Video available here.
Data privacy law fails to stop companies from engaging in self-serving, opportunistic behavior at the expense of those who trust them with their data. Academics and policymakers have recently proposed a possible solution: require those entrusted with peoples’ data and online experiences to be loyal to those who trust them. But critics and companies have concerns about a duty of loyalty. What, exactly, would such a duty of loyalty require? What are the goals and limits of such a duty? Should loyalty mean obedience or a pledge to make decisions in peoples’ best interests? What would the substance of the rules implementing the duty look like?
A duty of loyalty should be based upon the risks of digital opportunism in information relationships. Data collectors bound by this duty of loyalty would be obligated to act in the best interests of people exposing their data and online experiences, up to the extent of their exposure. They would be prohibited from designing digital tools and processing data in a way that conflicts with a trusting parties’ best interests. This duty could also be used to set rebuttable presumptions of disloyal activity and act as an interpretive guide for other duties. A duty of loyalty would be a revolution in data privacy law. That’s exactly what is needed to break the cycle of self-dealing ingrained into the current Internet.
Woodrow Hartzog is a professor of law and computer science at Northeastern University School of Law and the Khoury College of Computer Sciences. He is also a resident fellow at the Center for Law, Innovation and Creativity (CLIC) at Northeastern University, a faculty associate at the Berkman Klein Center for Internet & Society at Harvard University, a non-resident fellow at The Cordell Institute for Policy in Medicine & Law at Washington University, and an affiliate scholar at the Center for Internet and Society at Stanford Law School.
His research on privacy, media, and robotics has been published in scholarly publications such as the Yale Law Journal, Columbia Law Review, and California Law Review and popular publications such as The New York Times, The Washington Post, and The Guardian. He has testified multiple times before Congress and has been quoted or referenced by numerous media outlets, including NPR, BBC, and The Wall Street Journal. He is the author of Privacy’s Blueprint: The Battle to Control the Design of New Technologies, published in 2018 by Harvard University Press.