.
252.
252. R
RES TATEMENT (S
estatement (SECON D)) of
econd OF T
TORTS § 652B (Am. Law
orts L aw Inst.
ln st . 1977) (emphasis
(emphasis
added).
addcd).
253.
253. Id. emt
cmt b.
b.
254. See supra Section II.B. I1.B.
255. Cf.
Cf. Robert
Robcrt S. Litt,
Litt , The Fourth Amendment
Founh Amendm ent in the Information Age, 126
o11Age,
!11for111ati 126 YALE
Y ALE
L.J.F.
L.J.F. 8, 15
15 (Apr.
(Apr. 27, 2016) (" (“To
To this
this extent.
extent, 1 I agree w with
ith those
those who criti
criticize
cize the proposition that
the broad proposition
any
a11y information
in formati on that is disclosed to third thircl parties
parties is
is outside the protection
the protecti on of the Am enclment .
the Fourth Amendment.
Courts can appropriately
Courts appropriately take into account whether informationinformation is content or non-content inform ati on,
information,
whether it is publi
publicly disclosed
cly di sclosed through social media or is storecl stored in the equivalent
equival en! of of the cloucl,
cloud, or
whether its exposure is '‘voluntary'
its exposure voluntary ' only in the the most technical senscsense because
because of the demands
the cl modern
emancls of modern
technology.”
tcchnology (emphasis in original))
." (emphasis
256.
256. See Mary
M ary Madden,
Maclden, Public
Publi c Perceptions
Percepti ons of o f Pri
Privacy
vacy and Security in the Pos Post-
t-
Snowden
Sno wden Era, (Nov.. 12, 2014)
Era , PEW (Nov 2014)., http://www.pewintern
http://www.pewinternet.Org/2014/l
et.org/2014/11l/12/public-privacy-perceptions
/12/publ ic-pri vacy-perceptions
(“91%
("9 1% ofof adults
aclults in the survey ‘agree’
' agree' or ‘strongly
'strongly agree' that consumers
consumers havehave lost control over how
personal information
informati on is collected
coll cctecl and used by companies.”).
companies.") . Even Even the technologies
technologies that allow
“anonymous
•·anony mous browsing”
browsing" should probably not be viewed as as reliably prívate, as
reliabl y private, as intelligence and both
intelli gence and
703
Yale Journal
Regulation Vol. 34,2017
34, 2017
v. Jones,
v. Janes, which
which pushed
pushed back on the idea that third party possession possession of data
257
invalidates an expectation
invalidates expectation of privacy
privacy from otherother third parties.2
partics. 1'7 As a threshold
threshold
determine whether
issue to determine whcther certain
certain instances
instances of relational
relational control
control may constitute
constitutc
a tortious
tortious invasion
invasion of privacy,
privacy, courts
courts should
should recognize
recognize a continued
continued privacy
privacy
interest in private
interest privatc information
information that necessarily
neccssarily must exist exist in the hands
hands of certain
certain
third parties.
partics.
recognize an intrusion
In order to recognize intrusion tort for certain
certain instances
instanccs of relational
relational
control, courts
control, courts wouldwould need to find that the thc intruder’s
intrudcr's purchase
purchase of data was
"highly offensive.”
“highly offensive." Some Sorne courts
courts have interpreted
intcrpreted the “highly
"highly offensive”
offensive"
standard as an unreasonably
standard unreasonably high bar to recognizing recognizing intrusion
intrusion case. For
example, some
example, sorne courts have held hcld that an individual's
individual’s unauthorized
unauthorizcd access
acccss of
258
another's email failed
another’s failcd to meet the standard
tandard for “highly
offcnsive" behavior,2
behavior, 1,8
interpretation that seems
an interpretation scems unreasonable
unreasonable givengivcn that the Second
Second Restatement’s
Restatement's
._,omment includes
comment includes the opening
opening of mail as an exampleexample of intrusion.
intrusion. Similarly,
Similarly, it
would seem that a consumer’s
would consumer's purchase
purchase of another’s
another's GPS data or bank
transactions could constitute
transactions constitute an intrusion
intrusion upon
upon that person’s
person 's seclusion.
scclusion.
prohibition that target’s
A legal prohibition target' the purchaser’s
purchascr's behavior
behavior nevertheless
nevcrtheless also
invites pitfalls.
invites pitfalls. An overbroad
ovcrbroad interpretation
interpretation of “highly"highly offensive”
offensive" could
undennine the value
undermine value of consumer
consumer data that is i sold to commercial
commercial entities
entities for
advertising purposes.
advertising purposes. Similarly,
Similarly, an expanded
cxpandcd intrusion
intrusion tort could chill digital
digital
consumers' acquisition
consumers’ acquisition of consumer
consumer information
information for non-harmful
non-harmful ends.end . As
courts consider
courts considcr the specific
specific fact patterns
patterns that wouldwould trigger
trigger liability
liability for
intrusion, courts
intrusion, courts should
should understand
understand “highly
offensive" in light of evolving
evolving
activity, while
norms of digital activity, while being
bcing careful
careful not to invite over enforcement
enforcement
with too broad construction. 259
broad a construction.259
government and commercial

government commercial entities
entities will remain in a tug of war over over activity
activity that takes
takcs place over
over these
technologies.
technologies.
257. See 565 U.S. 400, 400, 418 (Sotomayor,
(Sotomayor, J., concurring)
concurring) ("But
("But whatever
whatcver the societal
societal
~xpectations. they can attain constitutionally
expectations, constitutionally protected
protccted status
status only if our Fourth Fourth Amendment
Amendment
jJrbprudence ceases
jurisprudence ceases to treat secrecy
sccrecy as a prerequisite
prcrequisitc for privacy.
privacy. I would
would not assume
assume that all ali
i,fonnation voluntarily
information voluntarily disclosed
disclosed to somesorne member
membcr of the public for a limited limited purpose
purpose is, for that reason
llone, disentitled
alone, discntitlcd to Fourth Amendment
Amendment protection.”).
protection.'"). See also
a/so id. at 427-29
427 -29 (Alito,
(Alito, J.,
J. , concurring)
concurring)
:-:,bserving that privacy
(observing privacy expectations
expcctations are in flux in the new ncw technological
technological environment
environment that allows allows
,•1ireless carriers
wireless carriers to store precise
precise GPS data, data , and arguing
arguing that legislatures
legislatures are better
bettcr suited
suitcd than courts
courts are
-o address
:o address privacy
privacy standards).
standards).
258. See, e.g..
e.g .. Smyth v. Pillsbury
Pillsbury Co.,
Co .. 914 F. Supp. 97, 11 11 I.E.R.
I.E .R. Cas. (BNA)
(BNA) 585, 585. 131
131
_a b.. Cas.
-ab (CCH) Jl/ 58104
Cas. (CCH) 58104 (E.D. Pa. 1996) (applying(applying Pennsylvania
Pennsylvania law,law , holding
holding that despite
dcspite assurances
assurances
communications would
that e-mail communications would not be intercepted,
interccpted, management's
management ' s confiscation
confiscation of an employee’s
employec's
email was not highly offensive offensive because
bccausc the emails
emails sent
sen! included
includcd inappropriate
inappropriate and unprofessional
unprofessional
comments): Thompson
comments); Thompson v. Ross, 201 O WL 3896533
Ross, 2010 3896533 (W.D. 201 O) (applying
(W .D. Pa. 2010) (applying Pennsylvania
Pennsylvania statestatc
c::unmon law,
common law. dismissing
dismissing plaintiffs
plaintiffs claim
claim that his ex-girlfriend
ex-girlfriend had provided
provided hishi personal
personal computer
computer to
coworkers, who were able to gain,
coworkers, gain. search,
search, and extract
extract old emails
emails from the computer
computcr hard drive,
drive, because
because
h~ failed
he failcd to show that his employer
employer invaded
invadcd his privacy).
privacy).
259. example, it might be unwise
For example, unwise to expand
expand intrusion
intrusion doctrine
doctrine such that it covers
covers
b~havior like
behavior likc the hypothetical
hypothetical that opened
opcned this Note,
Note, as it is increasingly
increasingly common
common practice
practice toto research
rcsearch a
n,~w person
new pcrson before
bcfore you meetmect them.
them. Cf. Maureen
Maureen O O'Connor
’Connor,, The NewNell' Abstinence:
Absti11e11ce:Not Googling
Googling Your
Oate, NYM
Date, NYMAG (Junc 22, 2014),
aG (June 2014), http://nymag.com/thecut/20l4/06/new-abstinence-not-googling-your-
http://nymag.com/thecut/2014/06/new-abstincnce-not-googling-your-
date.html.
d.1te.html.
704
•704
A New Privacy
Privacy Harm
Harm
Unrestrained Data Sale as Ncgligent

2. Unrestrained Negligent
While
Wbile an expanded intrusion tort could allow certain
expandcd intrusion certain victims relational
victirns of relational
control
control to sue their controller,
controller, common
cornrnon law courts could
could also expand
expand
negligence
negligence doctrine
doctrine to allow
allow suit against
against the data seller, taking
taking the route of
route
chopping at supply rather
chopping rathcr than demand. noted , courts to date have been
demand. As noted,
260
leery to find data brokers
brokers negligent contcxt.
negligent in the data sale context.260 However,, given
However
the permanence
perrnanence of data and the breadth
brcadth of its subsequent
subsequent uses, courts should
uses , courts
consider
consider whether sensitive data (in type or scope)
whether sales of highly sensitive - particularly
scope)—particularly
with no contractual
contractual restrictions
re trictions on subsequent
subsequent use or sa sale—place consumers at
le- place consumers
unreasonable
unrca sonable risk.
C. Protections
Frameworks as Ex Post Protections
Balkin and Ohm Frameworks
C. Balkin
As discussed
discussed in Part V, Balkin Balkin and Ohm each advance tbat
proposals that
advance proposals
could
could protect consumers from this new avenue
protect consumcrs abuse, while still
digital abuse,
avcnue for digital
accommodating a digital
accommodating environment that places highly
digital environment highly sensitive information
sensitive information
in the hands
hands of a diverse
di verse array commercial entities.
array of commercial
Ohm’s
Ohm's proposal
proposal should
should be expanded rcgulations to
expanded in federal and state regulations
construe a far wider
construe wider category
category of information
information as sensitive. governing
sensitive. U.S. laws governing
sensitive
sensitive data should
should recognize
recognize not only comrnunications metadata, but also
communications metadata,
new data types—
types- including calendar data
including calendar data,, browsing
browsing history, network
history , social network
data,
data , purchase
purchase records, other information
records, and other information that couldcould provide insights into a
provide insights
person’s personality
person's personality and habits.
habits. Expanding
Expa nding the data types that U.S. law
recognizes
recognize s as sensitive
sensitive would
would trigger
h·igger various
various regulatory protections - including
regulatory protections— including
FIPPs of
the FIPPs of "purposc
“purpose specification"
specification” and "use limitation "- for data that could
“use limitation”—for
261
be particularly harmful in the context
particularly harmful context of relational control.2
ofrelational control. 61
This recommendation
recommendation could prove costly, costly, as expanding
expanding the types of data
that regulators
regulators consider sensitive
considcr sensitive wouldwould likely
likely increase
increase the proportion
proportion of
companies
companies that need to submit submit to burdensome
burdensome regulatory safeguards. Over-
regulatory safcguards.
protective regulations
protective regulations could also curb the development
development of many important,
important, pro-
societal benefits
societal benefits that stem fromfrom the efficient
efficient commercia
commerciall access consumer
access to consumer
262
data.262
data.
Balkin’s conception
Balkin's conccption of information fiduciaries should
information fiduciaries construed to
should be construed
require companies to limit the risk of privacy
require companies privacy harms secondary
barm s that stem from secondary
use. The framework
framework should
should support
support regulations
regulations that could,
could, for example, requirc
example, require
companies
companies to encrypt
encrypt data while storage and allow data sale only in the
while in storage thc
context
context of contractual
contractual rules that forbid forbid re-identification subsequent,
re-identification and subsequent.
260.. See
260 See supra
supra Section
Section IITl.B.
.B.
261.
261. Ohm.
Ohm , supra note 16,16 , at 11138.
138.
262.
262. This Note has not extensively
This Note extens ive ly explored
cxplored the benefits
bcnefits of our current data broker
brokcr
regime. See,, ee.g.
regime. See g .., Ohlhausen
Ohlhausen & Okuliar,
Okuliar, supra note 16, at 121-24
121-24 (describing consumer
(describing a broad array of consumer
and societal
societal benefits
benefits advanced
advanced by data
data availability
avai labi lity in the United States). These benefits
States). These bencfits require careful
require careful
weighing
weighing of the regulatory intervcntion .
regulatory intervention.
705
Y ale Journal
Yale Joumal on Regulation
purpose-flexible resale.
purpose-flexible resale. Such
Such duties
duties would
would limit brokers’
brokers' access
access to consumer
consumer
263
also likely
data, but also likely impose
impose transactional
transactional costs.263
costs.
Privacy Opt-ins
D. Privacy Opt-ins fo
forr Data
Data Sale
Sale
Privacy policies
Privacy policies remain
remain a particularly
particularly fertile
fertile ground
ground for privacy
privacy reform.
reforrn.
The FTC's Section
The FTC’s Section 5 enforcement
enforcement actionsactions take aim at companies
companies that lack
privacy policies
privacy policies and at those thosc whose
whose behavior
bchavior deviates
dcviates from their their stated
stated
264
policics.
policies."64 A Solove
As Solove and others
othcrs have
havc noted,
notcd, opt-outs
opt-outs are common
common provisions
provisions
privacy policies,
in privacy policies, often
often requiring
requiring a consumer
consumer to checkcheck a box,
box , call, or mail
rnail the
company within 265
company within a certain
certain time
time period
period to confirm
confirm their
their choice.265
choicc. However,
Howevcr, opt-
come with risks,
outs also come risks, including
including a consumer’s
consumer's implied, unwitting consent
implied, unwitting consent to
266
policies
policies that may prove dctrimental.
prove detrimental."66 In order ordcr to avoid
avoid setting
setting consumers
consumers up
"deals," the FTC should
for bad “deals,” should explore
explore requiring
requiring companies
companies to include
include a
narrow set of clear,
narrow clcar, logistically
logistically smooth
smooth opt-in
opt-in provisions
provisions regarding
regarding thethc sale of
collccted data. Requiring
collected companies receive
Requiring that companies rcccive fromfrorn consumer
consumcr consent
consent that
reduetion or denial
was not tied to a reduction denial ofof service
service would
would provide
provide a strong
strong
mechanism for consumers
mechanism consumcrs to protect
proteet themselves
themselves against
against the threat
relational
control.
control.
These proposed
These proposed changes
changes to privacy
privacy doctrine
doctrine will not inoculate
inoculate consumers
consumers
from the threat relational control,
control, nor are they they immune
immune to criticism.
eriticism.
Howcver, in tandem
However, tandem or in isolation,
isolation, these
these proposed
proposed shifts
shifts to U.S. privacy
privacy law
will help manage
manage a problem,
problem, which,
which, unconstrained,
unconstrained, may only only grow
grow in extent
extent
and intensity.
intcnsity.
Conclusion
Conclusion
Under the current

Under current legal regime,
regime , a person’s
pcrson 's intimate
in ti mate information
information can be
acquired by someone
acquired someone in hisbis or her social
social or professional
professional circles
circles for the purpose
purpose
of exercising
of exercising control.
control. This
This threat
threat is growing
growing and adds adds to thethc imperative
imperative that
digital privacy
digital privacy be properly
properly protected.
protccted. Although
Although a decisive
decisive solution
solution to this
problem may
problem may prove
prove elusive,
clusive, there
thcre are a handful
handful of doctrinal
doctrinal reforms
reform that, if
implemcnted,
implemented, will significantly reduce
significantly reduce consumer
consumer exposure
exposure to relational
relational control.
control.
relational control
The relational control problem
problem also underscores
underscores the thc oft-overlooked
oft-overlooked
-::ontextual features
contextual of digital
features of digital privacy.
privacy. As society
socicty has moved
moved from
from the analog
analog to
digital age,
the digital agc, individuals
individuals have
have lost the ability
ability to exercise
cxercise sole control
control over
over
their privatc information
their private information.. TheThe records
rccords of digital
digital activity
activity are controlled
controlled by many
263. See also a/so Sebastian

Scbastian Zimmeck,
Zimmcck, The Information
/11formario11 Privacy Law
Law o off Web Applications
,.md Cloud Co111puti11g,
and Computing, 29 SANTA SANTA CLARA COMPUTERCOMPUTER& & HIGH
HIGII TECH.
TECII. L.J.
L.J.451
451 (2013).
264. See, e.g., Solove & Hartzog, 1-lartzog.supra note 102, at 598.
265. See, e.g., DANIEL
DANIEL J. SOLOVE
SOLOVE & PAUL M. SCHWARTS,
& PAUL SCIIWARTS. INFORMATION
INFORMATIONPRIVACY
PRIVACY
LA
L w 828-35 (5th ecdd ,,., 2015); SSovcrn,
aw o v e rn , supra nnote
o te 177.
177.
266. Solovc. supra note 16 (critiquing
Solove, (critiquing “privacy
'·privacy self-management”
self-managemcnf' as as failing
failing to
provide people with
provide with meaningful
meaningful control
control over their
their data).
706
706
A New
New Privacy
Privacy Harm
Harm
actors,, from private

actors ISPs to statc
private ISPs state intelligence services,, which
intelligence services which exist
exist beyond
beyond a
consumer’s ability to meaningfully
consumer's ability influence them.
meaningfully influence
Privacy violations
Privacy violations that lead to relational control are inherently
relational control context
inberently context
dependent.
dependent. TbeThe data that might
might be harmless
hannless in the hands
hands of an
ao entity
eotity like
Facebook or a federal
Facebook federal agency
agency can be dangerous
dangerous if possessed professional
possessed by a professional
or social
social rival. Any
Any legal intervention
intervention that aims to protect consumers from
protect consumers from
relational control must
relational control must recognize
recognize this contextual
contextual feature
feature of privacy - tbat what
of privacy—that
is important
important is not only what others
others may know but also who may rnay know it.
707
Copyright of Yale Journal on Regulation is the property of Yale Journal on Regulation and its
content may not be copied or emailed to multiple sites or posted to a listserv without the
copyright holder's express written permission. However, users may print, download, or email
articles for individual use.

Rostow-What Happens When An AcquaintanceBuys - U - Data-2017 PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Rostow-What Happens When An AcquaintanceBuys - U - Data-2017 PDF

Uploaded by

Copyright:

Available Formats

Acquaintance Buys Your

What Happens When an Acquaintance

Data brokers have begun to sell consumer information

Imagine that you are about

22.. Aritra Sarkhel

While most brokers

Considering a New Privacy

Over the past two decades,

Brokers, supra note 4, at 17 (describing (describing self-imposed

15. See, e.g., STEWART

l.I. The Data

35. Schmitz, .supra

The data broker

B. Data Sales to Indi vidual Consumers

Selling big data is lucrative.

With few exceptions,

A. Statutory Priva cy Protections

54. See GAO Information

62. See 42 U.S.C. § 1320(d)(2)

private social networks

B. Judicial Priva cy Prot

8 1. California Social Media Privacy Act of 2012, CAL.

particularized, 87 (2) “fairly

87. See sources circd in supra note 14

96. Brian Fung

violated the FCRA

obstacle to the selling

This Part introduces

105. Stipulated Final Judgment

There may be legitimate

Informational Asymmetries as Tools far

network data can similarly

116. See, e.g., Jure Leskovec,

Suggestt Private Consumer lnformation

With each digital advancement

brokers make hundreds

13 1. See GAO Information

t h emse 1ves sell se 11

153. See e.g.,

examine the prominent

166. See Data Brok Broker Acco untabilit y and Tran

offercd by the authors—

B. Reforms forr Information

In addition proposals to regulate

174. See id. at 346-49.

Organization of Economic Cooperation and Development (OECD)); see a/so

191. Atan Henry,

V. “Information Fiduciaries”" and “Sensitive

While most proposed

Approach es to Consumer Prot

197. See, e.g., Craig

Balkin's proposal, on the other

B. Sensitive Data and Relational

Balkin also looks to jumpstart

236. (" everthcles,, if we impose

The Email Privacy Act does doe s not currently

Common law courts

247. See 18 U.S.C. § 1702 (2012) (201 2) ("Whoever

1. Peer Data Purchase

The Second Restatement of Torts defines

government and commercial

Unrestrained Data Sale as Ncgligent

Under the current