Abstract

https://ssrn.com/abstract=2501002
 


 



Sensitive Information


Paul Ohm


University of Colorado Law School

September 24, 2014

Southern California Law Review, Vol. 88, 2015, Forthcoming

Abstract:     
Almost every information privacy law provides special protection for certain categories of “sensitive information,” such as health, sex, or financial information. Even though this approach is widespread, the concept of sensitive information is woefully undertheorized. What is it about these categories that deserves special protection? This Article offers an extended examination of this question. It surveys dozens of laws and regulations to develop a multi-factor test for sensitivity.

From this survey, the Article concludes that sensitive information is connected to privacy harms affecting individuals. Consistent with this, at least for the case of privacy in large databases, it recommends a new “threat modeling” approach to assessing the risk of harm in privacy law, borrowing from the computer security literature. Applying this approach it concludes that we should create new laws recognizing the sensitivity of currently unprotected forms of information — most importantly geolocation and some forms of metadata — because they present significant risk of privacy harm.

Number of Pages in PDF File: 55

Keywords: privacy, information privacy, health, financial, education, sensitive, sensitive information

JEL Classification: K00, K23


Open PDF in Browser Download This Paper

Date posted: September 26, 2014  

Suggested Citation

Ohm, Paul, Sensitive Information (September 24, 2014). Southern California Law Review, Vol. 88, 2015, Forthcoming. Available at SSRN: https://ssrn.com/abstract=2501002

Contact Information

Paul Ohm (Contact Author)
University of Colorado Law School ( email )
401 UCB
Boulder, CO 80309
United States
303-492-0384 (Phone)
303-492-1200 (Fax)

Feedback to SSRN


Paper statistics
Abstract Views: 3,429
Downloads: 586
Download Rank: 34,441