An Unprincipled Future? The Imminent Conflict between FIPPs and the Internet of Things

Contemporary consumer privacy law in the United States is largely based on the Fair Information Practice Principles (FIPPs) which have instituted the popular “notice and choice” model of Internet consumer privacy protection. But, besides the overwhelming evidence of the failure of the notice and choice model, the FIPPs are conceptually challenged by the Internet of Things. If consumer privacy law is to survive in the twenty-first century, either the conflict between FIPPs and the Internet of Things must be resolved or an entirely new approach to consumer privacy must be devised.

The ‘Nutrition Label Approach’ to Privacy Policies

If privacy policies are meant to secure informed consent from consumers before their personal data is collected, several studies have shown that they have failed. Consumers do not know what privacy policies are, often because they either do not read them or they cannot understand them. How should consumer privacy regulators address this failure? Drawing on lessons from current failures, some researchers are advocating a “nutrition label” approach to privacy policies.

Biometrics, Privacy, and Governance in India: the Unique Identity (‘Aadhaar’) Case

[Excerpt] Aadhaar’s vast database of biometric information is another pillar of India’s national security state. India is currently engaged in technological projects of astonishing dimensions, a colossally wide array of information collection, communications monitoring, and identity profiling. Biometrics have long been associated with biopower, a Foucauldian concept that is being frequently revisited as the world negotiates pervasive surveillance. The Aadhaar project is a new frontier in biopower: unparalleled in scale and unchecked by law, it is obliterating privacy.

The Battle for a Right to Privacy Has a Long Way to Go

[Excerpt] Because of its disjointed development, the constitutional basis of the right to privacy in India remains muddy. Indian courts have yet to craft a privacy rights jurisprudence that responds to surveillance, morals-based denials of personal choices, and forcible collections of bodily information. There are wide gaps in the right to privacy through which the collection of biometric information for the Aadhar project could easily slip through, perhaps even be made compulsory.