About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline
LOG IN
LOG IN

98 Notre Dame L. Rev. 975 (2022-2023)
The Limitations of Privacy Rights

handle is hein.journals/tndl98 and id is 1015 raw text is: ARTICLES THE LIMITATIONS OF PRIVACY RIGHTS DanielJ. Solove* Individual privacy rights are often at the heart of information privacy and data protection laws. The most comprehensive set of rights, from the European Union's General Data Protection Regulation (GDPR), includes the right to access, right to rec- tification (correction), right to erasure (deletion), right to restriction, right to data port- ability, right to object, and right to not be subject to automated decisions. Privacy laws around the world include many of these rights in various forms. In this Article, I contend that although rights are an important component of privacy regulation, rights are often asked to do far more work than they are capable of doing. Rights can only give individuals a small amount of power. Ultimately, rights are at most capable of being a supporting actor, a small component of a much larger architecture. I advance three reasons why rights can't serve as the bulwark of privacy protection. First, rights put too much onus on individuals when many privacy problems are systematic. Second, individuals lack the time and expertise to make difficult deci- sions about privacy, and rights can't practically be exercised at scale with the number of organizations than process people's data. Third, privacy can't be protected by focus- ing solely on the atomistic individual. The personal data of many people is interrelated, and people's decisions about their own data have implications for the privacy of other people. The main goal of providing privacy rights aims to provide individuals with con- trol over their personal data. However, effective privacy protection involves not just facilitating individual control, but also bringing the collection, processing, and trans- fer of personal data under control. Privacy rights are not designed to achieve the latter goal, and they fail at the former goal. After discussing these overarching reasons why rights are insufficient for the @ 2023 Daniel J. Solove. Individuals and nonprofit institutions may reproduce and distribute copies of this Article in any format at or below cost, for educational purposes, so long as each copy identifies the author, provides a citation to the Notre Dame Law Review, and includes this provision in the copyright notice. * John Marshall Harlan Research Professor of Law, George Washington University Law School. I would like to thank my research assistants Kimia Favagehi, Shushan Gabriel- yan, and Jean Hyun for excellent work. Thanks to Ryan Calo, Danielle Citron, Don Clarke, Woodrow Hartzog, Chris Hoofnagle, Paul Schwartz, and Ari Waldman for helpful feedback. I also thank the participants of the Privacy Law Scholars Conference 2022 for their thought- ful comments. 975

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.



Short-term subscription options include 24 hours, 48 hours, or 1 week to HeinOnline.

Purchase Access

Contact us for annual subscription options:

Contact Us

Already a HeinOnline Subscriber?

Log In

profiles profiles most