305 Matching Annotations
  1. Aug 2022
    1. Marketing. For example, information about your device type and usage data may allow us to understand other products or services that may be of interest to you.

      All of the information above that has been consented to, can be used by NetGear to make money off consenting individuals and their families.

    2. USB device

      This gives Netgear permission to know what you plug into your computer, be it a FitBit, a printer, scanner, microphone, headphones, webcam — anything not attached to your computer.

    3. as well as and other software, mobile apps, and features.

      This could give Netgear the consent to watch every application you use, from The Sims to SETI to Photoshop to You Need A Budget.

    1. "It's difficult because we can't tell people exactly what's allowed and not allowed," said Chris Castelli, a manager for the Department of State Lands. "It's even tougher for law enforcement that gets called out to very heated disputes and doesn't have strict laws they can apply." 
  2. Jun 2022
    1. What information we collect about you Personal identification and communication information: your name, home address, phone number; email address; date of birth, gender, national insurance number and immigration status; Application-related information: resume/curriculum vitae (CV), cover letter, employment history, education history, qualifications and skills, reference contact information, position preferences, willingness to relocate, desired salary, interests and aspirations, and background screening information if relevant; and Sensitive information: for example, information about your health and disabilities where we need to make any reasonable adjustments.

      Information collected by Block, Inc.


      This conflicts with the effective date at the top of the document.

    1. You agree to defend, indemnify and hold harmless Motorsport.tv, its parent corporation, officers, directors, employees and agents, from and against any and all claims, damages, obligations, losses, liabilities, costs or debt, and expenses (including but not limited to attorney's fees) arising from: (i) your use of and access to the Motorsport.tv Platform; (ii) your violation of any term of these Terms of Service; (iii) your violation of any third party right, including without limitation any copyright, property, or privacy right; or (iv) any claim that one of your user submissions caused damage to a third party. This defense and indemnification obligation will survive these Terms of Service and your use of the Motorsport.tv Platform.

      If a user's behavior causes harm to another party, and that other party sues Motorsport.tv, the user will cover any losses incurred by Motorsport.tv as a result of the user's behavior.

    2. Nothing in this Agreement shall be deemed to confer any third-party rights or benefits.

      The agreement is only between the user and Motorsport.tv.

    3. Motorsport.tv may, in its sole discretion, modify or revise these Terms of Service at any time, and you agree to be bound by such modifications or revisions.

      Motorsport.tv may change the terms at any time.

  3. May 2022
    1. What is difference between mission and vision?The mission sets the direction for the company's goals and the vision should light a path for how the organization can get there. These statements establish part of the framework for expected behavior and give employees and volunteers a sense of cohesiveness.Jul 21, 2021
  4. Apr 2022
    1. ReconfigBehSci [@SciBeh]. (2021, December 6). I do not understand the continued narrative that makes it sound as if extant legal systems don’t already provide the framework for assessing whether rights are unduly infringed by vaxx passports and mandates. This is exactly what constitutions are for. [Tweet]. Twitter. https://twitter.com/SciBeh/status/1467818167766593538

  5. Mar 2022
    1. ReconfigBehSci on Twitter: ‘@STWorg @ProfColinDavis @rpancost @chrisdc77 @syrpis this is the most in depth treatment of the impact of equalities law on pandemic policy that I’ve been able to find- it would seem to underscore that there is a legal need for impact assessments that ask (some) of these questions https://t.co/auiApVC0TW’ / Twitter. (n.d.). Retrieved 22 March 2022, from https://twitter.com/SciBeh/status/1485927221449613314

    1. nonexclusive, nontransferable, limited license

      A license of this type means that the licensee, or the person that is granted a license to use the service, cannot limit whom the licensor (e.g., the service provider) allows to also use the service.

      Note: This is information is intended to be educational rather than informative. It is NOT intended to be, nor should it be treated as legal advice, and is not intended to provide any indication that an attorney-client relationship is being sought or being established. Before you do anything that could have an impact on your legal or equitable rights, you should always retain counsel in your jurisdiction, after carefully considering the merits and qualifications of that counsel.

  6. Feb 2022
    1. Le texte définit les conditions techniques et juridiques auxquelles les organismes du secteur public pourront consentir à la réutilisation de telles données protégées. Il reviendra, en effet, à ces organismes de déterminer les modalités du partage de ces données, qui se fera sous leur responsabilité et à titre non exclusif, grâce à des infrastructures dédiées, gérées et supervisées par eux. La protection des données, par leur anonymisation ou pseudonymisation par exemple, devra être garantie. Les États membres devront mettre en place un mécanisme de guichet unique pour les demandes d’accès à ce type de données et créer des structures chargées d’épauler les organismes du secteur public concernés.

      Les administration vont devoir avoir des cartographies claires des donnees. Des organismes vont emerger pour mettre en place ces systemes d'interoperabilite

  7. Dec 2021
    1. Catala, a programming language developed by Protzenko's graduate student Denis Merigoux, who is working at the National Institute for Research in Digital Science and Technology (INRIA) in Paris, France. It is not often lawyers and programmers find themselves working together, but Catala was designed to capture and execute legal algorithms and to be understood by lawyers and programmers alike in a language "that lets you follow the very specific legal train of thought," Protzenko says.

      A domain-specific language for encoding legal interpretations.

  8. Nov 2021
  9. Oct 2021
  10. Sep 2021
    1. Commenting on a recent case from the Washington State Court of Appeals, it says that the outcome “signals a strong return to the legal principle of caveat emptor – otherwise known as ‘buyer beware’.” This ruling is interpreted to mean that “the seller may now intentionally conceal a defect and lie about it, and as long as the buyer’s inspector has some indication of a potential problem and the buyer fails to investigate further, the seller will survive a lawsuit.”
  11. Jun 2021
    1. Están protegidos por la ley.

      La protección de los derechos fundamentales implica la existencia de mecanismos para su protección, los cuales se construyen a partir de normatividad desarrollada por cada Estado internamente. La legislación Colombiana en materia de Derechos Humanos y Derecho Internacional Humanitario reconoce entre estos mecanismos:

      1. La acción de tutela, 2. La acción de cumplimiento, 3. El Habeas Data, 4. El habeas Corpus, 5. Las accione de grupo, entre otras.


  12. Apr 2021
    1. As of Jan 1, 2021 many countries now require KS creators to show Shipping AND VAT/Fees/Taxes on Kickstarter Rewards - not just 1 price for "shipping". So we will do that in our Pledge Manager, after the campaign. Yea, we know...this sucks and is against everything Kickstarter used to be about (the world now views KS as a store, not as a creative platform sending rewards to backers for helping bring the vision to life)
  13. Mar 2021
  14. Jan 2021
    1. Slackmojis is made by some random dude in Brooklyn. He doesn't work for Slack, isn't paid by Slack, he just thinks Slack is pretty cool. Super Official Lawyer Talk: Slackmojis is not created by, affiliated with, or supported by Slack Technologies, Inc.
  15. Dec 2020
    1. The legal term amicus curiae is a Latin phrase that literally means “friend of the court.” The term is used to refer to a legal brief, called an amicus brief that may be filed with an appellate court, including a supreme court, by a party not involved with a current case, but in support of one side or another on the legal issue at hand.

      A friend of the court advising on some legal matter in support of one of the sides involved in the legal matter at hand thou not involved in the case.

  16. Oct 2020
  17. Sep 2020
  18. Aug 2020
    1. When a former psychiatric patient killed two people on the streets of Chapel Hill, North Carolina, and then sued the psychiatrist who had treated him for failing to prevent the murders, the mental health world dismissed the suit as frivolous. But when a jury agreed with the killer and awarded him $500,000 in damages, bewilderment was the order of the day (1). Can it be true, psychiatrists asked, that murder pays—as long as you can blame your psychiatrist for your deed?

      This is the case where it was initially ruled that the psychiatrist was the proximate cause for the patient, Williamson, to commit murder. Subsequent higher courts overturned this decision.

  19. Jul 2020
    1. Defamation law walks a fine line between the right to freedom of speech and the right of a person to avoid defamation. On one hand, a reasonable person should have free speech to talk about their experiences in a truthful manner without fear of a lawsuit if they say something mean, but true, about someone else. On the other hand, people have a right to not have false statements made that will damage their reputation.
    1. As mentioned earlier in these guidelines, it is very important that controllers assess the purposes forwhich data is actually processed and the lawful grounds on which it is based prior to collecting thedata. Often companies need personal data for several purposes, and the processing is based on morethan one lawful basis, e.g. customer data may be based on contract and consent. Hence, a withdrawalof consent does not mean a controller must erase data that are processed for a purpose that is basedon the performance of the contract with the data subject. Controllers should therefore be clear fromthe outset about which purpose applies to each element of data and which lawful basis is being reliedupon.
    2. In cases where the data subject withdraws his/her consent and the controller wishes to continue toprocess the personal data on another lawful basis, they cannot silently migrate from consent (which iswithdrawn) to this other lawful basis. Any change in the lawful basis for processing must be notified toa data subject in accordance with the information requirements in Articles 13 and 14 and under thegeneral principle of transparency.
    1. Some vendors may relay on legitimate interest instead of consent for the processing of personal data. The User Interface specifies if a specific vendor is relating on legitimate interest as legal basis, meaning that that vendor will process user’s data for the declared purposes without asking for their consent. The presence of vendors relying on legitimate interest is the reason why within the user interface, even if a user has switched on one specific purpose, not all vendors processing data for that purpose will be displayed as switched on. In fact, those vendors processing data for that specific purpose, relying only on legitimate interest will be displayed as switched off.
    2. Under GDPR there are six possible legal bases for the processing of personal data.
  20. Jun 2020
  21. May 2020
    1. Disclaimer: Termly LLC is not a lawyer or a law firm and does not engage in the practice of law or provide legal advice or legal representation. All information, software, services, and comments provided on the site are for informational and self-help purposes only and are not intended to be a substitute for professional legal advice.
    1. Though GDPR is primarily a legal challenge, a technological response was also necessary to meet the transparency and control requirements that arise as a result of GDPR implementation.
    1. Sure, anti-spam measures such as a CAPTCHA would certainly fall under "legitimate interests". But would targeting cookies? The gotcha with reCAPTCHA is that this legitimate-interest, quite-necessary-in-today's-world feature is inextricably bundled with unwanted and unrelated Google targeting (cookiepedia.co.uk/cookies/NID) cookies (_ga, _gid for v2; NID for v3).
    1. When evaluating whether or not a legal basis can apply, please be sure to go through them with your lawyer as determining the correct legal basis is very important and can be difficult.
    2. It’s worth saying though that while the law may give you up to 30 days to honor these requests, most subscribers won’t. It is therefore prudent to honor opt-out requests promptly or risk being marked as spam and compromising the total legitimacy of your associated address.
    1. as IT staff - who craft and maintain those screens - we lack concrete requirements as to what actually needs to be changed or added at our existing user "touch points" to achieve and demonstrate compliance.
    1. Where a processing activity is necessary for the performance of a contract.

      Would a terms of service agreement be considered a contract in this case? So can you just make your terms of service basically include consent or implied consent?

    2. “Is consent really the most appropriate legal basis for this processing activity?” It should be taken into account that consent may not be the best choice in the following situations:
    1. Though not always legally required, terms & conditions (also called ToS – terms of service, terms of use, or EULA – end user license agreement) are pragmatically required
    2. It’s useful to remember that under GDPR regulations consent is not the ONLY reason that an organization can process user data; it is only one of the “Lawful Bases”, therefore companies can apply other lawful (within the scope of GDPR) bases for data processing activity. However, there will always be data processing activities where consent is the only or best option.
    3. Under EU law (specifically the GDPR) you must keep and maintain “full and extensive” up-to-date records of your business processing activities, both internal and external, where the processing is carried out on personal data.
    4. However, even if your processing activities somehow fall outside of these situations, your information duties to users make it necessary for you to keep basic records relating to which data you collect, its purpose, all parties involved in its processing and the data retention period — this is mandatory for everyone.
    1. If you’re a controller based outside of the EU, you’re transferring personal data outside of the EU each time you collect data of users based within the EU. Please make sure you do so according to one of the legal bases for transfer.

      Here they equate collection of personal data with transfer of personal data. But this is not very intuitive: I usually think of collection of data and transfer of data as rather different activities. It would be if we collected the data on a server in EU and then transferred all that data (via some internal process) to a server in US.

      But I guess when you collect the data over the Internet from a user in a different country, the data is technically being transferred directly to your server in the US. But who is doing the transfer? I would argue that it is not me who is transferring it; it is the user who transmitted/sent the data to my app. I'm collecting it from them, but not transferring it. Collecting seems like more of a passive activity, while transfer seems like a more active activity (maybe not if it's all automated).

      So if these terms are equivalent, then they should replace all instances of "transfer" with "collect". That would make it much clearer and harder to mistakenly assume this doesn't apply to oneself. Or if there is a nuanced difference between the two activities, then the differences should be explained, such as examples of when collection may occur without transfer occurring.

    2. If you profile your users, you have to tell them. Therefore, you must pick the relevant clause from the privacy policy generator.
    3. In case you’re implementing any ADM process, you have to tell your users.
    1. Firstly, it’s critical to note that even where this exception to the consent requirement applies, you’ll still need to inform the user of your use of cookies via a cookie policy
    1. Is an Impressum legally required? The Impressum is legally required on all commercial websites published in German-speaking countries (Germany, Austria, and Switzerland), whether the website is published via a .de top-level domain or not. The point can be made that if you simply have a personal blog without ads and make no money from it, then the Impressum is not required.
  22. Apr 2020
    1. Legal Forms Library Virginia Legal Forms Welcome to the Virginia Legal Forms Library There are several ways to use this resource. Explore using the buttons below or search by Legal Form category or title in the search area above.
    1. U.K. Information Commissioner Elizabeth Denham clearly states that consent is not the "silver bullet" for GDPR compliance. In many instances, consent will not be the most appropriate ground — for example, when the processing is based on a legal obligation or when the organization has a legitimate interest in processing personal data.
    2. data processing limited to purposes deemed reasonable and appropriate such as commercial interests, individual interests or societal benefits with minimal privacy impact could be exempt from formal consent. The individual will always retain the right to object to the processing of any personal data at any time, subject to legal or contractual restrictions.
    3. organizations may require consent from individuals where the processing of personal data is likely to result in a risk or high risk to the rights and freedoms of individuals or in the case of automated individual decision-making and profiling. Formal consent could as well be justified where the processing requires sharing of personal data with third parties, international data transfers, or where the organization processes special categories of personal data or personal data from minors.
    4. First, organizations must identify the lawful basis for processing prior to the collection of personal data. Under the GDPR, consent is one basis for processing; there are other alternatives. They may be more appropriate options.
    1. The service offered by iubenda helps the User by providing tools that facilitate compliance with certain legal requirements. In particular, iubenda offers the User the possibility to autonomously create their own legal documents from the provided Templates.
    2. The activity carried out by iubenda does not constitute legal advice in any way and no attorney-client relationship shall be established.
    1. Any explanatory texts provided in correspondence of the available services by no means substitute a legal opinion nor replace the assistance or advice of a professional. Such texts are merely intended to facilitate use and understanding of the Service, and are not exhaustive nor may they fit any specific case.
    1. dentro de los sesenta (60) días hábiles siguientes a su publicación

      ¿Si son obras digitales pensadas para estar disponibles en un lugar fijo en un plazo menor de tiempo?

    2. Parágrafo 9

      Implica la responsabilidad por parte de la BNC de identificar dominios registrados en Colombia.

    3. Parágrafo 8.

      Esto implica una obligación desde la biblioteca por garantizar ambientes de reproducción, acceso, etc.

    4. establecido para tal fin, los metadatos requeridos para su preservación

      Mencionar el mecanismo y el estándar de metadatos requerido para la entrega a la BNC. Es recomendable ligar este parágrafo a una normalización para facilitar las labores de identificación, organización y preservación de las obras entregadas.

    5. ni metadatos de autor, datos de contacto

      Referirse a términos como "Metadatos descriptivos y de identificación" u otros que la BNC no esté en capacidad de rastrear, aún cuando la BNC requiera unos datos mínimos como el de autor, contacto y fecha.

    6. el editor o productor, según requerimiento, facilitará una copia digital íntegra y legible sin restricciones de acceso, suspenderá de manera temporal las medidas tecnológicas que impidan la reproducción de la obra según los fines anteriormente señalados, o, proporcionará su transferencia a través de redes de comunicación o en otro soporte, según sea el caso, a fin de que la biblioteca pueda cumplir con su obligación de salvaguardar el patrimonio bibliográfico y documental digital colombiano

      Desglosar con claridad los tipos de recursos o medios que tiene la BNC para acceder a una copia de preservación de los recursos. Es texto podría entenderse a que el editor está sujeto a esas posibilidades al tiempo, cuando puede que solo le aplique una de ellas.

    7. material complementario

      ¿Cómo se define materiales complementarios para obras que recurren a múltiples recursos, como los transmedia?

    8. soporte no tangible, se entregará un (1) ejemplar a la Biblioteca Nacional de Colombia según el protocolo definido para este trámite

      No es clara la intención de la entrega de un soporte físio por la creación de obras digitales que nacieron sin ese propósito. Si es un blog, como obra que circula en soportes no tangibles ¿se tendría que bajar a un soporte digital y entregar a la BNC?

    9. protocolo definidos por la Biblioteca Nacional de Colombia y/o las bibliotecas departamentales en el ámbito de sus competencias, para la conformación de colecciones patrimoniales

      Este aspecto, además de lo comentado antes, implica que existan expertos en áreas digitales en los distintos departamentos en donde operan estas bibliotecas o que se garantice que desde la BNC se pueda hacer una jornada que establezca estos parámetros, adecuados a los contextos de cada una de las bibliotecas.

    10. entregar

      El documento puede aclarar qué materiales debe recibir con certeza cada institución, teniendo en cuenta las cargas administratias y operativas para editores. Esto mejoraría, además, de liberar de ejemplares innecesarios o de poca relevancia para las demás entidades depositarias ¿cuánto le cuesta gestionar ejemplares que no utilizan?

      El procedimiento de entrega puede debatirse entre las partes involucradas, con el fin de evitar ambigüedades entre lo que obliga la ley y los asuntos que son potestad de cada entidad.

      También deben contemplarse los ejemplares para divulgar, en el caso de Bibliotecas Departamentales. Requerirían un ejemplar de divulgación y uno de preservación, si ese es el propósito de este artículo.

    11. aplica sólo para publicaciones cuya temática principal sea en el campo de las ciencias sociales

      Esta limitación temática a las ciencias sociales, deja por fuera literatura, historia, geografía o educación que son importantes para la Biblioteca del Congreso.

    12. seriadas (periódicos, anuarios, revistas, etc.)

      La reglamentación, para ser más concreto, puede incluir un glosario de términos que den más claridad sobre los aspectos relacionados con el depósito legal.

    13. Propuesta de reglamentación del Depósito legal en Colombia

      Propuesta de reglamentación del depósito legal digital

    14. obras nacidas digitales que circulen en internet u otras redes de comunicación, sin importar la localización del servidor o servidores a partir de los cuales se difunden, la Biblioteca Nacional de Colombia y las bibliotecas departamentales o la que haga sus veces

      Hacer explícito el cómo se hará y si existe algún tipo de excepción que cubra las acciones requeridas para estas capturas.

    15. protocolo definido por esta entidad

      Es recomendable publicar los protocolos establecidos acompañando la propuesta de reglamentación, de lo contrario se generaría vacío por una metarecomendación que no cubre la ley, ni el protocolo ni la Biblioteca Nacional de Colombia.

    16. Remisión de obras a la Biblioteca Nacional de Colombia y Remisión de listado de obras al Instituto Caro y Cuervo

      La identificación de obras y publicación del anuario garantizan el cumplimiento de los objetivos del Depósito Legal mencionados en el Artículo 14 de este documento.

    17. Artículo 1. Deróguense

      Para la labor bibliotecaria y los proyectos digitales es fundamental conocer y tener acceso a los datos sobre la producción bibliográfica nacional, recolectar, organizar y analizar estos datos disponibles para investigaciones, la toma de decisiones sobre adquisición de materiales u otros aspectos relacionados con las actividades en las distintas tipologías bibliotecarias.

      Consideramos que la legislación debe promover la circulación de estos contenidos por medio de las entidades que para ello estén dispuestas y no vemos beneficioso que ésta actividad recaiga en una única institución. Esto podría generar sobre cargas laborales y limitaciones en los cumplimientos del propósito de esta normativa.

    1. But recent events have made me question the prudence of releasing this information, even for research purposes. The arrest and aggressive prosecution of Barrett Brown had a marked chilling effect on both journalists and security researchers.
    2. At Brown’s sentencing, Judge Lindsay was quoted as saying “What took place is not going to chill any 1st Amendment expression by Journalists.” But he was so wrong. Brown’s arrest and prosecution had a substantial chilling effect on journalism. Some journalists have simply stopped reporting on hacks from fear of retribution and others who still do are forced to employ extraordinary measures to protect themselves from prosecution.
    3. Having said all that, I think this is completely absurd that I have to write an entire article justifying the release of this data out of fear of prosecution or legal harassment. I had wanted to write an article about the data itself but I will have to do that later because I had to write this lame thing trying to convince the FBI not to raid me.
    4. I could have released this data anonymously like everyone else does but why should I have to? I clearly have no criminal intent here. It is beyond all reason that any researcher, student, or journalist have to be afraid of law enforcement agencies that are supposed to be protecting us instead of trying to find ways to use the laws against us.
    1. The data is stored in log files to ensure the functionality of the website. In addition, the data serves us to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. The legal basis for the temporary storage of the data and the log files is Art. 6 para. 1 lit. f GDPR. Our legitimate interests lie in the above-mentioned purposes.
    2. The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user's computer. For this the IP address of the user must remain stored for the duration of the session.
    3. The legal basis for the processing of personal data using cookies is Art. 6 para. 1 lit. f GDPR. Our legitimate interests lie in the above-mentioned purposes.
    1. Ley 23 de 1982

      In 2018 the law 1915/2018 modifies this law. Adding a chanche to Legal Deposit law. The chances are now underway.

  23. Mar 2020
    1. Humans can no longer compete with AI in chess. They should not be without AI in litigation either.
    2. Just as chess players marshall their 16 chess pieces in a battle of wits, attorneys must select from millions of cases in order to present the best legal arguments.
    1. legitimate interest triggers when “processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject
    2. of the six lawful, GDPR-compliant ways companies can get the green light to process individual personal data, consent is the “least preferable.” According to guidelines in Article 29 Working Party from the European Commission, "a controller must always take time to consider whether consent is the appropriate lawful ground for the envisaged processing or whether another ground should be chosen instead." 
    3. “It is unfortunate that a lot of companies are blindly asking for consent when they don’t need it because they have either historically obtained the consent to contact a user,” said digital policy consultant Kristina Podnar. “Or better yet, the company has a lawful basis for contact. Lawful basis is always preferable to consent, so I am uncertain why companies are blindly dismissing that path in favor of consent.”
    1. The Cookie Law does not require that records of consent be kept but instead indicates that you should be able to prove that consent occurred (even if that consent has been withdrawn). The simple way to do this would be to use a cookie management solution that employs a prior blocking mechanism as under such circumstances, cookie installing scripts will only be run after consent is attained. In this way, the very fact that scripts were run may be used as sufficient proof of consent.
    1. You are legally obliged to list all websites/companies belonging to one group.
    1. If a website/app collects personal data, the Data Owner must inform users of this fact by way of a privacy policy. All that is required to trigger this obligation is the presence of a simple contact form, Google Analytics, a cookie or even a social widget; if you’re processing any kind of personal data, you definitely need one.
    1. Legitimate interest. When there is a genuine reason for processing personal data without consent. Interpretations of this legal ground may vary, but a good example would be risk assessment or checking children’s age, such as in an online liquor store.
    1. The main forces that restricted public health police powers were: (1) the advent of civil rights jurisprudence; (2) the rise of patient autonomy and the rapid expansion of state personal health services expenditures; and (3) federal encroachment on state authority.
    2. Historically, the communitarian bases of the American legal system supported the subordination of individual rights when necessary for the preservation of common good. Quarantine measures were subjected to a deferential review supporting the states' right to substantially limit individual rights for the community's benefit.
    3. The treatment of quarantine reflects the latter. Courts and academics rarely expressed doubt about the validity of quarantine regulations, since the courts presumed that actions taken under the police power were constitutional.10,11 Challenges to the Fourteenth Amendment, usually successful when governmental intervention interfered with individual liberties, were not well received by the courts when communicable disease regulations, including quarantine, were involved.
    4. Fourteenth Amendment

      nor shall any State deprive any person of life, liberty, or property, without due process of law; nor deny to any person within its jurisdiction the equal protection of the laws.

    5. The legal principles employed to sustain state public health police power were sic utere tuo ut alterum non laedas (use that which is yours so as not to injure others) and salus publica suprema lex est (public well-being is the supreme law).12 The principle of sic utere describes the power of the state to prevent or prohibit “the use of private property or the commission of private acts in a manner harmful to others.”15 The principle of salus publica, on the other hand, recognizes police power as a means to “prevent or avoid public harm even if the action has not harmed others.
    6. Generally, the courts reviewed police power measures only when the degree of restriction of personal liberty was found to be unconscionable.
    7. communitarian philosophy underlying this approach was carried into later judicial holdings, further consolidating states' exercise of public health police power.


    8. quarantine was already a well established form of public health regulation, and was considered proper exercise of the police power of the states; the Supreme Court, in its affirmation of this power, noted that the state had the power to quarantine “to provide for the health of the citizens.”10,11 The uncontrollable nature of epidemic diseases moved the Supreme Court to uphold such extreme measures on the basis of the defense of the common good.8
    1. An example of reliance on legitimate interests includes a computer store, using only the contact information provided by a customer in the context of a sale, serving that customer with direct regular mail marketing of similar product offerings — accompanied by an easy-to-select choice of online opt-out.
    1. This is no different where legitimate interests applies – see the examples below from the DPN. It should also be made clear that individuals have the right to object to processing of personal data on these grounds.
    2. Individuals can object to data processing for legitimate interests (Article 21 of the GDPR) with the controller getting the opportunity to defend themselves, whereas where the controller uses consent, individuals have the right to withdraw that consent and the ‘right to erasure’. The DPN observes that this may be a factor in whether companies rely on legitimate interests.


    1. While we recognise that analytics can provide you with useful information, they are not part of the functionality that the user requests when they use your online service – for example, if you didn’t have analytics running, the user could still be able to access your service. This is why analytics cookies aren’t strictly necessary and so require consent.
    1. Ryan said he believes the GDPR has resulted in a “game of chicken” between the tech industry and regulators, where companies are trying to see what they can get away with and doing the bare minimum — without taking meaningful action or, often, actually complying with the law.
    1. In mid-2017, the EU’s antitrust watchdog hit Google with a $2.7 billion fine for unfairly favoring its own service over those of its rivals
    2. “It’s strange to say, ‘Yeah, we’re going to respect the privacy of Europeans more than all other human beings all over the world,’”