privacy law

Marshall Erwin, writing in Just Security this week, makes the case that technology should thwart government access to user data just as it has been facilitating government surveillance until Apple and Google decided to start encrypting user data when devices are locked. "The arguments made by critics of Apple and Google assert that these changes will result in damage to the public interest by protecting criminals and those who want to do us harm. More importantly, they suggest that warrant protections are necessary and sufficient to safeguard the public interest and to adjudicate the circumstances under which the government may access data," Erwin writes. He says it's wrong to suggest that only legal mechanisms, not technical mechanisms, should restrict government access to user data.

The federal government was before the U.S. Court of Appeals for the Second Circuit yesterday to defend the National Security Agency's collection of phone call metadata for millions of Americans in order to investigate foreign terrorism, the New York Law Journal's Mark Hamblett reports: [Assistant U.S. Attorney General Stuart] Delery said the case was governed by Smith v. Maryland, 442 U.S. 735 (1979), where the U.S. Supreme Court held that telephone users lack a Fourth Amendment privacy interest in the telephone numbers they dialed because they voluntarily give that information to their telephone company. [Alex] Abdo [of the American Civil Liberties Union] countered that the use of a pen register against a criminal suspect in the Smith case was a far cry from the mass accumulation of phone data on the chance it may be useful to derail a terror attack." U.S. District Judge William Pauley refused to grant an injunction against the surveillance, but two other district judges came to the opposite conclusion.

Privacy exceptions to the federal Freedom of Information Act have been invoked to reject records requests regarding Edward Snowden, Osama bin Laden and former House Majority Leader Tom DeLay, The Huffington Post's Matt Sledge reports: "Along with a 'deliberative process' exemption that allows an agency to withhold documents produced as part of a decision-making process, the government regularly cites privacy. The exemption often is used validly, to protect personnel or medical records. But other times, it papers over sensitive subjects the government would rather keep secret -- and not just Snowden."

As electronic health records reach a critical mass in the healthcare field, the litany of problems with them could be "hazardous to your mental health," the Pittsburgh Post-Gazette's Bill Toland reports. The symptoms of issues with electronc health records (EHRs) include "pharmacy errors, hard-to-find clinical alerts, 'farcical' training, and potentially life-threatening design flaws," Toland further reports. EHR critic Dean Kross, a cardiologist in private practice at the Allegheny Health Network, told Toland that EHR vendors have not been held accountable for the devices they are manufacturing.

The main safety issue with EHRs may be ensuring patient safety and privacy during their implementation. They are still thought to be a better practice than paper records. For example, faxes of patients are still commonly used in Canada, and an Alberta man reports that he has been receiving private health records on his office fax machine for the last six years, Canada's Global News reports. But EHRs are only as secure as technology can make them. Community Health Systems Inc., one of  the largest hospital groups in the United States, disclosed this week that Chinese hackers stole social security numbers and other personal data of 4.5 million patients, Reuters reports. The security breach did not include patient information.

The California Court of Appeal has ruled that a healthcare provider did not violate that state's medical confidentiality law when a laptop containing four million patients' medical records was stolen, The Recorder reports. Sutter Medical Foundation could have faced $4 billion in statutory damages. 

The court concluded there could not be liability without evidence that anyone actually looked at the records and the patients' confidentiality was breached, The Recorder also reports.

Politico reports that President Barack Obama plans to issue an executive order to develop privacy guidelines for commercial drones. The National Telecommunications and Information Administration would be put in charge of developing the guidelines.

The Federal Aviation Administration faces criticism for lagging in developing regulations about integrating commercial drones into U.S. airspace There is a September 2015 deadline for the FAA to issues rules on the operation of small commercial drones, Politico adds.

Shawn DuBravac, chief economist of the Consumer Electronics Association, posits in Techdirt that the U.S. Supreme Court's rulings that warrants are needed before police may search criminal suspects' cellphones has struck the first blow to protect digital privacy in the era of the Internet of Things, or physical objects being connected to the Internet like smart thermostats, coffee pots and refrigerators: the decision "comes at just the right time, because it's not just our phones that are getting smart. Soon, just about everything we touch will capture data about us. Our cars. Our watches. Our clothing. The fundamental privacies at stake in this ruling transcend far beyond phones. The Supreme Court needed to write its decision with the bigger picture in mind, and it did."

Navi Pillay, the United Nations' High Commissioner for Human Rights, argues in a draft report that digital privacy is a human right, the Washington Post reports. Wide-ranging surveillance by the National Security Agency and the United Kingdom's General Communications Headquarters undermine that right, Pillay argues. Pillay's draft report argues "'the best remedy of all is to establish strong legal protections to ensure that such violations do not happen in the first place,'" the Post concludes.

A new study shows that safety concerns with electronic health records persist after they are implemented--even though patient safety is part of the reason to go electronic with patient records, Politico reports. The study is based on 344 incidents with Veterans Administration electronic health records.

Two separate reports are showing the privacy issues raised by the growing use of drones.

The Hartford Courant's Kelly Glista reports about how a beachgoer called the police because a teenager was flying his drone at the public park. He wasn't breaking any laws, but the incident raised the question of what expectation of privacy people have in a public place: "The right to personal privacy is both profoundly valued and highly debated in the U.S., but the advancement of technology has blurred the line between what is public and what is private, from cellphone records to emails and information posted to social media. In Connecticut and around the country, drone technology is quickly becoming the next arena for that debate." Lawyers told the Courant that drone operators are like photographers: Photographing strangers in a public place is legal until the activity becomes harassing or a nuisance.

Matt Riedl, writing for the Wichita Eagle, out of Kansas, reports "interest in personal drones – which can cost as little as $1,000 to set up – has been rising exponentially. Consequently, local drone enthusiasts say the FAA is going to have to update its policies in the coming years to accommodate what they believe is a revolutionary and profitable technology." Lawyer Patrick Hughes told the Eagle that using a drone to do something you can normally do isn't going to change the law, but privacy issues could arise depending upon how drones are being used. The parameters for privacy and drone usage will likely develop out of FAA regulations or federal legislation, Hughes said.