• Professor Paul Schwartz

    videos        audio        in the news        photos


    Faculty Insights: Global Privacy Challenges

    Fall 2016

    World Affairs Council – Our Lives Online: US v. EU

    September 17, 2015

    ALI Project: Principles of Data Privacy

    Spring 2015

    Privacy Law in 60 Seconds

    March 2, 2013

    Introducing Privacy Law Fundamentals

    February 21, 2013


    “US-Technologie-Firmen vor grosser Herausforderung” (German)(“US tech firms face a great challenge.”), SRF, Swiss Public Radio, October 7, 2015 (segment on ECJ decision invalidating the Safe Harbor)
    Audio (click here to listen)

    “The EU-US Privacy Collision,” Second Annual BCLT Privacy Law Forum,
    Palo Alto, March 21, 2013
    Audio (click here to listen)
    This discussion focused on Professor Paul Schwartz’s article in the Harvard Law Review, “The EU-US Privacy Collision.” It featured commentary by Christopher Wolf of Hogan Lovells, Karl-Nikolaus Peifer of the University of Cologne Law School, and Michael D. Hintze of Microsoft Corporation.

    “The PII Problem,” hosted by the Microsoft Innovation & Policy Center,
    Washington, D.C., January 5, 2012
    Podcast (click to listen)
    This event focused on the Schwartz-Solove paper, The PII Problem, and featured participants from industry, government, and the private bar.

    return to top of page

    in the news

    Verizon gives away cool freebies, as long as you give away your privacy
    Los Angeles Times, September 15, 2017 by David Lazarus

    Verizon is bribing people into giving up their privacy through their rewards program called Verizon Up. The reward credits can be used to “get exclusive access to prime sporting events, shows, concerns, and live experiences.” But consumers may not realize how much personal information and behavioral data they are giving up just to get their hands on a fast freebie. “All sorts of companies—Google, Facebook— are already in the data collection business,” said Paul Schwartz, a law professor at UC Berkeley and co-director of the Berkeley Center of Law and Technology. “Now we’re seeing older companies—cable companies, cellular companies—placing a great emphasis on it,” he said.

    Experts criticize US electronic devices ban on some flights from Middle East
    The Guardian, March 21, 2017 by Sam Thelma

    On March 20th, the U.S. Transportation Safety Administration (TSA) rushed out a “confidential” ban that prohibits laptops, iPads, and other electronics “larger than a cellphone” on flights coming from 10 airports in the Middle East. The ban has been sharply criticized by technology experts who questioned both its purpose and effectiveness. As noted by Professor Paul Schwartz, “terrorists have cells throughout the entire world.” As an example, the hijackers responsible for 9/11 had a cell in Hamburg, Germany. Thus, “[o]ne potential problem with this approach where you single out countries is that you ignore the extent to which the terrorist threat is kind of state-less.”

    Privacy regulations increasingly unwieldy heading into 2017
    Daily Journal, December 29, 2016, by Joshua Sebold

    The year 2016 witnessed a dramatic expansion of privacy regulations from federal agencies, foreign countries, and state governments. The increase has led to an almost unmanageable amount of information. As stated by Professor Paul Schwartz, a special adviser at Paul Hastings LLP and the Jefferson E. Peyser Professor at UC Berkeley School of Law, “I don’t know how we can keep up at this pace. For those of us who practice and teach in this field, it’s almost scary.” In particular, the invalidation of the U.S.-EU Safe Harbor Framework by the EU Court of Justice forced the United States and the European Union to scramble to create the replacement Privacy Shield, which requires that companies have agreements with third party contractors with whom they share data. A recent update to HIPAA, the Health Insurance Portability and Accountability Act, similarly requires companies to rewrite contracts with third party contractors.

    Know Thyself: Timeless Advice for Cutting-Edge Data Security Risks
    Stroz Friedberg Blog, October 12, 2016

    Paul Schwartz, co-director of the Berkeley Center for Law and Technology and the Jefferson E. Peyser Professor at the University of California, Berkeley, School of Law, spoke with James Aquilina and Daniel Solove about cutting-edge data security risks. Aquilina is the Senior Executive Managing Director at Stroz Friedberg and Solove is the John Marshall Harlan Research Professor at the George Washington University Law School. Modern day risks discussed include insider threats to intellectual property, managing information security across third-parties, and reliance on the Cloud and other new technologies. Insider risk in particular is an important focus for new technology.

    Kanye West may have broken the law by recording call with Taylor Swift
    The Guardian, July 18, 2016, by Sam Levin

    Music star Kanye West may have broken California law by secretly recording a phone call with pop star Taylor Swift. California law requires “two-party consent,” meaning that it is a crime to record any form of communication without the consent of all involved parties. West could thus be facing both civil and criminal liability if it turns out that he secretly recorded the call. While criminal prosecution is unlikely, Swift could bring a tort claim for damage to her reputation. As explained by Professor Paul Schwartz, co-director of the Berkeley Center for Law and Technology and a professor at the University of California, Berkeley, School of Law, Swift could also bring a tort claim based on West’s “public disclosure of private facts.”

    Scope of EU Privacy Law Has Companies Scrambling to Comply
    Law360, April 20, 2016, by Allison Grande

    Last week the European Parliament approved the proposed general data protection regulation, or GPDR, which will supplant Europe’s current data protection framework. The GDPR is a uniform regime that increases restrictions and provides national privacy regulators with the authority to fine companies up to either 4 percent of a company’s annual global revenue or $22.2 million. Because the regulation increases the burden on multinational companies, most businesses will have to establish new guidelines for working with EU customers. As explained by Professor Paul Schwartz, a special adviser at Paul Hastings LLP and a professor at the University of California, Berkeley, School of Law, “To some extent, U.S. companies welcome the GDPR because they feel that it offers greater harmonization, but there are national differences and differences between the various national data protection authorities that are not going to go away.”

    EU Privacy Pushback Prompts Lawyers to Look for Plan B
    The Recorder, April 13, 2016 by Ben Hancock

    On April 13th the Article 29 Working Party, composed of Europe’s data protection regulators, sharply criticized the draft US-EU “Privacy Shield” framework as insufficient to uphold EU law and limit the collection of data by US companies. As a result, attorneys may advise clients to employ different mechanisms to abide by EU law. Although the working party’s opinion is non-binding on the European Commission, it has important political ramifications ahead of decisions by EU member states on whether to approve the deal. As explained by Paul Schwartz, a Special Advisor at Paul Hastings LLP and a professor at the University of California, Berkeley, School of Law, the opinion “puts down a marker” by which the EU Court of Justice can evaluate the new framework.

    Feds Lose Leverage With Breakthrough in Apple Phone Fight
    Law360, March 30, 2016, by Allison Grande

    Despite the FBI’s insistence that it needed Apple’s help to unlock an iPhone used by one of the suspects in the San Bernardino shooting, the government has now confirmed that it found a way to break into the phone without Apple’s assistance. While this particular fight may be over, the outcome may weaken the government’s argument in future disputes that it requires assistance from a third party technology company. In addition, the publicity surrounding the debate will likely incentive these companies to further bolster their security. As explained by Professor Paul Schwartz, a Special Advisor at Paul Hastings LLP and a professor at the University of California, Berkeley, School of Law, “A takeaway for Internet service providers and tech companies is that the government is going to be coming for us, so we need to continue to make our protections even stronger.”

    Apple Peels Away At DOJ Bid To Unlock Phones With NY Win
    Law360, March 1, 2016 by Allison Grande

    U.S. Magistrate Judge Judge James Ornstein ruled on Monday that Apple does not have to help the government unlock a drug dealer’s iPhone. The New York order undermines the government’s position in a separate California case, in which prosecutors are arguing that their request for access to the suspected San Bernardino shooter’s phone is an isolated incident. As explained by Paul Schwartz, a Special Advisor at Paul Hastings LLP and a professor at the University of California, Berkeley, School of Law, “While the New York order is not directly binding outside this particular case, it does boost Apple because it undercuts the government’s argument that what is being requested in the San Bernardino case is minimal and unique by showing that these types of requests are being made all over the country.”

    Lawyers Anticipate More Teeth in New Data-Transfer Pact
    The Recorder, February 3, 2016, by David Ruiz

    Paul Hastings special adviser Paul Schwartz, a law professor at UC-Berkeley, said the proposed Privacy Shield, when taken together with another soon to be adopted data-privacy regulation, signals a new mode of thinking for European enforcement. That law, the General Data Protection Regulation, exposes companies to high fines for violations. According to the new law, a company could be fined either 2 million euros or 4 percent of their global revenue for infractions. For Alphabet, Google’s new corporate parent, a 4 percent fine could approach $3 billion based on the earnings figures it posted Feb. 1. “If that’s their new model,” Schwartz said, “people are going to have to take this much more seriously.”

    VW Refuses to Give American States Documents in Emissions Inquiries
    The New York Times, January 8, 2016 by Danny Hakim and Jack Ewing

    Volkswagen has refused to give emails or other executive communications to attorneys general in the United States on the basis of German privacy laws. The delay is impeding American investigators trying to determine the extent of the company’s emissions-cheating scandal. Germany has stricter privacy laws than the United States, including its Federal Data Protection Act, which limits access to data, particularly outside the European Union. “In the E.U., data protection is a fundamental right that is in the European Charter,” said Paul M. Schwartz, a law professor at the University of California, Berkeley and co-director of its Center for Law & Technology. The German federal constitutional court has also identified a right to “informational self-determination,” he said. Such laws are “real obstacles,” he said, adding, “Europeans really take privacy seriously.”

    Privacy and Cybersecurity Laws Becoming Ever More Complex
    Daily Journal, December 30, 2015, by Joshua Sebold

    2015 brought an increase in both the influence and complexity of privacy and cybersecurity law. While the Safe Harbor decision created confusion abroad, the national regulatory picture became a little clearer. The Federal Communications Commission took steps to establish itself as a privacy regulator alongside the Federal Trade Commission. Paul M. Schwartz, a law professor and director of the Berkeley Center for Law and Technology, said the FCC actually established itself as a more aggressive regulator than the FTC, even though it has a shorter track record addressing privacy issues. “The FCC has already announced greater fines over the last two years than the FTC has done in however many years,” he said, pointing specifically to a $25 million settlement that AT&T Inc. agreed to in April.

    BCLT Faculty Directors Tapped for Leading Roles on American Law Institute Projects
    Berkeley Law Transcript Magazine, Spring 2015, by Ben Peterson

    Professor Paul Schwartz is leading one of the American Law Institute’s signature initiatives as co-reporter of the Principles of the Law, Data Privacy project. Schwartz and his colleagues have crafted a set of fourteen principles to help manage the “risks and rewards” of information privacy in the 21st century. The position gives Schwartz the opportunity to take the lead role in bringing “greater order and consistency” to privacy law, a field “that now interests everyone.”

    Cybercrime Keeps Banking Fraud Attorneys Busy
    Daily Journal, March 20, 2015, by Joshua Sebold

    Paul Schwartz, co-director of the Berkeley Center for Law & Technology and a special adviser to Paul Hastings LLP, discussed how the increasing rate of cybercrime aimed at banks is creating an uptick in business for attorneys who advise financial institutions on their online fraud prevention programs. Inadequate security protocols in financial services apps can lead to major liability for both technology companies and the financial institutions who work with them. Schwartz noted, “there’s all kinds of increasing regulation where the government has said ‘part of your job is to monitor your vendors very carefully and find out if they’re holding up their obligations to protect security.'”

    Privacy Conference Brings Berkeley Law Scholarship to Silicon Valley 

    Berkeley Law School, March 9, 2015, by Leslie Gordon

    For the fourth consecutive year, Berkeley Law’s privacy and data security experts will travel to the heart of Silicon Valley to discuss the field’s most pressing issues with practitioners and policymakers… According to BCLT co-director Paul Schwartz, there’s a “huge thirst” among both policymakers and technology companies to learn more about the law school’s privacy scholarship because “we have the world’s best concentration of privacy experts here.”


    return to top of page


    Jules Cohen & Paul Schwartz, D.C., January 5, 2012

    Microsoft Innovation & Policy Center, D.C, January 5, 2012

    Spiros Simitis & Paul Schwartz,
    4th Annual Privacy Lecture, Berkeley, April 5, 2010

    return to top of page