New Year, Same Great PLA

Hi Folk,

To most of you, welcome back–and, to our 1Ls, welcome onboard! This looks to be a banner year for the Privacy Law Association, and we couldn’t do it without all of you. Many thanks to those of you who joined us at the Student Organization Fair earlier this afternoon. For those of you who missed us, we’ll be back from 5:00pm to 6:00pm in the 2nd Floor Events Center 🙂

Resource: PLA Membership!

This year, the Privacy Law Association will be assessing membership dues of $10. This fee covers membership for the entire year, and it helps us host events and run the organization. For those of you who are light on change–and let’s face it: we’re students, after all–fear not. This newsletter will continue to be free to all, as will our speaker events. Members, however, will also gain access to an outline bank for NYLS classes, our mentor-mentee program, and potentially more as the PLA continues to grow. Payment can be made to our Treasurer, Cindy Park, by Venmo or cash. (Label the payment “[First Name] [Last Name] PRIVACY DUES.”)

Once you’ve paid dues, keep an eye out for an email from us inviting you to your new account. If it’s been a couple weeks and you haven’t heard anything, reach out, and we’ll make sure you’re in the system. Also feel free to get in touch with any questions or concerns 🙂

Resource: L.A.W. Textbook Bank

If you’re still looking for textbooks–or if you have some textbooks you’d like to offload–the Legal Association for Women has you covered. They’ve created a spreadsheet where students can post textbooks they no longer need. Students can also buy textbooks they need for upcoming classes. Even better, L.A.W. has kept privacy in mind, and has limited visibility of the sheet to the New York Law School community, to avoid personal information like names, phone numbers, and email addresses from becoming public to the internet at large. You can find the sheet here:

Of course, while this isn’t public to the internet, it is available to the entire NYLS community, so don’t go posting your social security number. As a general note, if you’re interested in buying a textbook, they ask that you contact the seller directly (the seller can choose the price and will receive 100% of the profit)! For questions, reach out to Julianna Risi.

Event: Esports Privacy and Compliance with Adam Gertz

Do you like video games? Have you watched streamers on Twitch? Yes? Then come hear about the nuances of privacy compliance that keep esports running smoothly. No? Then come find out what all the fuss is about, with a presentation on the fascinating legal work behind both games themselves and the sports media industry that has developed around them. Adam Gertz is a partner at Morrison Cooper LLP, an LA-based digital entertainment law firm that leads the industry in esport-, video game-, and digital entertainment IP law. He is an expert on privacy compliance and a board member of the Esports Bar Association.

The event will take place on Microsoft Teams from 1:00pm to 2:00pm on Thursday, September 28. Join here or with meeting ID: 257 521 599 379 and passcode: 4uaoPL !

Housekeeping: Name Change

As we expand our offerings, we’ve made a small update: our name is now officially the New York Law Student Privacy Law Association–and, per that new name, we continue to pursue collaboration with groups outside of New York Law School alongside our partnerships with student organizations on campus. If you know folk in other groups who might want to partner with us, or privacy law resources we haven’t touched on, don’t hesitate to put us in touch!

Privacy News

A Victory Against Revenge Porn

What might have devastated some galvanized Madison and Christine Conradis to action–and they ultimately took down the creep who had been spreading their pictures. But the victory remains bittersweet, precisely because of how exceptional it is. Beyond determination and grit, the Conradis needed a modicum of luck to catch their harasser. Most cyberharassment laws, based on older harassment laws of limited applicability, are a poor match for the realities posed by today’s internet. Underneath that lies a problem of symmetry. The Conradis could only achieve justice by exposing their harasser’s identity–but the means that allowed them to expose his identity are the same as the ones that exposed them to harassment in the first place.

UN Cybercrime Treaty is Likely to Increase Surveillance

On the subject of cybercrime laws that might have deleterious effects on the innocent, the United Nations recently released its first draft of a proposed international Cybercrime Convention. Now, collaboration among countries to spy on their citizens is hardly unprecedented–consider the Five, Nine, and Fourteen Eyes agreements. But the new treaty promises to double down on existing rights violations, building on top of transnational repression mechanisms that have already emerged in systems like INTERPOL’s Red Notice. The EFF has an excellent analysis of the treaty’s origins and continued evolution.

TikTok Moves to Dublin

Remember when Congress debated banning TikTok? Little came of that debate, aside from an alarming amount of pro-TikTok ads on TV, but the European Union has been seeing slightly more success. To placate regulators, TikTok has begun a fairly impressive effort to lock down EU user data. More significant than the data center, audit by an independent cybersecurity company bodes well for TikTok actually meaning what it says. And for what it’s worth, there is a similar program for the US currently underway.

Talk is Cheap: So are Privacy Policies

If you’re taking Professor Montle’s cybersecurity compliance class this semester, you’re probable seeing a lot of privacy policies–and the rest of you are missing out! Privacy policies are great (we have one too), they’re mandatory in many settings, and they can help both guard against liability and empower users to understand what’s happening with their data. That being said–SPOILER ALERT–a policy alone isn’t enough. To protect users data, and to be compliant with most regulations, privacy policies need to be backed by privacy practices and systems designed to accomplish whatever the policy sets out. Without anything to back it up, a privacy policy can even become a liability, as it provides a clear bar that the data processor has failed to meet. The article below addresses a worst-case failure of policy at Tesla, everyone’s favorite manufacturer of self-driving explosive devices.

That’s all for now, but we look forward to seeing you all at our event with Adam Gertz on September 28. Until then, stay tuned for more PLA news coming up, and remember: privacy is freedom.

Kyle Hunt
President, Privacy Law Association

Scroll to Top