Hostname: page-component-78c5997874-g7gxr Total loading time: 0 Render date: 2024-11-04T18:22:43.615Z Has data issue: false hasContentIssue false

Navigating the Incoherence of Big Data Reform Proposals

Published online by Cambridge University Press:  01 January 2021

Extract

The health care industry will be a large customer of big data while predictive analytics already underlie important health care and public health initiatives. Yet big data are not benign. For example, data brokers, the businesses that buy, process, and sell “big data” are performing an end-run around health data protection by creating data “proxies” outside of HIPAA-protected space. From 2012-14 various branches of the federal government published five major reports on privacy. All five were in favor of increased regulation of data brokers. However, their recommendations for legislative or regulatory intervention were quite diverse. This essay describes the various proposals and offers a critical synthesis.

Type
JLME Supplement
Copyright
Copyright © American Society of Law, Medicine and Ethics 2015

Access options

Get access to the full version of this content by using one of the access options below. (Log in options will check for institutional or personal access. Content may require purchase if you do not have access.)

References

Terry, N., “Protecting Patient Privacy in the Age of Big Data,” UMKC Law Review 81 (2013): 385415; Terry, N., “Big Data Proxies and Health Privacy Exceptionalism,” Health Matrix 24 (2014): 65–108.Google Scholar
Consumer Data Privacy in a Networked World: A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy (2012), available at <http://www.whitehouse.gov/sites/default/files/privacy-final.pdf> (last visited February 12, 2015).+(last+visited+February+12,+2015).>Google Scholar
Id., a t 13.Google Scholar
Federal Trade Commission, Protecting Consumer Privacy in an Era of Rapid Change: Recommendations for Businesses and Policymakers (2012), available at <http://www.ftc.gov/reports/protecting-consumer-privacy-era-rapid-change-recommendations-businesses-policymakers> (last visited February 12, 2015).+(last+visited+February+12,+2015).>Google Scholar
Id., at vii.Google Scholar
Id., at iv-v, 73.Google Scholar
See “Data Proxies,” supra note 1.Google Scholar
See e.g., “The NSA Files,” The Guardian, available at <http://www.theguardian.com/world/the-nsa-files> (last visited February 12, 2015).+(last+visited+February+12,+2015).>Google Scholar
The White House, Big Data: Seizing Opportunities and Preserving Values, available at <http://www.whitehouse.gov/sites/default/files/docs/big_data_privacy_report_5.1.14_final_print.pdf> (last visited February 12, 2015).+(last+visited+February+12,+2015).>Google Scholar
The White House Blog, “Big Data and the Future of Privacy,” January 23, 2014, available at <http://www.whitehouse.gov/blog/2014/01/23/big-data-and-future-privacy> (last visited February 12, 2015).+(last+visited+February+12,+2015).>Google Scholar
See White House, supra note 9, at 48, 51, 60.Google Scholar
Id., at viii–ix.Google Scholar
FTC § 5(a)(1) “Unfair methods of competition in or affecting commerce, and unfair or deceptive acts or practices in or affecting commerce, are hereby declared unlawful.” F.T.C. v. Wyndham Worldwide Corp., (D. NJ 2014) (FTC had authority to regulate companies' failure to maintain reasonable and appropriate data security).Google Scholar
See, e.g., In Re LabMD, available at <http://www.ftc.gov/system/files/documents/cases/140520labmdmotion.pdf> (FTC asserts jurisdiction notwithstanding defendant may be subject to HIPAA) (last visited February 12, 2015).+(FTC+asserts+jurisdiction+notwithstanding+defendant+may+be+subject+to+HIPAA)+(last+visited+February+12,+2015).>Google Scholar
Id., at 40–50.Google Scholar
Letter from FTC Commissioner Jessica Rich to National Telecommunications and Information Administration, August 1, 2014, available at <http://www.ftc.gov/system/files/documents/public_statements/573301/140801bigdatacomment.pdf> (last visited February 12, 2015).+(last+visited+February+12,+2015).>Google Scholar
Case C-131/12 Google Spain SL v. Agencia Española de Protección de Datos, 2014, available at <http://curia.europa.eu/juris/document/document.jsf?text=&docid=152065&pageIndex=0&doclang=EN&mode=req&dir=&occ=first&part=1&cid=19683> (last visited February 12, 2015).+(last+visited+February+12,+2015).>Google Scholar
White House Consumer Privacy Bill of Rights, 2015, available at <http://www.whitehouse.gov/sites/default/files/omb/legislative/letters/cpbr-act-of-2015-discussion-draft.pdf> (last visited March 4, 2015). Based loosely on the 2012 White House framework the draft bill suggests an over-reliance on industry codes of conduct while preempting more protective sate laws.+(last+visited+March+4,+2015).+Based+loosely+on+the+2012+White+House+framework+the+draft+bill+suggests+an+over-reliance+on+industry+codes+of+conduct+while+preempting+more+protective+sate+laws.>Google Scholar