Information Law and Policy

Information Law & Policy (IT 801)

IT 801-INFORMATION LAW AND POLICY
FALL 2002
SYLLABUS

Leslie Ann Reis
(312) 987-1425
7reis@jmls.edu
Office Hours: Open Door Policy

Welcome to Information Law and Policy. This seminar meets on Thursday evenings from 6pm - 9pm for 10 weeks. We will explore this ever-changing area of law through discussions, hypotheticals, student presentations and perhaps a guest lecture or two. Your participation is essential.
To receive credit for this seminar, you will need to (1) prepare and deliver an in-class presentation, (2) complete a position paper of publishable quality, and (3) make a personal information inquiry.

COURSE DESCRIPTION
This seminar considers the historical foundation and current status of information law and policies. We will examine a variety of issues concerning informational privacy i.e., the gathering, use and protection of information about individuals and organizations held by third parties. Topics will include the right of access to information, the free flow and use of information, the creation and value of an individual's "digital persona", and the roles of government and the private sector in protecting informational privacy. Specific topics and materials may be adjusted according to current events and students' experience with and interests in informational privacy.

COURSE MATERIALS
There is no textbook for this class. Course materials will be distributed on CD and via email. Occasionally, on-line materials will be assigned.
Recommended texts:
Marc Rotenberg, The Privacy Law Sourcebook 2002: United States Law, International Law, and Recent Developments (Electronic Privacy Information Center, 2001). Available at the JMLS Bookstore.
How To Use The Federal FOI Act. Available at the JMLS Bookstore.
Simson Garfinkle, Database Nation: The Death of Privacy in the 21st Century (O'Reilly & Associates, Inc. 2000).

GRADES AND COURSE REQUIREMENTS
Grades will be based on class participation (20%), an in-class presentation (20%), a personal information inquiry (15%), and a final paper (45%).
IN-CLASS PRESENTATIONS -- Each student will be expected to make an in-class presentation (approximately 15 minutes in length) that explains, as simply as possible, the significance of a specific problem or issue. Creativity is greatly appreciated and handouts are strongly encouraged.
TOPICS FOR IN-CLASS PRESENTATIONS: A list of suggested topics will be distributed during the second class meeting. Please pick your top three choices for your in-class presentation and return the questionnaire at the beginning of the third class meeting. You may propose additional topics (subject to the instructor's approval).
PERSONAL INFORMATION INQUIRY -- Each student must make a personal record inquiry from either a government agency or a private sector entity (e.g., a credit bureau, a former employer, an educational institution, an Internet advertising agency, etc.), and submit a brief written report explaining the process and the general results of the inquiry, including a critique of the agency or company's disclosure practices. Specific details of the records obtained should not be submitted. Creativity is encouraged. We will discuss the processes used and progress made in obtaining this information throughout the semester. The reports are due on or before the last class session, so students should not wait until late in the semester to make the inquiry.
POSITION PAPERS -- Each student must complete an original, well-researched, position paper that expresses a novel idea or approach to some area of information law and policy. The ideal paper will clearly state a problem, offer a suggested solution and justify that solution citing applicable law, policies or theories. The paper must be submitted in publishable form--i.e., fully edited, with correct grammar and spelling, proper citations, and supporting materials (statutes, appendices, etc.) if appropriate. While there is no length requirement, most topics will likely require at least 10 to 15 pages to adequately address. Remember, quality is more important than quantity.
· Papers will be evaluated on the basis of clarity of analysis, persuasiveness of argument, depth of research, originality of thought, readability, and understanding of the course materials. Proper use of authority is required (footnotes are preferred to endnotes).
· Students may present projects of equivalent depth and magnitude in other formats with prior approval of the instructor.
· Students will submit a thesis statement on or before the fifth class meeting.
· The instructor is available to discuss questions regarding papers/projects.
· Position Papers are due on or before December 12, 2002.
SYLLABUS

Class #1 (September 5, 2002) -- INTRODUCTION

In this session, we will explore the various definitions and concepts of "information"--who needs it, who wants it, and who can protect it. We will discuss the history and development of information policy in the United States and examine the regulatory mechanisms, applicable statutes, and the right of access to information. We will begin an ongoing analysis of "informational privacy"--an individual's right to control his or her personal information held by others.

Class #2 (September 12, 2002) - ACCESS TO INFORMATION ABOUT THE GOVERNMENT

This session will focus on information about the government. Among the topics that will be addressed are public records and Federal and state Open Meetings Acts, Freedom of Information Acts and the federal Privacy Act.

Class #3 (September 26, 2002) - INFORMATION THE GOVERNMENT HAS ABOUT INDIVIDUALS/PUBLIC INFORMATION/PUBLIC RECORDS

Here, we will explore information about individuals that is collected, maintained and used by the government.

Class #4 (October 3, 2002) - INFORMATION THE PRIVATE SECTOR HAS ABOUT INDIVIDUALS

This class will focus on the impact of technology on information exchange, transactions and security. We will discuss methods of collecting information including voluntary disclosure, transactional trails, and physical trails. We will also delve into the balancing of interests: information as a commodity v. personal privacy. We will also look at the regulatory mechanisms (government and industry self-regulation) used to protect consumer's personal information.

Class #5 (October 10, 2002) - FINANCIAL INFORMATION

Here, we will look at permitted uses and disclosures of an individual's financial information. We will analyze the FCRA, GLB, and other regulations and public v. private sector access to an individual's financial information. We will also examine how post-911 regulations and policies affect the confidentiality of financial information.

Class #6 (October 24, 2002) - MEDICAL INFORMATION

This class will examine the collection, use and dissemination of an individual's health information, use of genetic information, biometric identification and physical profiling. We will also begin student presentations.
· Ahmadian - Health Information

Class #7 (October 31, 2002) - DATAMINING/TARGET MARKETING/USE AND ABUSE OF CUSTOMER LISTS

In this session, we will take a cost/benefit approach as we investigate the collection, manipulation and distribution (buying, selling and trading) of consumer information. Student presentations will continue.
· RH - Pending legislation post 9/11
· WM - FERPA
· JB - Universal E-mail

Class #8 (November 7, 2002) - PRIVACY POLICIES, CERTIFICATION SERVICES AND OTHER SELF-REGULATORY MECHANISMS

This class will explore some of the industry approaches to self-regulation. Student presentations will continue.
· DT - Private Surveillance
· MG - Public Surveillance

Class #9 (November 14, 2002) - IDENTITY THEFT AND OTHER SCAMS

Here, we will focus on the data subject's (victim's) rights and remedies when personal information is used without knowledge and/or consent. Student presentations will continue.
· YM - ID Theft
· JL - National ID's
· MR - PGP/ PKI

Class #10 (November 21, 2002) - SPECIAL PROBLEMS: CHILDRENS' PRIVACY, WORKPLACE PRIVACY AND WRAP UP

This final class will examine some of the issues that arise when dealing with information about children and parents. We will also explore some of the special problems that currently exist when collecting information from children. And, we will continue our discussion about informational privacy in the workplace.
· VP - Workplace Privacy
· DB - US v. Indonesia privacy policies and concepts