Paul M. Schwartz

Paul M. Schwartz
Paul M. Schwartz
Born	1959 (age 64–65)
Education	Brown University (BA); Yale University (JD)
Occupation	Law professor
Title	Jefferson E. Peyser Professor of Law
Website	http://www.paulschwartz.net

Last updated June 20, 2024

Paul Schwartz (born 1959) is an American legal scholar who specializes in information privacy law. He is the Jefferson E. Peyser Professor at the UC Berkeley School of Law and a director of the Berkeley Center for Law and Technology.^[1] He was formerly the Anita and Stuart Subotnick Professor of Law at Brooklyn Law School from 1998 to 2004.

Research and teaching

Schwartz's research centres around the legal and policy implications of data mining,^[3] security breaches,^[4] and spyware.^[5] Together with Daniel J. Solove, Schwartz has re-introduced and systematized the concept of personally identifiable information in privacy law.^[6] A special focus of his work has been comparative law and differences in the privacy law of the European Union and the United States. He teaches information privacy, intellectual property, and tort law.

Academic career

Paul Schwartz graduated from Brown University and Yale Law School, where he served as a senior editor of the Yale Law Journal. He was the Anita and Stuart Subotnick Professor of Law at Brooklyn Law School from 1998 to 2004.^[7] He joined the Berkeley Law faculty in 2006. He is co-reporter of the American Law Institute’s Restatement of Privacy Law Principles. He is a member of the organizing committee of the Privacy and Security Forum^[8] and the Privacy Law Salon.^[9] He is co-reporter of the American Law Institute's Restatement of Information Privacy Principles.

Selected publications

Books

Paul M. Schwartz, & Daniel J. Solove, Privacy Law Fundamentals, IAPP, 2015
Paul M. Schwartz, & Daniel J. Solove, Information Privacy Law, Aspen Publishers, 5th ed. 2015
Paul M. Schwartz, & Daniel J. Solove, Privacy, Information, and Technology, Aspen Publishers, 3d ed. 2011
Paul M. Schwartz, & Daniel J. Solove, Privacy and the Media, Aspen Publishers, 2009
Joel R. Reidenberg, & Paul M. Schwartz, On-line Services and Data Protection and Privacy: Regulatory Responses, Brussels, 1998
Joel R. Reidenberg, & Paul M. Schwartz, Data Privacy Law, Michie Publishing, 1996

Articles

Paul M. Schwartz, & Daniel J. Solove, The PII Problem: Privacy and a New Concept of Personally Identifiable Information, 86 N.Y.U. Law Review 1814 (2011)
Karl-Nikolaus Peifer, & Paul M. Schwartz, Prosser’s Privacy and the German Right of Personality: Are Four Privacy Torts Better than One Unitary Concept?, 98 California Law Review 1925 (2010)
Paul M. Schwartz, Preemption and Privacy, 118 Yale Law Journal 902 (2009)
Paul M. Schwartz, Property, Privacy, and Personal Data, 117 Harvard Law Review 2055 (2004)
Paul M. Schwartz, Voting Technology and Democracy, 75 N.Y.U. Law Review 625 (2002)

Related Research Articles

Privacy is the ability of an individual or group to seclude themselves or information about themselves, and thereby express themselves selectively.

Identity management (IdM), also known as identity and access management, is a framework of policies and technologies to ensure that the right users have the appropriate access to technology resources. IdM systems fall under the overarching umbrellas of IT security and data management. Identity and access management systems not only identify, authenticate, and control access for individuals who will be utilizing IT resources but also the hardware and applications employees need to access.

Privacy laws of the United States deal with several different legal concepts. One is the invasion of privacy, a tort based in common law allowing an aggrieved party to bring a lawsuit against an individual who unlawfully intrudes into their private affairs, discloses their private information, publicizes them in a false light, or appropriates their name for personal gain.

Personal data, also known as personal information or personally identifiable information (PII), is any information related to an identifiable person.

The tort of breach of confidence is, in United States law, a common-law tort that protects private information conveyed in confidence. A claim for breach of confidence typically requires the information to be of a confidential nature, which was communicated in confidence and was disclosed to the detriment of the claimant.

K. A. (Kim) Taipale is an American investor, legal scholar, and social theorist specializing in information, technology, and national security policy. He is a partner in Stilwell Holding, a private investment firm, and the former chairman of the executive committee of Kobra International Ltd. He is also the founder and executive director of the Stilwell Center for Advanced Studies in Science and Technology Policy, a private, nonpartisan research organization, and a director of the Stilwell Charitable Fund. He was previously an investment banker at Lazard Freres & Co. and a lawyer at Davis Polk & Wardwell.

Daniel J. Solove is the Eugene L. and Barbara A. Bernard Professor of Intellectual Property and Technology Law at the George Washington University Law School. He is well known for his academic work on privacy and for popular books on how privacy relates with information technology.

A data breach, also known as data leakage, is "the unauthorized exposure, disclosure, or loss of personal information".

A Personal Information Agent (PIA) is an individual, business, or organization who is expressly authorized by another identifiable individual in dealings with third persons, businesses or organizations concerning personally identifiable information (PII). PIA status allows access to information pertaining to an identifiable individual and the records and associated files of that identifiable individual. This normally includes, but is not limited to, financial files, correspondence, memorandum, machine-readable records and any other documentary material, regardless of physical form or characteristics. Access of these records extends to any copy of any of those things, pertaining to that identifiable individual and including the right to audit and monitor activities that involve the process for notification and reporting of unauthorized disclosure or PII breaches.

The California Online Privacy Protection Act of 2003 (CalOPPA), effective as of July 1, 2004 and amended in 2013, is the first state law in the United States requiring commercial websites on the World Wide Web and online services to include a privacy policy on their website. According to this California State Law, under the Business and Professions Code, Division 8 Special Business Regulations, Chapter 22 Internet Privacy Requirements, operators of commercial websites that collect Personally Identifiable Information (PII) from California's residents are required to conspicuously post and comply with a privacy policy that meets specific requirements. A website operator who fails to post their privacy policy within 30 days after being notified about noncompliance will be deemed in violation. PII includes information such as name, street address, email address, telephone number, date of birth, Social Security number, or other details about a person that could allow a consumer to be contacted physically or online.

Chris Jay Hoofnagle is an American professor at the University of California, Berkeley who teaches information privacy law, computer crime law, regulation of online privacy, internet law, and seminars on new technology. Hoofnagle has contributed to the privacy literature by writing privacy law legal reviews and conducting research on the privacy preferences of Americans. Notably, his research demonstrates that most Americans prefer not to be targeted online for advertising and despite claims to the contrary, young people care about privacy and take actions to protect it. Hoofnagle has written scholarly articles regarding identity theft, consumer privacy, U.S. and European privacy laws, and privacy policy suggestions.

The nothing to hide argument is a logical fallacy which states that individuals have no reason to fear or oppose surveillance programs unless they are afraid it will uncover their own illicit activities. An individual using this argument may claim that an average person should not worry about government surveillance, as they would have "nothing to hide".

Nothing to Hide: The False Tradeoff Between Privacy and Security is a book written by Daniel J. Solove regarding the nothing to hide argument regarding privacy. It was published by Yale University Press in 2011.

The following outline is provided as an overview of and topical guide to computer security:

Understanding Privacy is a 2008 book on privacy by Daniel J. Solove. The book gives a modern history of the concept of privacy particularly as it is discussed by philosophers and legal theorists. It provides a framework of many people's concept of privacy and the author's own theory of the outline of what privacy covers.

Danielle Keats Citron is a Jefferson Scholars Foundation Schenck Distinguished Professor in Law at the University of Virginia School of Law, where she teaches information privacy, free expression, and civil rights law. Citron is the author of "The Fight for Privacy: Protecting Dignity, Identity, and Love in the Digital Age" and "Hate Crimes in Cyberspace" (2014). She also serves as the Vice President of the Cyber Civil Rights Initiative, an organization which provides assistance and legislative support to victims of online abuse. Prior to joining UVA Law, Citron was an Austin B. Fletcher Distinguished Professor of Law at Boston University Law School, and was also the Morton & Sophia Macht Professor of Law at the University of Maryland School of Law.

Privacy engineering is an emerging field of engineering which aims to provide methodologies, tools, and techniques to ensure systems provide acceptable levels of privacy. Its focus lies in organizing and assessing methods to identify and tackle privacy concerns within the engineering of information systems.

The Investment Data Standards Organization (IDSO) is a U.S.-based organization that publishes Alternative Data standards. IDSO was established to support the growth of the Alternative Data industry through the creation, development, and maintenance of industry-wide standards and best practices. IDSO is a non-profit 501(c)(6) organization made up of companies in the Alternative Data industry such as data originators, intermediaries, and institutional investment funds.

The gathering of personally identifiable information (PII) is the practice of collecting public and private personal data that can be used to identify an individual for both legal and illegal applications. PII owners often view PII gathering as a threat and violation of their privacy. Meanwhile, entities such as information technology companies, governments, and organizations use PII for data analysis of consumer shopping behaviors, political preference, and personal interests.

ISO/IEC 27018 is a security standard part of the ISO/IEC 27000 family of standards. It was the first international standard about the privacy in cloud computing services which was promoted by the industry. It was created in 2014 as an addendum to ISO/IEC 27001, the first international code of practice for cloud privacy. It helps cloud service providers who process personally identifiable information (PII) to assess risk and implement controls for protecting PII. It was published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) under the joint ISO and IEC subcommittee, ISO/IEC JTC 1/SC 27.

References

↑ "Paul Schwartz". Berkeley Law.
↑ "Professor Paul Schwartz | International Expert in Privacy and Security Law". Paul Schwartz.
↑ Ira S. Rubinstein, Ronald D. Lee, & Paul M. Schwartz, Data Mining and Internet Profiling: Emerging Regulatory and Technological Approaches, 75 University of Chicago Law Review 261 (2008)
↑ Edward Janger, & Paul M. Schwartz Notification of Data Security Breaches, 105 Michigan Law Review 913 (2007)
↑ Paul M. Schwartz, Privacy Inalienability and the Regulation of Spyware, 20 Berkeley Technology Law Journal 1269 (2005)
↑ Paul M. Schwartz, & Daniel J. Solove, The PII Problem: Privacy and a New Concept of Personally Identifiable Information, 86 N.Y.U. Law Review 1814 (2011)
↑ "Archived copy". Archived from the original on 2015-10-09. Retrieved 2019-10-20.{{cite web}}: CS1 maint: archived copy as title (link)
↑ Privacy and Security Academy
↑ "THE PRIVACY LAW SALON". THE PRIVACY LAW SALON.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[UCBerkeley-1] "Paul Schwartz". Berkeley Law.

[schwartzWebsite-2] "Professor Paul Schwartz | International Expert in Privacy and Security Law". Paul Schwartz.

[dataMining-3] Ira S. Rubinstein, Ronald D. Lee, & Paul M. Schwartz, Data Mining and Internet Profiling: Emerging Regulatory and Technological Approaches, 75 University of Chicago Law Review 261 (2008)

[data-security-4] Edward Janger, & Paul M. Schwartz Notification of Data Security Breaches, 105 Michigan Law Review 913 (2007)

[spyware-5] Paul M. Schwartz, Privacy Inalienability and the Regulation of Spyware, 20 Berkeley Technology Law Journal 1269 (2005)

[PII-6] Paul M. Schwartz, & Daniel J. Solove, The PII Problem: Privacy and a New Concept of Personally Identifiable Information, 86 N.Y.U. Law Review 1814 (2011)

[7] "Archived copy". Archived from the original on 2015-10-09. Retrieved 2019-10-20.{{cite web}}: CS1 maint: archived copy as title (link)

[8] Privacy and Security Academy

[9] "THE PRIVACY LAW SALON". THE PRIVACY LAW SALON.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

Authority control databases
International	ISNI VIAF WorldCat
National	France BnF data Germany Israel United States Czech Republic Netherlands
Other	SNAC IdRef