The law in the United States has long approved of and relied on individual authorization, explicit or implicit, as a legal basis for agreement. In contrast, the European Union has sought to limit the unbridled use of consent and contract. Building on this tradition, it has demonstrated profound skepticism towards contract in its data protection law. Whether within the European Union level or in the Member States, EU law is deeply concerned about power imbalances between data processors and individuals. It places certain kinds of data use beyond contract and resists reducing grounds for the legitimacy of data processing to notice-and-choice.
In its information privacy law, the U.S. has not heavily drawn on contract, but a contract-like process. Through the efforts of the Federal Trade Commission and federal and state law, U.S. law has developed an obligation that data processors make privacy and security promises in writing. Then the FTC and state Attorney Generals hold these statements binding and police deviations from their terms. The result is not contractual, but “contract-lite.” This approach mimics certain aspects of common law contract, but rests on the FTC’s Section 5 power and state mini-FTC Acts. As a consequence, it is subject to all the limits on that power. The result also falls short of the strict EU rules around contracting for personal data.
This lecture explores the differing views in the U.S. and EU towards the use of contract law and consent in consumer-oriented contracts and evaluates recent developments for their likely impact on future convergence and divergence in the respective comparative contractual privacy law of the U.S. and EU.
Jefferson E. Peyser Professor of Law
Berkeley Law School
Tuesday, March 8, 2016
UC Davis School of Law, King Hall Rm 1301
12:00 PM – 1:00 PM
Paul Schwartz is Jefferson E. Peyser Professor of Law and Co-Director of the Berkeley Center for Law & Technology. He is a leading international expert on information privacy and information law. His scholarship focuses on how the law has sought to regulate and shape information technology – as well as the impact of information technology on law and democracy. Schwartz has testified before Congress and served as an advisor to the Commission of the European Union and other international organizations. He assists numerous corporations and law firms with regulatory, policy, and governance issues relating to information privacy. He is a frequent speaker at technology conferences and corporate events in the United States and abroad. Schwartz is a graduate of Brown University (B.A. 1981) and Yale University (J.D. 1985).