Menu Close

Washington and Lee Law Review - Roundtables


by Effy Vayena, Urs Gasser, Alexandra Wood, David R. O'Brien, Micah Altman

Emerging large-scale data sources hold tremendous potential for new scientific research into human biology, behaviors, and relationships. At the same time, big data research presents privacy and ethical challenges that the current regulatory framework is ill-suited to address. In light of the immense value of large-scale research data, the central question moving forward is not whether such data should be made available for research, but rather how the benefits can be captured in a way that respects fundamental principles of ethics and privacy.

In response, this Essay outlines elements of a new ethical framework for big data research. It argues that oversight should aim to provide universal coverage of human subjects research, regardless of funding source, across all stages of the information lifecycle. New definitions and standards should be developed based on a modern understanding of privacy science and the expectations of research subjects. In addition, researchers and review boards should be encouraged to incorporate systematic risk-benefit assessments and new procedural and technological solutions from the wide range of interventions that are available. Finally, oversight mechanisms and the safeguards implemented should be tailored to the intended uses, benefits, threats, harms, and vulnerabilities associated with a specific research activity.

Development of a new ethical framework with these elements should be the product of a dynamic multistakeholder process that is designed to capture the latest scientific understanding of privacy, analytical methods, available safeguards, community and social norms, and best practices for research ethics as they evolve over time. Such a framework would support big data utilization and help harness the value of big data in a sustainable and trust-building manner.


by Dennis D. Hirsch, Jonathan H. King

Today, organizations globally wrestle with how to extract valuable insights from diverse data sets without invading privacy, causing discrimination, harming their brand, or otherwise undermining the sustainability of their big data projects. Leaders in these organizations are thus asking: What management approach should businesses employ sustainably to achieve the tremendous benefits of big data analytics, while minimizing the potential negative externalities?

This Paper argues that leaders can learn from environmental management practices developed to manage the negative externalities of the industrial revolution. First, it shows that, along with its many benefits, big data can create negative externalities that are structurally similar to environmental pollution. This suggests that management strategies to enhance environmental performance could provide a useful model for businesses seeking sustainably to develop their personal data assets. Second, this Paper chronicles environmental management’s historical progression from a back-end, siloed approach to a more proactive and collaborative “environmental management system” method. An approach modeled after environmental management systems—a Big Data Management System approach—offers an effective model for managing data analytics operations to prevent negative externalities.

Finally, this Paper shows that a Big Data Management System approach aligns with: (A) Agile software development and DevOps practices that companies use to develop and maintain big data applications, (B) best practices in Privacy by Design and Privacy Engineering, and (C) emerging trends in organizational management theory. At this critical, formative moment when organizations begin to leverage personal data to revolutionary ends, we can readily learn from environmental management systems to embrace sustainable big data management from the outset.


by Craig Konnoth

Secondary health information research requires vast quantities of data in order to make clinical and health delivery breakthroughs. Restrictive policies that limit the use of such information threaten to stymie this research. While the Notice of Proposed Rulemaking (NPRM) for the new Common Rule permits patients to provide broad consent for the use of their information for research, that policy offers insufficient flexibility. This Article suggests a flexible consenting system that allows patients to consent to a range of privacy risks. The details of the system will be fleshed out in future work.


by Stephen Y. Chow

This Essay critiques the creation by the 114th Congress of a federal private right of action under the Defend Trade Secrets Act for the state unfair competition cause of trade secret misappropriation hitherto applied mostly to breaches of express or implied confidential relationships between businesses or with employees. The proposed insertion of the Uniform Trade Secrets Act definition of “misappropriation,” including acquisition by “improper means” exemplified by state commercial mores’ expectation of privacy from aerial reconnaissance, into the Economic Espionage Act framework of theft of a more narrowly defined “trade secret” of a defined “owner,” including such actions abroad by American companies, opens litigation opportunities that are unlikely to fulfill the purposes of the legislation. There is no current need to “harmonize” compliance programs, and the non-preemptive legislation would simply add more issues to be litigated in multiple contexts, including disputes over privacy or confidentiality managed by online terms. The legislation’s limitation of injunctions under a promise of “employee mobility” threatens state practices of contractual restrictions on postemployment competition.


by Sharon K. Sandeen

Civil litigation is expensive, both for the party bringing suit and the party that must defend against such claims. For a variety of reasons, not the least of which are the usual requests for preliminary relief and protective orders, trade secret litigation is particularly expensive. These costs can have a crippling effect on small businesses and start-up companies that are accused of trade secret misappropriation, often resulting in litigation expenses that exceed the alleged harm to the plaintiff. Such litigation is particularly costly and unjust in cases where the plaintiff asserts rights that, due to common misunderstandings about the limited scope of trade secret rights, they do not have.

While no body of law can perfectly distinguish right from wrong, and, thus, there are bound to be civil judgments that are both under- and over-inclusive, due to the possible anticompetitive effects of trade secret claims, the predominate law that currently governs trade secret law in the United States, the Uniform Trade Secret Act, includes numerous provisions that are designed to strike a balance between the putative trade secret owner and the alleged misappropriator, frequently erring on the side of competition, information diffusion, and employee mobility. Unfortunately, the proposed legislation to create a civil cause of action for trade secret misappropriation, the Defend Trade Secrets Act (DTSA), threatens to upset this balance by, among other things, significantly increasing the costs of trade secret litigation.

This Essay details how various provisions of the DTSA are bound to be highly litigated and, as a result, will greatly increase costs for litigants and the federal judiciary, making the DTSA not worth its costs.


by Eric Goldman

Congress is considering the Defend Trade Secrets Act, which would create a new federal trade secret civil cause of action. The Act includes a quirky and unprecedented ex parte procedure for trade secret owners to obtain a seizure order. The seizure provision applies in, at best, a narrow set of circumstances, and it oddly attempts to protect intangible trade secrets by seizing chattels. Despite procedural safeguards, the seizure provision also enables anti-competitive misuse.

More generally, the fact-based disputes that inevitably must be resolved in trade secret litigation make trade secrets an especially poor basis for ex parte actions. As a result, we should be nervous about the proposed seizure provision in the Defend Trade Secret Act—and all other ex parte seizure procedures in trade secret cases.