University of Southern California

Sensitive Information

Download

Article by Paul Ohm
From Volume 88, Number 5 (July, 2015)

88 S. Cal. L. Rev. 1125

Almost every information privacy law provides special protection for certain categories of “sensitive information,” such as health, sex, or financial information. Even though this approach is widespread, the concept of sensitive information is woefully undertheorized. What is it about these categories that deserves special protection? This Article offers an extended examination of this question. It surveys dozens of laws and regulations to develop a multi-factor test for sensitivity.

From this survey, the Article concludes that sensitive information is connected to privacy harms affecting individuals. Consistent with this, at least for the case of privacy in large databases, it recommends a new “threat modeling” approach to assessing the risk of harm in privacy law, borrowing from the computer security literature. Applying this approach, it concludes that we should create new laws recognizing the sensitivity of currently unprotected forms of information—most importantly, geolocation and some forms of metadata—because they present significant risk of privacy harm.

Donate

Make a tax deductible contribution to the Southern California Law Review.

  • Donate

Sponsors

  • Irell & Manella
  • Jones Day

Donors

Hosted By

  • USC Gould School of Law