Friday, May 10, 2013
Sebastian Zimmeck, Columbia University Department of Computer Science, has published The Information Privacy Law of Web Applications and Cloud Computing in volume 2013 of the Santa Clara Computer and High Technology Law Journal. Here is the abstract.
This article surveys and evaluates the privacy law of web applications and cloud computing. Cloud services, and web applications in particular, are subject to many different privacy law requirements. While these requirements are often perceived as ill-fitting, they can be interpreted to provide a structurally sound and coherent privacy regime. The applicable body of law can be separated into two tiers: the primary privacy law and the secondary privacy law. The primary privacy law is created by the providers and users of cloud services through privacy contracts, especially, privacy policies. The secondary privacy law, contained, for example, in statutes and regulations, is for the most part only applicable where no valid privacy contracts exist. This supremacy of privacy contracts over statutory and other secondary privacy law enables individualized privacy protection levels and commercial use of privacy rights according to the contracting parties’ individual wishes.Download the article froM SSRN at the link.