Periods for Profit and the Rise of Menstrual Surveillance

Menstruation is being monetized and surveilled, with the voluntary participation of millions of women. Thousands of downloadable apps promise to help women monitor their periods and manage their fertility. These apps are part of the broader, multi-billion dollar, Femtech industry, which sells technology to help women understand and improve their health. Femtech is marketed with the language of female autonomy and feminist empowerment. Despite this rhetoric, Femtech is part of a broader business strategy of data extraction, in which companies are extracting people’s personal data for profit, typically without their knowledge or meaningful consent. Femtech can oppress menstruators in several ways. Menstruators lose control over their personal data and how it is used. Some of these uses can potentially disadvantage women in the workplace, insurance markets, and credit scoring. In addition, these apps can force users into a gendered binary that does not always comport with their identity. Further, period trackers are sometimes inaccurate, leading to unwanted pregnancies. Additionally, the data is nearly impossible to erase, leading some women to be tracked relentlessly across the web with assumptions about their childbearing and fertility. Despite these harms, there are few legal restraints on menstrual surveillance. American data privacy law largely hinges on the concept of notice and consent, which puts the onus on people to protect their own privacy rather than placing responsibility on the entities that gather and use data. Yet notice and consent is a myth because consumers do not read, cannot comprehend, and have no opportunities to negotiate the terms of privacy policies. Notice and consent is an individualistic approach to data privacy that envisions an atomized person pursing their own self-interest in a competitive marketplace. Menstruators’ needs do not fit this model. Accordingly, this Essay seeks to reconceptualize Femtech within an expanded menstrual justice framework that recognizes the tenets of data feminism. In this vision, Femtech would be an empowering and accurate health tool rather than a data extraction device.

Download Full-text

It’s Time to Relax: The Critical Importance of Digital Mental Health Products in the Context of Surveillance Capitalism

Temes de Disseny ◽

10.46467/tdd37.2021.38-59 ◽

2021 ◽

pp. 38-59

Author(s):

Sena Partal ◽

Sasha Smirnova

Keyword(s):

Mental Health ◽

Data Privacy ◽

Data Extraction ◽

Personal Data ◽

Economic Recession ◽

Mental Wellbeing ◽

Health And Wellbeing ◽

Health Apps ◽

Health Products ◽

Extraction Processes

There has been a huge increase in the use of digital technology throughout healthcare in recent years, with everything from apps to wearable tech. The mental health and wellbeing sector has been no exception. There are a wide variety of digital mental health apps available directly from app stores, making therapeutic techniques accessible for every smartphone user. The COVID-19 pandemic and ensuing quarantines and lockdowns, followed by the current economic recession, have redefined the tech world's agenda. There has been an increased emphasis on mental wellbeing. Many of the well-known tech companies, whose core business is not even related to healthcare (such as Facebook, Telefonica, or Google) have invested in mental wellbeing, either through “moonshots” or by introducing new product segments. For their critics, this is a “do-good” gesture intended to detract attention from their data extraction processes. This leads us to question, what is it that these companies want to recommend to people through the use of mental wellbeing tech? What is the new set of values that they are promoting? In this article we critically analyse digital mental health products. We discuss how they might become a political tool, speculate on their side effects, and investigate outcomes of their increasing popularity. We want to move beyond the personal data privacy debate and tackle other potential issues – what does this data sharing mean in terms of a shift in collective psychology and ideologies? What is the potential for them to become political tools? Is this a step towards human and non-human convergence?

Download Full-text

Data privacy law in Singapore: the Personal Data Protection Act 2012

International Data Privacy Law ◽

10.1093/idpl/ipx016 ◽

2017 ◽

Vol 7 (4) ◽

pp. 287-302 ◽

Cited By ~ 3

Author(s):

Benjamin Wong YongQuan

Keyword(s):

Data Protection ◽

Data Privacy ◽

Personal Data ◽

Personal Data Protection ◽

Privacy Law

Download Full-text

When Data Protection by Design and Data Subject Rights Clash

10.31228/osf.io/r2xus ◽

2018 ◽

Cited By ~ 1

Author(s):

Michael Veale ◽

Reuben Binns ◽

Jef Ausloos

Keyword(s):

Data Protection ◽

Data Privacy ◽

Personal Data ◽

Large Data ◽

Holistic Approach ◽

Privacy By Design ◽

Privacy Law ◽

Ex Post ◽

Trade Offs ◽

Data Subject

Cite as: Michael Veale, Reuben Binns and Jef Ausloos (2018) When Data Protection by Design and Data Subject Rights Clash. International Data Privacy Law (2018) doi:10.1093/idpl/ipy002. [Note: An earlier draft was entitled "We Can't Find Your Data, But A Hacker Could: How 'Privacy by Design' Trades-Off Data Protection Rights"]Abstract➔Data Protection by Design (DPbD), a holistic approach to embedding principles in technical and organisational measures undertaken by data controllers, building on the notion of Privacy by Design, is now a qualified duty in the GDPR.➔Practitioners have seen DPbD less holistically, instead framing it through the confidentiality-focussed lens of Privacy Enhancing Technologies (PETs).➔While focussing primarily on confidentiality risk, we show that some DPbD strategies deployed by large data controllers result in personal data which, despite remaining clearly reidentifiable by a capable adversary, make it difficult for the controller to grant data subjects rights (eg access, erasure, objection) over for the purposes of managing this risk.➔Informed by case studies of Apple's Siri voice assistant and Transport for London's Wi-Fi analytics, we suggest three main ways to make deployed DPbD more accountable and data subject-centric: building parallel systems to fulfil rights, including dealing with volunteered data; making inevitable trade-offs more explicit and transparent through Data Protection Impact Assessments; and through ex ante and ex post information rights (arts 13-15), which we argue may require the provision of information concerning DPbD trade-offs.➔Despite steep technical hurdles, we call both for researchers in PETs to develop rigorous techniques to balance privacy-as-control with privacy-as-confidentiality, and for DPAs to consider tailoring guidance and future frameworks to better oversee the trade-offs being made by primarily well-intentioned data controllers employing DPbD.

Download Full-text

Biometric Monitoring Devices: Modern Solutions to Protecting Athletes’ Data Privacy

Pittsburgh Journal of Technology Law and Policy ◽

10.5195/tlp.2021.245 ◽

2021 ◽

Vol 21 (1) ◽

Author(s):

Tristan A. Dietrick

Keyword(s):

Data Privacy ◽

Personal Data ◽

Collegiate Athletes ◽

Health Data ◽

Easy Access ◽

Biometric Data ◽

Sports Industry ◽

Privacy Law ◽

Increased Risk ◽

Biometric Information

Smartwatches like Fitbits provide users with easy access to quantifiable health data. In the sports industry, tracking this biometric information may be particularly beneficial to athletes, whose livelihoods revolve around their health and fitness. Nonetheless, under the current regime, professional and collegiate athletes’ biometric health data are inadequately protected. Data privacy law is still in its infancy, but in the meantime, athletes must consider that motivations to sell or misuse players’ biometric information may outpace legal developments. This Paper will analyze the promise and risk of collecting professional and collegiate athletes’ health and biometric data, particularly through fitness wearables. It will provide a closer look at wearables in professional sports and consider the increased risk posed to college athletes. Finally, this Paper will consider possible solutions to maximize the benefits of newfound technology while simultaneously minimizing risks to players’ health information, privacy, and personal data ownership.

Download Full-text

Data Privacy Law and Practice in Ethiopia

SSRN Electronic Journal ◽

10.2139/ssrn.2634453 ◽

2015 ◽

Author(s):

Kinfe Yilma

Keyword(s):

Data Privacy ◽

Privacy Law

Download Full-text

Jamaica Adopts a Post-GDPR Data Privacy Law

SSRN Electronic Journal ◽

10.2139/ssrn.3712745 ◽

2020 ◽

Author(s):

Graham Greenleaf

Keyword(s):

Data Privacy ◽

Privacy Law

Download Full-text

Solving the Internet Jurisdiction Puzzle

10.1093/oso/9780198795674.001.0001 ◽

2017 ◽

Cited By ~ 5

Author(s):

Dan Jerker B. Svantesson

Keyword(s):

International Law ◽

Cyber Security ◽

Data Privacy ◽

Modern World ◽

The Internet ◽

Private International Law ◽

Reform Initiatives ◽

Legal Principles ◽

Privacy Law ◽

History Of

Internet jurisdiction has emerged as one of the greatest and most urgent challenges online, severely affecting areas as diverse as e-commerce, data privacy, law enforcement, content take-downs, cloud computing, e-health, Cyber security, intellectual property, freedom of speech, and Cyberwar. In this innovative book, Professor Svantesson presents a vision for a new approach to Internet jurisdiction––for both private international law and public international law––based on sixteen years of research dedicated specifically to the topic. The book demonstrates that our current paradigm remains attached to a territorial thinking that is out of sync with our modern world, especially, but not only, online. Having made the claim that our adherence to the territoriality principle is based more on habit than on any clear and universally accepted legal principles, Professor Svantesson advances a new jurisprudential framework for how we approach jurisdiction. He also proposes several other reform initiatives such as the concept of ‘investigative jurisdiction’ and an approach to geo-blocking, aimed at equipping us to solve the Internet jurisdiction puzzle. In addition, the book provides a history of Internet jurisdiction, and challenges our traditional categorisation of different types of jurisdiction. It places Internet jurisdiction in a broader context and outlines methods for how properly to understand and work with rules of Internet jurisdiction. While Solving the Internet Puzzle paints a clear picture of the concerns involved and the problems that needs to be overcome, this book is distinctly aimed at finding practical solutions anchored in a solid theoretical framework.

Download Full-text

Student Privacy and the Law in the Internet Age

The Oxford Handbook of U.S. Education Law ◽

10.1093/oxfordhb/9780190697402.013.30 ◽

2019 ◽

Author(s):

Leah Plunkett ◽

Urs Gasser ◽

Sandra Cortesi

Keyword(s):

Learning Environments ◽

School Environment ◽

Privacy Protection ◽

Data Privacy ◽

Digital Technologies ◽

The United States ◽

Legal Framework ◽

Privacy Law ◽

Student Privacy ◽

High Level

New types of digital technologies and new ways of using them are heavily impacting young people’s learning environments and creating intense pressure points on the “pre-digital” framework of student privacy. This chapter offers a high-level mapping of the federal legal landscape in the United States created by the “big three” federal privacy statutes—the Family Educational Rights and Privacy Act (FERPA), the Children’s Online Privacy Protection Act (COPPA), and the Protection of Pupil Rights Amendment (PPRA)—in the context of student privacy and the ongoing digital transformation of formal learning environments (“schools”). Fissures are emerging around key student privacy issues such as: what are the key data privacy risk factors as digital technologies are adopted in learning environments; which decision makers are best positioned to determine whether, when, why, and with whom students’ data should be shared outside the school environment; what types of data may be unregulated by privacy law and what additional safeguards might be required; and what role privacy law and ethics serve as we seek to bolster related values, such as equity, agency, and autonomy, to support youth and their pathways. These and similar intersections at which the current federal legal framework is ambiguous or inadequate pose challenges for key stakeholders. This chapter proposes that a “blended” governance approach, which draws from technology-based, market-based, and human-centered privacy protection and empowerment mechanisms and seeks to bolster legal safeguards that need to be strengthen in parallel, offers an essential toolkit to find creative, nimble, and effective multistakeholder solutions.

Download Full-text

A Narrative Approach to Corporate Relations: The Historical Background on Telenor’s Success

Enterprise & Society ◽

10.1017/eso.2020.66 ◽

2021 ◽

pp. 1-36

Author(s):

SVERRE A. CHRISTENSEN

Keyword(s):

Business Strategy ◽

Historical Background ◽

Narrative Approach ◽

Societal Values ◽

Self Interest ◽

Equipment Supplier ◽

Supplier Relations ◽

Telecom Sector ◽

Public Telephone

This article examines the development of buyer-supplier relations in the telecom sector. The literature on telecoms in Scandinavia has been dominated by the narrative praising the trusting and collaborative relations between Telia, the Swedish public telephone operator (PTO), and Ericsson, the equipment supplier. The Norwegian PTO, Telenor, diverted from this path and was a pioneer in preferring competitive tenders and arm’s length relations with its suppliers starting in the 1970s. The article argues that Telenor’s history and nationality had a significant impact on its business strategy. In addition, the article examines why some business narratives persist while others remain unknown. One finding is that shareholder-friendly narratives have a handicap because they focus on self-interest and money, and not societal values.

Download Full-text

A federated interpretable scorecard and its application in credit scoring

International Journal of Financial Engineering ◽

10.1142/s2424786321420093 ◽

2021 ◽

pp. 2142009

Author(s):

Fanglan Zheng ◽

Erihe ◽

Kun Li ◽

Jiang Tian ◽

Xiaojia Xiang

Keyword(s):

Privacy Protection ◽

Data Privacy ◽

Credit Scoring ◽

Training Session ◽

Model Performance ◽

Parameter Tuning ◽

Kolmogorov Smirnov ◽

Data Privacy Protection ◽

Tuning Process ◽

Positive Coefficients

In this paper, we propose a vertical federated learning (VFL) structure for logistic regression with bounded constraint for the traditional scorecard, namely FL-LRBC. Under the premise of data privacy protection, FL-LRBC enables multiple agencies to jointly obtain an optimized scorecard model in a single training session. It leads to the formation of scorecard model with positive coefficients to guarantee its desirable characteristics (e.g., interpretability and robustness), while the time-consuming parameter-tuning process can be avoided. Moreover, model performance in terms of both AUC and the Kolmogorov–Smirnov (KS) statistics is significantly improved by FL-LRBC, due to the feature enrichment in our algorithm architecture. Currently, FL-LRBC has already been applied to credit business in a China nation-wide financial holdings group.

Download Full-text