LEMON SQUEEZY
Keeping personal data secret, respecting individual boundaries, and controlling access to personal information describes this concept.
What is privacy?
Under the GDPR and many U.S. privacy laws, this fundamental right allows individuals to see what personal data a company holds about them.
What is the Right to Access?
Daniel Solove’s article refutes this common assertion by arguing that privacy is far more nuanced than mere secrecy.
What is “I’ve got nothing to hide”?
The IAPP explored whether FTC enforcement could effectively override or supersede state-level AI regulations, a legal concept known by this term.
What is preemption?
SCCs
What are Standard Contractual Clauses?
GDPR Article 13 requires organizations to provide this to data subjects at or before the time data are collected.
What is a privacy notice (or notice of data collection)?
Enshrined in GDPR Article 17 and reflected in state laws like the CCPA, it lets individuals request removal of their personal information from an organization’s databases.
What is the Right to Deletion (or “Right to Erasure”)?
The My Health My Data Act in Washington extends privacy protections to consumer health data that typically wouldn’t be covered by this well-known federal law.
What is HIPAA (Health Insurance Portability and Accountability Act)?
Winter quarter guest speaker Cobun Zweifel-Keegan works for this organization, the world's largest information privacy community, known by a four-letter acronym.
What is the IAPP (International Association of Privacy Professionals)?
NIST
What is the National Institute of Standards and Technology?
The concept that creators and deployers of AI should actively mitigate harm by embedding fairness, accountability, and transparency.
What is responsible AI?
Known as the “Right to Rectification” in the GDPR, it empowers individuals to address inaccuracies in their personal data.
What is the Right to Correction?
Under the GDPR, this type of entity determines purpose and means of processing personal data.
What is a controller?
Section 5 of the FTC Act prohibits these two broad categories of harmful business conduct — one targeting competitors, the other targeting consumers.
What are "unfair methods of competition" and "unfair or deceptive acts or practices"?
CCTV
What is closed-circuit television?
This section of the 1996 Communications Decency Act grants platforms immunity from liability for user-generated content.
What is Section 230?
This right, recognized under GDPR Article 18, lets individuals demand that an organization limit its use of their personal data in specific circumstances.
What is the Right to Restrict Processing?
The IAPP's 2024 overview report documented the rapidly growing number of states with comprehensive privacy laws, revealing what many in the field describe as a regulatory this — an inconsistent, overlapping collection of state-level rules.
What is a "patchwork"?
This smart TV manufacturer settled with the FTC after being caught collecting second-by-second viewing data from millions of consumers without adequate disclosure or consent.
What is Vizio?
ALPR
What is Automated License Plate Reader?
The current chair of the Federal Trade Commission.
Who is Andrew Ferguson?
The GDPR grants individuals the ability to receive their personal data in a structured, machine-readable format and move it to another provider.
What is the Right to Data Portability?
Orin Kerr's optional reading for the Surveillance & Privacy class asked whether installing one of these devices on a car constitutes a Fourth Amendment search — a question later resolved by the Supreme Court in United States v. Jones.
What is a GPS device?
Solove and Hartzog argue in their influential article that through decades of enforcement actions, the FTC has effectively created this — a body of privacy norms built case-by-case, similar to how judges develop law through court decisions.
What is "the new common law of privacy"?
FHIBE
What is Fair Human-Centric Image Benchmark?