With the advances in technology, much of the data resides in the cloud where jurisdiction and protection of privacy is murky and contentious. So a cloudy overcast in downtown Washington on Friday April 7, 2017 was perhaps by design – especially because the following that day was a perfect sunny spring weekend would follow – to address the developments and challenges in data privacy law.
Microsoft Corporation hosted an intellectually challenging as well as trailblazing symposium at its Innovation and Policy Center in the heart of Washington. The event was presented by the American University Law Review bringing together some of the sharpest legal minds and practitioners to discuss the legal nuances, intellectual and jurisdictional issues surrounding data privacy.
To whom does the data belong? Who can see it? Under which circumstances? And … by whose authority? These are some of the questions in lay persons’ terms. Both, the moderators and the panelists did their best to educate the legal students and the public interest professionals attending this important and timely exchange of ideas.
Debates and serious discussion on sensitive issues like privacy need the right setting. Too much generality can lead to misleading conclusions and focus on minutia can also lead to one missing the point. So in this perspective the collaborative effort of the Microsoft Corporation and the American University Law Review struck the right balance.
The conference venue itself provided an ideal setting. From the 11th floor, looking east one could clearly see the Capital and the broad avenues leading towards the legislative body that makes laws and sometimes is caught struggling doing so. But, immediately adjacent to the conference center is a historic house of worship. Then a street away is the historic Carnegie Library perhaps embodying the repository of shared knowledge. A bit to the left is Washington’s new Convention Center – where businesses meet and establish rules of behavior and best practices. Heading east are then different avenues and streets that provide direct and indirect path toward the legislative center of this vibrant and sometimes chaotic democracy.
Similar to the different avenues in Washington, the conference provided panel discussions covering different perspectives. For instance, after the opening remarks, the Professor Michael W. Carroll, Director, Program on Information Justice and Intellectual Property, American University, Washington College of Law, moderated a very lively panel discussion on “how far should the long arm of the law reach?” Referring to the Microsoft Ireland Case, this discussion cited the “Second Circuit has held that when a U.S. citizen commits a crime in the United States, a U.S. warrant supported by probable cause reaches stored communications, such as email, only if the data is physically stored in the United States.”
Many interesting quotes came out from this discussion. For instance, “let’s start with the facts; email account lives in the cloud; it’s in data center in certain countries; some of your Gmail might be in one country while other parts in other country.” And, “what does it mean to set up the cloud? There is no such thing as the cloud; it just sits on some other people’s computers.”
The second panel discussion moderated by Kirk Nahra, Partner and Chair, Privacy & Cybersecurity Practice, Wiley Rein – “An Ocean Apart: Can the Privacy Shield Bridge the Gap between the E.U. and the US Privacy Regimes” – sought to explain the “differences in the European and U.S. approaches to privacy and explore current issues surrounding the latest attempt to bridge the gap between the two.”
The third panel discussion moderated by Hillary Brill, Practitioner in Residence, Glushko-Samuelson Intellectual Property Clinic, American University Washington College of Law, focused on the latest privacy concerns of the Internet of Things (IoT). Panelists with real world experience and deep insights in to the privacy issues and examples explained that “IoT surrounds us, watches us, listens to us – we often do not even realize that it is here.” They were very effective in communicating and exploring the recent enforcements trends and the impact on traditional privacy framework’s ability to deal with novel IoT issues.
Looking into the future, the “Next Frontier” was moderated by Elizabeth Grossman, Director of Civic Project, Tech & Civic Engagement Group, Microsoft Corporation. This discussion dealt with rapid development of new technology with probing questions such as: “what is the next frontier for data privacy law, and are we ready for it?”
Photo credit: Ms. Desislava Kireva J.D. Candidate, AU School of Law