About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline
LOG IN
LOG IN

114 Colum. L. Rev. 583 (2014)
The FTC and the New Common Law of Privacy

handle is hein.journals/clr114 and id is 617 raw text is: THE FTC AND THE NEW COMMON LAW OF PRIVACY Daniel j. Solove* & Woodrow Hartzog** One of the great ironies about information privacy law is that the primary regulation of privacy in the United States has barely been stud- ied in a scholarly way. Since the late 1990s, the Federal Trade Commission (FTC) has been enforcing companies' privacy policies through its authority to police unfair and deceptive trade practices. Despite over fifteen years of FTC enforcement, there is no meaningful body of judicial decisions to show for it. The cases have nearly all resulted in settlement agreements. Nevertheless, companies look to these agreements to guide their privacy practices. Thus, in practice, FTC privacy jurisprudence has become the broadest and most influential regulating force on information privacy in the United States-more so than nearly any privacy statute or any common law tort. In this Article, we contend that the ETC's privacy jurisprudence is functionally equivalent to a body of common law, and we examine it as such. We explore how and why the FTC, and not contract law, came to dominate the enforcement of privacy policies. A common view of the FTC's privacy jurisprudence is that it is thin, merely focusing on enforc- ing privacy promises. In contrast, a deeper look at the principles that emerge from FTC privacy common law demonstrates that the FTC's privacy jurisprudence is quite thick. The ETC has codified certain norms and best practices and has developed some baseline privacy protections. Standards have become so specific they resemble rules. We contend that the foundations exist to develop this common law into a robust privacy regulatory regime, one that focuses on consumer expectations of privacy, extends far beyond privacy policies, and involves a full suite of substan- tive rules that exist independently from a company's privacy representations. * John Marshall Harlan Research Professor of Law, George Washington University Law School. ** Assistant Professor, Samford University's Cumberland School of Law. The authors would like to thank Derek Bambauer, Julie Brill, Danielle Citron, Brannon Denning, Bob Gellman, Chris Hoofnagle, Toby Levin, Paul Ohm, Gerry Stegmaier, David Vladeck, Joel Winston, Chris Wolf, the participants of the Fifth Annual Privacy Law Scholars Conference and the International Association of Privacy Professionals Privacy Academy, the members of the Federal Trade Commission, and the faculty at the Michigan State University College of Law and the Notre Dame Law School. The authors would also like to thank Andrew Hasty, Dennis Holmes, and Blake Hungerford for their excellent research assistance and the George Washington University Law School Scholarship Grant Program and Samford University's Cumberland School of Law for their financial support. 583

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.



Short-term subscription options include 24 hours, 48 hours, or 1 week to HeinOnline.

Purchase Access

Contact us for annual subscription options:

Contact Us

Already a HeinOnline Subscriber?

Log In

profiles profiles most