Second Law and Information Society Symposium: Enforcement, Compliance and Remedies in the Information SocietyThis symposium explored the enforcement of, compliance with and remedies flowing from the law in the information society. In 2005, Fordham hosted the first Law and Information Society Symposium to explore what law is or should be applicable in the information society. In this second symposium, we continued our exploration of the law by examining enforcement, compliance and remedies. The conference reviewed these aspects in four different substantive areas: international privacy; intellectual property; consumer protection; and data warehousing. These areas were selected because of their significance in the information society and because they are areas where regulation is currently evolving.
9:00 Opening Remarks
9:15 Panel 1: Notice and Take Down Process – Over-Enforcement?
This panel explored the notice and take down process provided in the Digital Millennium Copyright Act. Panelist discussed how rights holders are using the process to enforce rights, how intermediaries are responding to notices and what impact the process has on users and alleged infringers. The panel discussed whether the process is both effective for rights holders and sufficiently protective for users. The panel also explored how filtering software affects the process.
Moderator: Hugh Hansen, Professor of Law, Fordham Law School; Director of the Intellectual Property Institute
• Jeffrey I. Klein, Partner, Goodwin Procter LLP
11:00 Panel 2: Secondary Liability and Remedies Post Grokster
This panel discussed the remedies available for online copyright infringement after the Supreme Court’s decision in MGM v. Grokster. Panelists generally discussed the trend of enforcing rights against intermediaries rather than direct infringers. They explored who rights holders can seek a remedy against after Grokster and what impact the Perfect 10 decision will have on the contributory liability analysis. The panel also considered whether the changing standards will lead to an increased level of responsibility placed on intermediaries.
Moderator: Wendy Gordon, Professor of Law, Boston University School of Law
• David Fewer, Legal Counsel, Canadian Internet Policy and Public Interest Clinic, University of Ottawa
1:30 Panel 3: Individual Enforcement of Rights Against a Corporate Data Warehouser
Panelist considered how privacy policies are enforced and what challenges exist to enforcement with respect to data warehousing. They discussed whether consumers can or should be able to require the deletion of stored data and whether there should be opt-out options for users who do not want data regarding their use collected. Finally, they considered what independent action individuals can take to protect themselves and whether independent action is a good alternative to regulation and public enforcement.
Moderator: Thomas D. Halket, Attorney and Chartered Arbitrator, Halket Weitz LLP
• Pam Dixon, Executive Director, World Privacy Forum
3:15 Panel 4: The Challenge of International Compliance for Data Storage by Search Engines
This panel explored compliance with the differing international regulations applicable to data storage by search engines. Specifically, the panel considered when a search engine can be compelled to disclose user’s information and when search engines may have more freedom to withhold information. The panel also discussed what search engines store and whether durational or privacy regulations apply to stored information. Panelists considered how international differences impact business decisions and whether additional regulations or guidance are needed.
Moderator: Ira Rubinstein, Senior Fellow, Information Law Institute, NYU Law School
• Robert Gellman, Privacy and Information Policy Consultant
4:45 Wine & Cheese Reception
9:00 Panel 5: Data Security Breaches – The Prelude & Aftermath
This panel explored how companies comply with laws to prevent data security breaches and the remedies that are available to redress those breaches. Panelists discussed the obligations of companies to keep personal information secure, what they should be actively monitoring, and when notice obligations kick in. They considered what rights individuals have in the event of a data breach and how actively states are monitoring local data breaches and pursing responsible companies.
Moderator: Joseph V. DeMarco, Partner, DeVore & DeMarco LLP
• Justin Brookman, Assistant Attorney General, NY Attorney General Office, Internet Bureau
10:45 Panel 6: Credit Report Cases – Effective Remedies?
This panel discussed how credit reports are being used in novel ways in the marketplace such as the underwriting of auto insurance and mortgage insurance and whether the practices in connection with those uses comply with the Fair Credit Reporting Act (FCRA). Panelists discussed the potential concerns related to certain uses like those in Safeco Ins. V. Burr and what remedies are available for individuals under the FCRA. They considered how damages for credit report misuse are measured and whether additional policing or regulation should be instituted.
Moderator: Susan Block-Lieb, Professor of Law, Fordham Law School
1:30 Panel 7: Internal Investigations and Compliance With Transnational Data Flow Rules
This panel examined how the restrictions on data flow from the EU to the US affect or complicate corporate internal investigations. The panelists reviewed the conflicting needs of global investigations and national EU data protection compliance and discussed how companies weigh their opposing legal obligations in the EU and US. They explored ways to develop a solution for the data flow problem and identify who needs to be involved in the process.
Moderator: Joel R. Reidenberg, Professor of Law, Fordham Law School; Director of Center on Law and Information Policy
• Jeffrey Cunard, Partner, Debevoise & Plimpton LLP