Every day, consumers give their personal information to corporations in exchange for free or inexpensive services. As service providers collect increasingly personal information, they will not be able to use it just to inform business decisions, but also to manipulate users, push agendas, or discriminate surreptitiously. And users may not know exactly how these companies collect and use their data, so they may not be equipped to respond effectively to objectionable data collection practices. The law does nothing to manage this relationship, and in fact, the Supreme Court has interpreted the First Amendment to prevent certain regulation of data collection or usage. However, imposing an information fiduciary duty on service providers could ensure that they use data only in ways that are consistent with users’ expectations. This Article maintains that service providers should be proscribed from utilizing users’ personal information to manipulate them and discriminate against them, and that firms should be prohibited from sharing data with third parties under certain circumstances. It also proposes that firms engage with their users by employing easy-to-understand privacy policies that help reduce information asymmetries. Ultimately, imposing an information fiduciary duty on service providers can ensure that firms are able to grow and innovate and that their users—whose data is necessary for that growth—are protected as well.
Information Fiduciaries in Practice: Data Privacy and User Expectations,
33 Berkeley Tech. L.J. 1