I recently published this article here, as a part of the DigiChina Project, based at the Stanford University Cyber Policy Center and a joint effort with New America.
Privacy and Commercial Speech
California AG office on March 11th released a second round of modifications for their proposed regulations to implement the California’s Consumer Privacy Act, aka CCPA, among which Section 999.315(d) gives consumers a global opt-out option through a single-click button embedded in the browser. If the rule gets passed, consumers can stop companies from “selling” (as broadly defined by CCPA) their...
A First Observation of Privacy Law in the Asia-Pacific Region
Recently I completed a research project on Asia-Pacific privacy law, which satisfied my long-time craving for exploring in details the privacy law and enforcement regime of this region beyond mainland China. After reading the statutes, government reports, and articles relating to South Korea, Japan, Singapore, India, Australia, Hong Kong, Taiwan, Malaysia, Philippines, Thailand, and Vietnam, I...
When Data Protection Meets Competition Law
On February 7, 2019, German’s antitrust authority, the German Federal Cartel Office (“FCO”), issued a decision about the abuse-of-dominance rules, to ban Facebook from combining user information collected from non-Facebook platforms – including Facebook-owned services like WhatsApp and Instagram, and other third-party websites and mobile apps – and associating the information to user’s Facebook...
Ad-Tracking Consent & The Dilemma: Some Thoughts on the Washington Post Case
A recent UK decision on online ad-tracking consent attracts my attention as it targets a novel attempt by the Washington Post towards GDPR compliance, which seemingly puts a price tag on privacy rights for users to avoid online tracking when enjoying the service. I find this decision is not convincing and could cause a tough dilemma for business compliance. According to The Register, the...
Is China Converging With EU on Personal Information Protections?
China is moving fast building up its data regulation regime. In June of 2017, China’s Cybersecurity Law came into force, the first national-level and cross-sector legislation in China to protect personal information. Since 2017, China also has launched a pragmatic guidance Information Security Technology – Personal Information Security Specification (“Specification”) and the...
A Tech-Savvy Court Behind Carpenter v. United States
For a long time, the Supreme Court has been criticized as tech-phobic and old-school, not keeping pace with technology evolvement. But through Carpenter v. United States, a recent Supreme Court decision regarding the cell-site location information (CSLI) search, I saw a tech-savvy bench vigorously trying to adapt the old Constitutional Law to the ever-evolving technologies. In case the background...
Refocusing the Privacy v. Security Debate – A Late Book Review on “Nothing to Hide: The False Tradeoff between Privacy and Security”
We should not — and don’t need to — trade privacy off in order to be more secure. In his book Nothing to Hide: The False Tradeoff between Privacy and Security, Professor Daniel Solove explains why and how to achieve this by revealing the fallacies underlying many pro-national security arguments, including the mistaken views about privacy protection and its costs and benefits. This book was...