Chapter 4 - notes


Chapter 3


p79

1. eg '"Busty blonde" email lawyers face lawsuit' Register 6 September 2001.

2. Eastham, L, 'Documents, disclosure and direction' (2004) 14 C&L (6) 4 (SCL); Withers, K, 'Computer-Based Disclosure and Discovery in Civil Litigation' [2001] 1 JILT; Sautter, E, ‘The new rules on e-disclosure’ (2005) 155 NLJ 1618.

3. See eg Superior Court Rules Order 31 (IE); Civil Procedure Rules part 31 (E&W).


p80

4. See eg Derby and Co Ltd v Weldon (No 9) [1991] 1 WLR 652 (Lexis).

5. On all these issues see Harrison, R, 'The e-mail of the species' (2002) 12 C&L (6) 25 (SCL); Taylor, R and Richardson, M, 'E-mails: service by e-mail and disclosure of e-mails' (2001) 151 NLJ 1364 (Lexis).

6. See generally Nicoll, C, 'Should computers be trusted? Hearsay and authentication with special reference to electronic commerce' [1999] JBL 332 (Westlaw UK); Leroux, O, 'Legal admissibility of electronic evidence' (2004) 18 IRLCT 193 (Taylor and Francis).

7. See eg Turner, M, 'Beware: Computer evidence quicksand' (2001) 11 C&L (6) 36 (SCL); 'Forensic computing uncloaks industrial espionage' Register 15 July 2004.

8. eg McK v Information Commissioner (Irish High Court, 14 January 2004).


p81

9. Susman, P, 'Court orders for the preservation of computer data' (2001) 12 C&L (2) 20 (SCL).

10. Takenaka (UK) Ltd v Frankl [2001] EWCA Civ 348; Totalise plc v The Motley Fool Ltd [2001] EWCA Civ 1897, [2002] 1 WLR 1233, on which see Brimstead, K, (2002) 9 ITLT (10) 3 (Lexis). For intellectual property cases see Suzor, N, 'Privacy v Intellectual Property Litigation: Preliminary Third Party Discovery on the Internet' (2004) 25 ABR 228.

11. eg Wessel, J, 'Stars, stripes and section 1782' (2001) 145 Sol Jo 56; Carey, G and Leonowicz, S, 'Letters rogatory and the new European regime' [2003] Comm LP 287.

12. Art 8.1.


p82

13. See especially Wainwright v Home Office [2003] UKHL 53, [2004] 2 AC 406.

14. Peck v United Kingdom [2003] ECHR 44.

15. Weber, O, 'Human Dignity and the Commercial Appropriation of Personality: Towards a Cosmopolitan Consensus in Publicity Rights?' (2004) 1 SCRIPT-ed.

16. Bohlman, E, 'Privacy in the Age of Information' [2002] 2 JILT.

17. See especially Bhogal, M, 'United Kingdom Privacy Update 2003' (2004) 1 SCRIPT-ed.

18. Above, p 71.

19. Campbell v Mirror Group Newspapers Ltd [2004] UKHL 22, [2004] 2 AC 457, on which see Wacks, R, '"Private facts": Is Naomi Campbell a Good Model?' (2004) 1 SCRIPT-ed 460.

20. Douglas and Zeta-Jones v Hello! [2005] EWCA Civ 595.

21. See Forde, G, 'A right to privacy and intellectual property law' (2001) 2 TELJ (4) 9.


p83

22. 'Internet firm wins Bulger protection' Guardian 11 July 2001.

23. See especially In re S (FC) (a child) [2004] UKHL 47.

24. Regulation of Investigatory Powers Act 2000 (UK) ss 1-3 and Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000 (UK) SI 2000/2699, as amended by SI 2003/2426; Postal and Telecommunications Services Act 1983 (IE) s 98. Despite the specific reference to 'Telecom Éireann' (Eircom) in the Irish legislation, the provisions also catch other licensed operators: Postal and Telecommunications Services (Amendment) Act 1999 (IE) s 7.

25. Directive 2002/58/EC, on processing of personal data and the protection of privacy in the electronic communications sector. The directive is implemented by the Privacy and Electronics Communications (EC Directive) Regulations 2003 (UK) SI 2003/2426 and the European Communities (Electronic Communications Networks and Services) (Data Protection and Privacy) Regulations (IE) SI 2003/535.

26. Data Protection Act 1984 (UK); Data Protection Act 1988 (IE).

27. Directive on the protection of individuals with regard to the processing of personal data and on the free movement of such data, 1995/46/EC; enacted as Data Protection Act 1998 (UK) and Data Protection (Amendment) Act 2003 (IE). The Irish Act merely amends the previous 1988 Act; for the principal changes see Boyle, D, 'Data Protection (Amendment) Act 2003 - An overview' [2003] ILT 234. A few minor provisions of the 2003 Act are not in force at the time of writing: see SI 2003/207 (IE).


p84

28. See especially Durant v Financial Services Authority [2003] EWCA Civ 1746; Johnson v Medical Defence Union Ltd [2004] EWHC 347 (Ch), though note that the claimant was later able to obtain the data by discovery: [2004] EWHC 2509 (Ch).

29. Data Protection Act 1998 (UK) s 1(1), definition of 'personal data'; Data Protection Act 1988 (IE) s 1(1), definition of 'personal data', as amended by Data Protection (Amendment) Act 2003 (IE) s 2.

30. Carey, P, 'E-mail addresses: Are they personal data?' [2000] Ent LR 11 (Westlaw UK); Harrington, J, 'Data protection and e-mail addresses revisited: Is the DPA workable?' [2000] Ent LR 141 (Westlaw UK).


p85

31. Brown, A, 'RFID tags: An unlawful, or just unwanted, invasion of privacy?' (2004) 14 C&L (5) 27 (SCL).

32. Walden, I, 'Anonymising personal data' (2002) 10 IJLIT 224 (Lexis); Beyleveld, D and Townend, D, 'When is personal data rendered anonymous?' (2004) 6 MLI 73.

33. Durant v Financial Services Authority [2003] EWCA Civ 1746. For commentary see Chalton, S, 'The Court of Appeal's interpretation of 'personal data' in Durant v FSA' (2004) 20 CLSR 175 (Ingenta); Coppel, J, 'Data access requests: What was all the fuss about?' (2003) 153 NLJ 1908 (Lexis).

34. Directive 1995/46/EC art 2(a).

35. 'European Commission suggests UK's Data Protection Act is deficient' OUT-LAW 15 July 2004.

36. Data Protection Act 1998 (UK) s 2; Data Protection Act 1988 (IE) s 1(1), definition of 'sensitive personal data', as inserted by Data Protection (Amendment) Act 2003 (IE) s 2.


p86

37. Data Protection Act 1998 (UK) s 1(1), definition of 'processing'; Data Protection Act 1988 (IE) s 1(1), definition of 'processing', as inserted by Data Protection (Amendment) Act 2003 (IE) s 2.

38. Directive 1995/46/EC art 6; Data Protection Act 1998 (UK) sch 1. For the Irish legislation see O'Dowd, M, 'Data protection - An overview' [2004] COLR 14.

39. Data Protection Act 1998 (UK) sch 1 part I (first data principle) and part II para 1, and sch 2; Data Protection Act 1988 (IE) s 2A, as inserted by Data Protection (Amendment) Act 2003 (IE) s 4.

40. Data Protection Act 1998 (UK) sch 1 part I (first data principle) and part II para 1, and sch 3, and SI 2000/417; Data Protection Act 1988 (IE) s 2B, as inserted by Data Protection (Amendment) Act 2003 (IE) s 4.

41. Data Protection Act 1998 (UK) sch 1 part I (second, third and fifth data principles), and part II paras 2-3 and 5, and SI 2000/185; Data Protection Act 1988 (IE) ss 2(1) and 2D, as amended by Data Protection (Amendment) Act (IE) 2003 ss 3-4.


p87

42. Data Protection Act 1998 (UK) sch 1 part I (fourth, sixth and seventh data principles), and part II paras 7-12; Data Protection Act 1988 (IE) ss 2(1), 2C, 3 and 4, as amended by Data Protection (Amendment) Act (IE) 2003 ss 3-5.

43. Data Protection Act 1998 (UK) ss 10-12; Data Protection Act 1988 (IE) ss 2, 6A and 6B, as amended by Data Protection (Amendment) Act (IE) 2003 ss 3 and 7.

44. Data Protection Act 1998 (UK) sch 1 part I (eighth data principle) and sch 4; Data Protection Act 1988 (IE) s 11, as amended by Data Protection (Amendment) Act (IE) 2003 s 12.

45. Data Protection Act 1998 (UK) s 36; Data Protection Act 1988 (IE) s 1(4)(c); Lindqvist (2003, ECJ, Case C-101/01).

46. Data Protection Act 1998 (UK) s 32; Data Protection Act (IE) 1988 s 22A, as inserted by Data Protection (Amendment) Act 2003 (IE) s 21; Campbell v Mirror Group Newspapers Ltd [2002] EWHC 499 QB, Morland J; [2002] EWCA Civ 1373, [2003] QB 633, Court of Appeal (the House of Lords opinions do not consider data protection issues). For commentary see Simon, I, 'Campbell condensed' [2003] EIPR 146 (Westlaw UK); Turle, M, 'Altered images' (2003) 19 CLSR 54 (Ingenta).


p88

47. See especially Data Protection (Subject Access Modification) (Health) Order 2000 (UK) SI 2000/413 and Health Service (Control of Patient Information) Regulations 2002 (UK) SI 2002/1438; Data Protection (Access Modification) (Health) Regulations 1989 (IE) SI 1989/82 and Data Protection Act 1988 (IE) s 4(8), as amended by Data Protection (Amendment) Act 2003 (IE) s 5; Case, P, 'Confidence matters: The rise and fall of informational autonomy in medical law' (2003) 11 Med LR 208 (Lexis).

48. Data Protection (Subject Access Modification) (Social Work) Order 2000 (UK) SI 2000/415, as amended by SI 2005/467; Data Protection (Access Modification) (Social Work) Regulations 1989 (IE) SI 1989/83 and Data Protection Act 1988 (IE) s 4(8), as amended by Data Protection (Amendment) Act 2003 (IE) s 5.

49. See especially Data Protection Act 1998 (UK) s 33; Data Protection Act 1988 (IE) ss 1(3C), 2(5) and 5(1)(h), as amended by Data Protection (Amendment) Act 2003 (IE) ss 2-3 and 6.

50. Data Protection Act 1998 (UK) ss 28-29; Data Protection Act 1988 (IE) ss 1(4)(a) and 5(1)(a).

51. Baker v Home Secretary (Information Tribunal, 1 October 2001).

52. Data Protection Act 1998 (UK) s 28; Data Protection Act 1988 (IE) s 27.

53. Data Protection Act 1998 (UK) ss 28-29; Data Protection Act 1988 (IE) s 8.

54. Data Protection Act 1998 (UK) sch 7 para 10; Data Protection Act 1988 (IE) s 5(1)(g).

55. 'Special data exemption for legal clients' Sunday Business Post 11 April 2004.

56. See Data Protection Act 1988 (IE) s 16(1); and note especially the addition of ISPs and telcos to the list of those who must register, in the Data Protection (Registration) Regulations 2001 (IE) SI 2001/2. The new, more general provision for registration (inserted by Data Protection (Amendment) Act 2003 (IE) s 16) is not yet in force: see SI 2003/207.

57. Data Protection Act 1998 (UK) ss 16-26; Data Protection Act (IE) 1988 ss 16-20, as amended by Data Protection (Amendment) Act 2003 (IE) ss 16-18.

58. Data Protection Public Register (UK); Registering with the Data Protection Commissioner (IE).


p89

59. eg 'Firms duped over data registering' BBC News 16 February 2003; 'Injunction granted against data protection adverts' (OFT Press Release 6 February 2004).

60. Data Protection Act 1998 (UK) s 50 and sch 9; Data Protection Act 1988 (IE) s 24, as amended by Data Protection (Amendment) Act 2003 (IE) s 22.

61. Data Protection Act 1998 (UK) ss 43-44 and 47; Data Protection Act 1988 (IE) s 12.

62. Data Protection Act 1998 (UK) s 55; Data Protection Act 1988 (IE) ss 21-22.

63. Data Protection Act 1998 (UK) ss 40-41 and 47; Data Protection Act 1988 (IE) s 10, as amended by Data Protection (Amendment) Act 2003 (IE) s 11.

64. Data Protection Act 1998 (UK) ss 48-49; Data Protection Act 1988 (IE) s 26.

65. Data Protection Act 1998 (UK) s 60; Data Protection Act 1988 (IE) s 31, as amended by Data Protection (Amendment) Act 2003 (IE) s 19.

66. Directive 1998/27/EC on injunctions for the protection of consumers' interests; Enterprise Act 2002 (UK) ss 210-236; European Communities (Protection of Consumers' Collective Interests) Regulations 2001 (IE) SI 2001/449.

67. For enforcement bodies see Enterprise Act 2002 (Part 8 Designated Enforcers: Criteria for Designation, etc) Order 2003 (UK) SI 2003/1399 and Enterprise Act 2002 (Part 8 Domestic Infringements) Order 2003 (UK) SI 2003/1593; 'Commission communication concerning Article 4(3) of Directive 98/27/EC' (OJ 31 December 2003, C 321/26).


p90

68. Data Protection Act 1998 (UK) s 42; Data Protection Act 1988 (IE) ss 6A, 10 and 12A, as inserted by Data Protection (Amendment) Act 2003 (IE) ss 8, 11 and 13.

69. Data Protection Act 1998 (UK) ss 7-8, 10-12 and 14-15.

70. Data Protection Act 1998 (UK) s 13.

71. Data Protection Act 1988 (IE) s 7.

72. See generally Data Protection Act 1998 (UK) ss 51-54; Data Protection Act 1988 (IE) ss 9 and 13-15, as amended by Data Protection (Amendment) Act 2003 (IE) ss 10 and 14-15.

73. For a general review see Grant, H and Brownsdon, E, 'Websites: New guidance from the Information Commissioner - part 1' (2001) 1 PDP (8) 8 (Lexis) and 'part 2' (2001) 2 PDP (2) 6 (Lexis).


p91

74. Data Protection Act 1998 (UK) sch 1 part II para 2; Data Protection Act 1988 (IE) s 2D, as inserted by Data Protection (Amendment) Act 2003 s 4.

75. Data Protection Act 1998 (UK) sch 1 part I para 1, and schs 2-3; Data Protection Act 1988 (IE) ss 2A-2B, as inserted by Data Protection (Amendment) Act 2003 s 4. See Ambrose, M and Jeffrey, I, 'Children and the net' [2001] EBL (Nov) 4.

76. Data Protection Act 1998 (UK) sch 1 part I para 3; Data Protection Act 1988 (IE) s 2(1)(c)(iii), as amended by Data Protection (Amendment) Act 2003 s 3.


p92

77. Data Protection Act 1998 (UK) sch 1 part II paras 1-2; Data Protection Act 1988 (IE) ss 2(1)(a) and 2D(2)(d), as inserted by Data Protection (Amendment) Act 2003 ss 3-4.

78. Sanders, J, 'Personal data as currency' (2002) 2 PDP (4) 7 (Lexis).

79. Above, p 83.

80. Rowe, H and McGilligan, R, 'Location technology and data protection' (2001) 17 CLSR 333 (Ingenta).

81. Privacy and Electronic Communications (EC Directive) Regulations 2003 (UK) SI 2003/2426 reg 14 and the European Communities (Electronic Communications Networks and Services) (Data Protection and Privacy) Regulations (IE) SI 2003/535 reg 9; above, p 83.


p93

82. For vendors of relevant products see eg FleetOnline; 'Microsoft to open up mobile phone location data' ZDNet UK 29 June 2004.

83. Data Protection (Conditions under paragraph 3 of part II of schedule 1) Order 2000 (UK) SI 2000/185 reg 5.

84. Working document on determining the international application of EU data protection law to personal data processing on the Internet by non-EU based web sites (Article 29 Data Protection Working Party, 30 May 2002), on which see Scherzer, D, 'EU regulation of processing of personal data by wholly non-Europe-based websites' [2003] EIPR 292 (Westlaw UK).


p94

85. Data Protection (Conditions under paragraph 3 of part II of schedule 1) Order 2000 (UK) SI 2000/185 reg 5.

86. Data Protection Act 1998 (UK) sch 1 part I para 7 and part II paras 7-12; Data Protection Act 1988 (IE) ss 2(1)(d), 2C and 21, as amended by Data Protection (Amendment) Act 2003 ss 2-3.


p95

87. Data Protection Act 1998 (UK) sch 1 part I para 4 and part II para 7; Data Protection Act 1988 (IE) ss 2(1)(b) and 7, as amended by Data Protection (Amendment) Act 2003 s 3.

88. Data Protection Act 1998 (UK) sch 1 part I paras 3-5; Data Protection Act 1988 (IE) s 2(1)(c)(iii)-(iv), as amended by Data Protection (Amendment) Act 2003 s 3. See Warner, J, 'Data culling' [2002] SLT (37) 303 (Westlaw UK); Middleton, R, 'Data retention policies - data protection considerations' (2003) 19 CLSR 216 (Ingenta).

89. Data Protection Act 1998 (UK) s 7(1); Data Protection Act 1988 (IE) s 3, as amended by Data Protection (Amendment) Act 2003 (IE) s 2.

90. Data Protection Act 1998 (UK) ss 7-8, and on fees see SI 2000/191 and SI 2001/3223; Data Protection Act (IE) 1988 s 4, as amended by Data Protection (Amendment) Act 2003 (IE) s 5.

91. Data Protection Act 1998 (UK) s 7(4)-(7); Data Protection Act (IE) 1988 s 4, as amended by Data Protection (Amendment) Act 2003 (IE) s 5.

92. Data Protection Act 1998 (UK) s 14 (which gives the court power to order the correction of inaccurate data); Data Protection Act (IE) 1988 s 6, as amended by Data Protection (Amendment) Act 2003 (IE) s 7.

93. Above, p 90. For possible reforms to subject access rights see Response to the Consultation Paper 'Data Protection Act 1998: Subject Access' (Department for Constitutional Affairs, July 2003).


p96

94. Data Protection Act 1998 (UK) s 11; Data Protection Act 1988 (IE) ss 1(1) (definition of 'direct marketing') and 2(7)-(8), as amended by Data Protection (Amendment) Act 2003 (IE) ss 2-3. See especially R (Robertson) v Wakefield Metropolitan District Council [2001] EWHC 915 Admin, [2002] QB 1052.

95. Above, p 41.

96. Data Protection Act 1998 (UK) s 12; Data Protection Act 1988 (IE) s 6B, as inserted by Data Protection (Amendment) Act 2003 (IE) s 8. See Bygrave, L, 'Minding the machine: Article 15 of the EC data protection directive and automated profiling' (2001) 17 CLSR 17 (Ingenta).

97. Data Protection Act 1998 (UK) ss 7(1)(d) and 8(5); Data Protection Act 1988 (IE) s 4(1)(a)(iv) and (12), as inserted by Data Protection (Amendment) Act 2003 (IE) s 5.


p97

98. Data Protection Act 1998 (UK) s 10; Data Protection Act 1988 (IE) s 6A, as inserted by Data Protection (Amendment) Act 2003 (IE) s 8.

99. Data Protection Act 1998 (UK) s 22; Data Protection Act 1988 (IE) s 12A, as inserted by Data Protection (Amendment) Act 2003 (IE) s 13.

100. Miller, N, 'Sellers beware!' (2002) 146 Sol Jo 384.

101. Lindqvist (2003, ECJ, Case C-101/01).


p98

102. eg 'UK Web shoppers' details exposed' ZDNet UK 13 August 2002.

103. Data Protection Act 1998 (UK) sch 1 part II paras 13-15; Data Protection Act 1988 (IE) s 11(1)-(3) as amended by Data Protection (Amendment) Act 2003 (IE) s 12. See Commission decisions on the adequacy of the protection of personal data in third countries.

104. Data Protection Act 1998 (UK) sch 1 part II para 15, and sch 4 paras 8-9; Data Protection Act 1988 (IE) s 11(4)(a)(ix) and 11(6), as amended by Data Protection (Amendment) Act 2003 (IE) s 12. See Commission Staff Working Document SEC (2004) 1323; Zinser, A, 'International data transfers between the US and the EU' (2004) 20 CLSR 182 (Ingenta); DiLascio, T, 'How safe is the safe harbor?' (2004) 22 BUILJ 3999 (Lexis).

105. Commission Decision of 27 December 2001 on standard contractual clauses for the transfer of personal data to processors established in third countries (2002/16/EC); Working Document Establishing a Model Checklist Application for Approval of Binding Corporate Rules (Article 29 Working Party, WP108). See Rowe, H, 'Transfers of personal data to third countries: The role of binding corporate rules' (2003) 19 CLSR 490 (Ingenta).

106. Data Protection Act 1998 (UK) sch 4; Data Protection Act 1988 (IE) s 11(4), as amended by Data Protection (Amendment) Act 2003 (IE) s 12. See generally Pullan, T, 'Data protection and offshore outsourcing' (2005) 16 C&L (1) 32 (SCL).


p100

107. 'Government FOI Act chief trails Data Act "reform"' Register 18 October 2004.

108. eg Oxman, S, 'Exemptions to the EU personal data privacy directive: Will they swallow the directive?' (2000) 24 BCICLR 191.

109. For annual reports see Information Commissioner Annual Report for 2004 and Data Protection Commissioner Annual Report for 2004.

110. Art 29 Data Protection Working Party.

111. 'Data protection in the spotlight again' [2004] EBL (April) 16.


p101

112. See Proposals for Amendment made by Austria, Finland, Sweden and the United Kingdom (Explanatory Note) (September 2002).

113. Guadamuz, A, 'Habeas Data: The Latin-American Response to Data Protection' [2000] 2 JILT; Guadamuz, A, 'Habeas Data vs the European Data Protection Directive' [2001] 3 JILT.

114. Cooper, H, 'The Electronic Communications Privacy Act: Does the answer to the Internet information privacy problem lie in a 15-year-old Federal statute?' (2001) 20 JMJCIL 1 (Lexis).

115. See Cain, R, 'Global privacy concerns and regulation - Is the US a world apart?' (2002) 16 IRLCT 23 (Taylor and Francis); Bohlman, E, 'Privacy in the Age of Information' [2002] 2 JILT; Solove, D, 'The Origins and Growth of Information Privacy Law' (SSRN, October 2003).

116. US Code Title 18 s 2710.

117. US Code Title 15 s 6501. See Dixon, T, 'Children's Online Privacy Protection Act: America's privacy patchwork grows' [1999] PLPR 52; Hertzel, D, 'Don't talk to strangers: An analysis of government and industry efforts to protect a child's privacy online' (2000) 52 FCLJ 429.


118. US Code Title 15 ss 6801-6810.


p102

119. See eg Carey, P, 'E-commerce: Does the Data Protection Act 1998 apply to offshore e-business?' (2000) 11 C&L (3) 23 (SCL).

120. eg Shaffer, G, 'Globalization and social protection: The impact of EU and International rules in the ratcheting up of US privacy standards' (2000) 25 YJIL 1 (Lexis); Clear, M, 'Falling into the gap: The EU's Data Protection Act and its impact on US law and commerce' (2000) 18 JMJCIL 981 (Lexis); Vitale, A, 'The EU Privacy Directive and the resulting safe harbor' (2002) 35 Vand JTL 321 (Lexis).


p103

 

FURTHER READING

Bainbridge, D and Pearce, G, 'Tilting at Windmills - Has the New Data Protection Law failed to make a significant contribution to rights of privacy?' [2000] 2 JILT.

Burk, D, 'Privacy and Property in the Global Datasphere' MLSRP 05-17.

Hahn, R and Layne-Farrar, A, 'The benefits and costs of online privacy legislation' (2002) 54 ABA ALR 85 (Lexis).

Hann, I, Hui, K, Lee, S and Png, I, 'The value of online information privacy: An empirical investigation' (SSRN, 2003).

Hetcher, S, 'Norm proselytizers create a privacy entitlement in cyberspace' (2001) 16 BTLJ 877.

Karas, S, 'Privacy, Identity, Databases' (2002) 52 AULR 393.

Lugaresi, N, 'Principles and Regulations about Online Privacy: "Implementation Divide" and Misunderstandings in the EU' (SSRN, 2002).

Moshell, R, '... And Then There Was One: The Outlook For A Self-Regulatory United States Amidst A Global Trend Toward Comprehensive Data Protection' (2005) 37 TTLR 357 (Lexis).

Safier, S, 'Between Big Brother and the Bottom Line: Privacy in Cyberspace' (2000) 5 VJOLT.

Schwartz, P, 'Property, privacy and personal data' (2004) 117 Harv LR 2055 (Lexis).

Solove, D and Hoofnagle, C, 'A Model Regime of Privacy Protection' (SSRN, 2005).

Walker, K, 'Where Everybody Knows Your Name: A Pragmatic Look at the Costs of Privacy and the Benefits of Information Exchange' [2000] 2 STLR.


Chapter 5