Document Type

Article

Publication Date

2024

Abstract

For the last ten years, American rhetoric and state lawmaking has attempted to provide consumers with greater and stickier property interest in their personal information. But the impracticalities of the sticky property model are becoming evident, and will be impossible to ignore as AI becomes more prevalent and useful. This Article critiques the property framework in privacy law, and explains how a risk-based approach can be modernized and implemented instead. An enduring system of privacy laws will manage risks rather than bestowing rights to control and delete information. To do this, data practices should be categorized into safe harbor practices (which can be done irrespective of consent), per se violations (which cannot be done even if the data subject has consented), and a middle ground where the data subject’s expectations and consent are appropriate, relevant, and practicable. This approach aligns better with American legal traditions, technological reality, and the First Amendment.

Share

COinS