Friday, October 16, 2015

Information Fiduciaries and the First Amendment


I've posted a draft of my latest article, Information Fiduciaries and the First Amendment, on SSRN. This essay is based on the Central Valley Foundation/James B. McClatchy Lecture that I gave at U.C. Davis Law School on March 12, 2015. It restates and develops the theory of information fiduciaries that I introduced last year in an essay on Information Fiduciaries in the Digital Age.

Here is the abstract:

This article introduces the concept of an information fiduciary to explain how to protect digital privacy and prevent overreaching by online enterprises consistent with the First Amendment.

An information fiduciary is someone who, because of their relationship with another, assumes special duties with respect to the information they obtain in the course of the relationship. Traditional information fiduciaries include professionals with special skills like doctors and lawyers. Clients cannot easily observe and monitor what professionals do and are dependent on professional expertise; moreover, professionals expect and encourage clients to have confidence in them. Lacking knowledge, skill, and the ability to monitor, clients must trust that these fiduciaries will not abuse their position and misuse the information they obtain from their clients.

For similar reasons, many online service providers and cloud companies should be considered as information fiduciaries with respect to their customers, clients, and end users. They keep their operations secret and they encourage end-users to trust them; moreover, end-users do not understand and cannot monitor how their information will be used in the future.

The duties of this new class of digital information fiduciaries may differ from and be more limited than those of traditional fiduciaries. Permissible regulations depend on the nature of their businesses and the kinds of trust and confidence they encourage from their end-users and clients. Governments may impose privacy regulations to enforce these fiduciary obligations without violating the First Amendment.

Similar reasoning explains how courts should modify the third-party doctrine in Fourth Amendment law. People should have a reasonable expectation that those who owe them fiduciary duties of trust and confidence will not betray them to third-parties, including the government. If new digital online service providers are information fiduciaries, end-users should have reasonable expectations of privacy in at least some of the information shared with them. Hence governments must show probable cause and/or obtain a warrant to access this information. The same reasons that governments may protect personal information under the First Amendment also provide justifications for a reasonable expectation of privacy under the Fourth Amendment.

Older Posts
Newer Posts