GROUP TWO

From Identifying Difficult Problems in Cyberlaw
Revision as of 00:51, 22 November 2010 by Annasu (talk | contribs)
Jump to navigation Jump to search

Reputation Bankruptcy

Motivation To Discuss Reputation Bankruptcy

  • "75% of US recruiters and human-resource professionals report that their companies require them to do online research about candidates, and many use a range of sites when scrutinizing applicants", recent Microsoft study (via [1])
  • With quickly improving facial-recognition technology, there will be a stark challenge to "our expectation of anonymity in public" (via [2])
  • Viral dynamics of the internet may amplify reputation damage (e.g. search engine rankings)
  • COPPA protection ends at age 13 and has proven ineffective:
  • 37% of children aged 10-12 have Facebook accounts and 4.4 million Facebook users under age 13 in the US despite Facebook policy in compliance with COPPA (see video [3])

Scope

  • Identity-related content: Pictures, Videos, text
  • All pieces of content that depict or identify minors [i.e. we believe a general discussion of Star Wars Kid [4] is not necessarily bad; however pieces of content linking Star Wars Kid's real name to the footage are potentially harmful for the person and moreover add very little value]
  • Reference point: provision to wipe juvenile criminal record (e.g. expungement) [5]
  • Question: What about the following scenario: 25 year-old uploads pictures of when 16 (exception for content of you as a minor poster by another)
  • Question: What about minors who are of "legitimate public interest" i.e. celebrities, performers/actors, (what about: children of famous public figures)

Involved Parties

  • Individual Identified or Depicted
  • Content Creator (Person who creates content i.e. takes a picture)
  • Content Sharer (Person who uploads content to Content Storage/Distribution Platform)
  • Content Intermediaries (Personal Blog vs Facebook)
  • Search Engines
  • Note: some of these parties could be the same person in a given scenario

The Recent Scholarship and Proposed Solutions

  • Law-Based:
  • Extending Public Disclosure of Private Fact Tort
    • "Disclosure" tort - bars dissemination of "nonnewsworthy" personal information that most people would find highly private (some state laws more specific, e.g. "criminal laws forbidding the publication of the names of rape victims" [6]
    • Strengthened tort for public disclosure of private fact (Anupam Chander)(forthcoming in "The Offensive Internet" 2011 [7])
  • Law Restricting Employers
    • Law barring employers from firing or hiring based on legal off-duty conduct found in social networking profiles(Paul Ohm)[8]
    • Germany considers law to ban employers from mining information on job candidates from social networking sites such as Facebook to protect people's privacy. [9]
  • Existing Children Online Protection Laws
    • Children's Online Privacy Protection Act COPPA [10]:
      • Scope: "If you operate a commercial Web site or an online service directed to children under 13 that collects personal information from children or if you operate a general audience Web site and have actual knowledge that you are collecting personal information from children, you must comply with the Children's Online Privacy Protection Act." -- too narrow?!
    • Cf. Children's Online Protection Act (COPA) [11]
      • Restricting minor's access to potentially harmful material on the internet
  • Dan Solove: Give legal right to sue Facebook friends where confidence has been breached
  • Peter Taylor: Constitutional right to privacy/“oblivion” allowing more anonymity online
  • Cass Sunstein: DMCA Notice-and-Takedown Model
  • Code-Based:
  • Jonathan Zittrain: Rating systems that allow you to declare reputation bankruptcy in certain area
  • Victor Mayer-Schonberger: Digital Forgetting/Expiration dates (in “Delete” [12]); "Vanish" [13] - new technology developed by researchers at University of Washington, for electronic messages to "self-destruct" after certain period
  • Market- and Norm- Based:
  • Private companies to defend reputation, e.g. Reputation Defender
  • Educate the public, especially young people
  • Society norms to adapt to new media: "Please don't tweet this" (via [14])
  • Tim Berners-Lee: establish market norm of employers barred from accessing Facebook data of prospective employees

Concerns

  • Entanglement: who "owns" what information about a person and thus what can be managed / deleted, i.e. reposts of images, comments, wall posts
  • How far to go on the identity "continuum“
  • Authentication > pseudonymity > anonymity (Ardia)
  • Total deletion or selective management?
  • Reputations would be meaningless if they could be subject to a legal right to manipulate (Chander)
  • Distribution of liability: who is responsible for what? Does an intermediary like Facebook have the same degree of liability as its third-party partners who create apps and make use of Facebook data?

OUR SOLUTION

  • Creation of a personal legal right to control content depicting or identifying oneself as a minor, supported by norms and code
  • Minor's Online Identity Protection Act (MOIPA) (to be proposed by our team!)
    • Scope: all content depicting and identifying minors (under the age of 18)
    • Notice and take-down system (Proof of Scope - Watermark, Other ID/Notary)
  • Best-practices norm/code for Content Intermediaries to watermark content depicting minors:
    • Photos/Videos: meta data (Compare: [15])
    • Text: RDFa tags for identity information (See: [16])

""IMPLICATIONS / DISCUSSION""

  • Technical limitations
  • Easy to remove metadata?
  • International standards?
  • Notice and take-down system: how would this work? how to scale?
Both code-based solutions are solutions ex post. How about preventing or making it more difficult to happen in the first place? Perhaps we could require settings to be invisible-by-default for minor users?
  • Advantage for Content Intermediaries:
  • Public goodwill (parents might feel more comfortable with children using the site)
  • Gain additional insights from enhanced user/content meta data
  • Potential new market for content management systems: i.e. search, track, and delete material across the Internet
  • Disadvantage for Content Intermediaries:
  • Penalties for violating MOIPA?
  • Could databases and archives include references to deleted data? i.e. write "removed"?
  • What if aggregators include copies of photos that lack metadata?
  • Differentiate liability of main intermediaries and third-party app makers?
  • What about content posted by adults from when the adult was a minor?
  • How might this change behavior of minors?
  • New market for material about minors?
  • How might this segregate the Net between minors and adults?

Sources

  • “The End of Forgetting” NY Times 7/25/10, Jeffrey Rosen (law professor at George Washington University) [17]
  • Web takes away "second chances": "the worst thing you've done is often the first thing everyone knows about you"
  • ReputationDefender a "promising short-term solution", but not enough given fast advances of "facial-recognition technology"
  • "Freedom of Speech and Information Privacy: The Troubling Implications of a Right to Stop People From Speaking About You", Eugene Volokh [18]
  • Scope: restrictions on communication
  • "recognition of one free speech exception certainly does not mean the end of free speech generally"
  • "possible unintended consequences of various justifications for information privacy speech restrictions [...] sufficiently troubling"
  • "disclosure" tort - bars dissemination of "nonnewsworthy" personal information that most people would find highly private (some state laws more specific, e.g. "criminal laws forbidding the publication of the names of rape victims"
  • (II)D. Contracts with Children: the "discussion of contracts presupposes that both parties are legally capable of entering into the contract and of accepting a disclaimer of any implied warranty of confidentiality. If a cyber-consumer is a child, then such an acceptance might not be valid" (Source: Children's Online Privacy Protection Act of 1998 [19], 15 U.S.C. §§ 6501 et seq.; Matlick, note 245 infra; Singleton, infra note 251, text accompanying nn.76-79.)