In case you missed my recent webinar with Laura Riposo VanDruff and Jules Polonetsky, you can watch the replay here. We discussed the strengths and weaknesses of the American Privacy Rights Act (APRA) and its likelihood of passing.
AI, Algorithms, and Awful Humans – Final Published Version
I am pleased to share the final published version of my short essay with Yuki Matsumi. It was written for a symposium in Fordham Law Review.
AI, Algorithms, and Awful Humans
92 Fordham L. Rev. 1923 (2024)
Mini Abstract:
This Essay critiques arguments that algorithmic decision-making is better than human decision-making. Two arguments are often advanced to justify the increasing use of algorithms in decisions. The “Awful Human Argument” asserts that human decision-making is often awful and that machines can decide better than humans. Another argument, the “Better Together Argument,” posits that machines can augment and improve human decision-making. We argue that such contentions are far too optimistic and fail to appreciate the shortcomings of machine decisions and the difficulties in combining human and machine decision-making. Automated decisions often rely too much on quantifiable data to the exclusion of qualitative data, resulting in a change to the nature of the decision itself. Whereas certain matters might be readily reducible to quantifiable data, such as the weather, human lives are far more complex. Human and machine decision-making often do not mix well. Humans often perform badly when reviewing algorithmic output.
Download the piece for free here:
* * * *
This post was authored by Professor Daniel J. Solove, who through TeachPrivacy develops computer-based privacy and data security training.
NEWSLETTER: Subscribe to Professor Solove’s free newsletter
Prof. Solove’s Privacy Training: 150+ Courses
New Edition of PRIVACY LAW FUNDAMENTALS
HOT OFF THE PRESS! Privacy Law Fundamentals, Seventh Edition (2024). This is my short guide to privacy law with Professor Paul Schwartz (Berkeley Law).
Believe it or not, there have been some new developments in privacy law . . .
“This book is an indispensable guide for privacy and data protection practitioners, students, and scholars. You will find yourself consulting it regularly, as I do. It is a must for your bookshelf” – Danielle Citron, University of Virginia Law School
“Two giants of privacy scholarship succeed in distilling their legal expertise into an essential guide for a broad range of the legal community. Whether used to learn the basics or for quick reference, Privacy Law Fundamentals proves to be concise and authoritative.” – Jules Polonetsky, Future of Privacy Forum
If you’re interested in the digital edition, click here.
Catch Up with Me at the IAPP Global Privacy Summit
Are you headed to the IAPP Global Privacy Summit (April 3-4, 2024)?
If so, make sure to stop by and see me at my TeachPrivacy expo booth and say hello.
Webinar – The FTC, Privacy, and AI Blog
In case you missed my recent webinar with Maneesha Mithal, you can watch the replay here. We discussed recent FTC enforcement actions, algorithmic deletion, the FTC’s current rulemaking, enforcement of the health breach notification rule, the FTC’s role in regulating AI, and other issues.
The Failure of Data Security Law
Professor Woodrow Hartzog and I are posting The Failure of Data Security Law as a free download on SSRN. This is a chapter is from our book, BREACHED! WHY DATA SECURITY LAW FAILS AND HOW TO IMPROVE IT.
In this book chapter, we survey the law and policy of data security and analyze its strengths and weaknesses. Broadly speaking, there are three types of data security laws: (1) breach notification laws; (2) security safeguards laws that require substantive measures to protect security; and (3) private litigation under various causes of action. We argue that despite some small successes, the law is generally failing to combat the data security threats we face.
Breach notification laws merely require organizations to provide transparency about data breaches, but the laws don’t provide prevention or a cure. Security safeguards laws are often enforced too late, if at all. Enforcement authorities wait until a data breach occurs, but penalizing organizations after a breach increases the pain of a breach marginally, but not enough to be a game changer. Private litigation has increased the costs of data breaches but has accomplished little else. Courts have often struggled to understand the harm from data breaches, so data breach cases have frequently been dismissed.
Overall, we contend that data security law is too reactionary. The law fails to do enough to prevent data breaches, focuses too much on organizations that suffer data breaches and ignores other contributing actors, and doesn’t take sufficient steps to mitigate the harm from data breaches.
This chapter can stand alone, but of course, we encourage you to read our whole book, BREACHED! WHY DATA SECURITY LAW FAILS AND HOW TO IMPROVE IT.
* * * *
This post was authored by Professor Daniel J. Solove, who through TeachPrivacy develops computer-based privacy and data security training.
NEWSLETTER: Subscribe to Professor Solove’s free newsletter
Prof. Solove’s Privacy Training: 150+ Courses
European Data Protection Supervisor Interview
In this video, the European Data Protection Supervisor (EDPS) interviewed me as part of its 20 Talks Series to celebrate its 20th anniversary. From the EDPS description of this talk: “20 Talks is a series of insightful discussions with experts and influential personalities across diverse domains, looking into the profound implications of privacy and data protection within their specific spheres. In this episode, our guest is Daniel J. Solove, Professor of Intellectual Property and Technology Law, George Washington University Law School and President & CEO of TeachPrivacy.”
You can also watch the video on the EDPS 20 Talks site.
Webinar – Trust: What CEOs and Boards Must Know About Privacy and AI Blog
In case you missed my recent webinar with Dominique Shelton-Leipzig (Mayer Brown), you can watch the replay here. We had a great discussion about why privacy is an issue that the C-Suite and Board must address. Dominique is the author of a new book on this topic, Trust.: Responsible AI, Innovation, Privacy and Data Leadership.
Cartoon: AI and the Trolley Problem
My new cartoon on how AI might solve the famous Trolley Problem in philosophy.
Cartoon: AI Bias
Here’s a new cartoon on AI bias and the magical thinking that AI is unbiased because technology is neutral. Bias comes from the data that algorithms use, so the bias often pollutes the output. I discuss the issue in some of my recent work, including:
- Artificial Intelligence and Privacy
- AI, Algorithms, and Awful Humans
- The Prediction Society: AI and the Problems of Forecasting the Future
There are many other terrific works that delve deeply into this issue. A few scholars whose works I have learned greatly from include Ifeoma Ajunwa, Jessica Eaglin, Sandra Mayson, Dan Burk, Safiya Noble, Solon Barocas, Andrew Selbst, Anupam Chander, Sonja Starr, Ngozi Okidegbe, Andrew Gunthrie Ferguson, Talia Gillis, Elizabeth Joh, Pauline Kim, Margot Kaminski, Kate Crawford, Aziz Huq, Oscar Gandy, and Mega Leta Jones. There are many others. So much excellent work is being written. I hope policymakers look at this scholarship because it is really good and also quite practical.