Follow: Email

Two recent actions by lawmakers are intended to address certain uses of technology in health. First, two Senators have introduced a bipartisan bill related to the collection and use of identifiable health data from wearable health trackers.  Second, following an appeal from Democratic lawmakers, the Agency for Healthcare Research and Quality (“AHRQ”) plans to review the use of race-based algorithms in medical care.
Continue Reading SMARTWATCH Act and AHRQ’s Inquiry

Several states have proposed new privacy bills since their sessions began.  Some of the proposed bills carry over or re-introduce bills drafted in previous legislative sessions, while others are introducing firstin-time omnibus privacy bills.  In the high-level chart below, we compare five of the key state privacy frameworks: the CPRA, VCDPA (which we blogged about here), the NYPA, the general privacy provisions of the Washington Privacy Act, and the newly introduced Washington People’s Privacy Act (HB 1433)

Continue Reading 2021 State Privacy Legislation Roundup: California, Virginia, New York, and Washington

Last month marks two years since the Supreme Court held, in Carpenter v. United States, that the Fourth Amendment applies to cell phone company records that detail a cell phone user’s location and movements.  Under Carpenter, police are generally required to use a warrant to obtain seven days or more of a user’s cell-site location information from phone companies.

As we previously reported, Carpenter redefined how the Fourth Amendment applies to information held by technology companies in the digital age.  Prior to Carpenter, the Court applied the third-party doctrine, under which a person who voluntarily revealed information to third parties—such as telephone companies, banks, or technology companies—lacks a reasonable expectation of privacy in that information and therefore forfeits Fourth Amendment protections.  In Carpenter, the Court declined to apply the third-party doctrine to cell-site location information, even though the cell phone user revealed their location information to their phone company.  Despite the significance of this ruling, the Court said that its decision in Carpenter was a “narrow one” that did not “address other business records that might incidentally reveal location information” or “consider other collection techniques involving foreign affairs or national security.”
Continue Reading Two Years of Carpenter