I’m pleased to announce that a new 4th edition of my short guide, PRIVACY LAW FUNDAMENTALS (IAPP 2017) (co-authored with Professor Paul Schwartz) is now out in print. This edition incorporates extensive developments in privacy law and includes an introductory chapter summarizing key new laws, cases and enforcement actions.
Privacy Law Fundamentals is designed with an accessible, portable format to deliver vital information in a concise (318 pages) and digestible manner. It includes key provisions of privacy statutes; leading cases; tables summarizing the statutes (private rights of action, preemption, liquidated damages, etc.); summaries of key state privacy laws; and an overview of FTC, FCC, and HHS enforcement actions.
“This is the essential primer for all privacy practitioners.” — David A. Hoffman, Intel Corp.
“In our fast-paced practice, there’s nothing better than a compact and accessible work that is curated by two of the great thinkers of the field. It is a gem.” — Kurt Wimmer, Covington & Burling LLP
“Two giants of privacy scholarship succeed in distilling their legal expertise into an essential guide for a broad range of the privacy community.” — Jules Polonetsky, Future of Privacy Forum
“This book is my go-to reference for when I need quick, accurate information on privacy laws across sectors and jurisdictions.” — Nuala O’Connor, Center for Democracy and Technology
You can get a copy at IAPP’s bookstore or at Amazon. For general information about this book as well as all my textbooks and useful resources, visit our Information Privacy Law textbook website.
The full table of contents is below:
CHAPTER 1: NEW DEVELOPMENTS
CHAPTER 2: AN OVERVIEW OF PRIVACY LAW
ESSENTIAL POINTS
TYPES OF PRIVACY LAW
Torts
Torts Most Commonly Involved In Privacy Cases
Origins of The Privacy Torts
Contract/Promissory Estoppel
Criminal Law
Evidentiary Privileges
Federal Constitutional Law
Ways the U.S. Constitution Protects Privacy
State Constitutional Law
States With Express Constitutional Privacy Protection
Federal Statutory Law
State Statutory Law
Areas of State Legislation on Privacy
International Law
THE CHIEF PRIVACY OFFICER
The Development of Privacy Law: A Timeline
FOR FURTHER REFERENCE
Treatises
General Sources
CHAPTER 3: PRIVACY AND THE MEDIA
ESSENTIAL POINTS
THE PRIVACY TORTS
Public Disclosure of Private Facts
Approaches to the Newsworthiness Test
Intrusion Upon Seclusion
What Constitutes A Privacy Interest?
Highly Offensive To A Reasonable Person
False Light
Appropriation of Name or Likeness
OTHER TORTS
Intentional Infliction of Emotional Distress
Breach of Confidentiality
Public Disclosure Tort vs. Breach Of Confidentiality Tort
OTHER PRIVACY LAWS OF NOTE
Video Voyeurism Prevention Act (VVPA), 18 U.S.C. § 1801 (2004)
State Video Voyeurism Statutes
Blackmail Laws
California Anti-Paparazzi Act, Cal Civ. Code § 1708.8
Revenge Porn Statutes
DEFAMATION LAW
Libel and Slander
First Amendment Restrictions
Actual Malice
Public vs. Private Figures
Defamation: Fault Standards
Communications Decency Act (CDA)
FIRST AMENDMENT
THE FIRST AMENDMENT AND TORTS
Public Disclosure of Private Facts
Intrusion Upon Seclusion
False Light
Appropriation of Name or Likeness
Intentional Infliction of Emotional Distress
Breach of Confidentiality
Defamation Torts
Anti-SLAPP
ANONYMOUS SPEECH
Standards for Unmasking Anonymous Speakers
PRIVACY OF READING AND INTELLECTUAL EXPLORATION
Reporter’s Privilege
FOR FURTHER REFERENCE
Treatises
Books
Articles and Other Sources
CHAPTER 4: PRIVACY AND LAW ENFORCEMENT
ESSENTIAL POINTS
FOURTH AMENDMENT
The Fourth Amendment to the U.S. Constitution
How the Fourth Amendment Works
Key Fourth Amendment Doctrines
Fourth Amendment Reasonable Expectation Of Privacy
Exceptions to the Warrant and Probable Cause Requirements
ELECTRONIC COMMUNICATIONS
Electronic Communications Privacy Act of 1986 (ECPA)
Types of Communications in ECPA
Wiretap Act
Stored Communications Act (SCA)
Pen Register Act
Key Facts About ECPA
The Fourth Amendment vs. Electronic Surveillance Law
Communications Assistance for Law Enforcement Act of 1994 (CALEA)
Drones
Registration and Marking Requirements for Small Unmanned Aircraft
STATE ELECTRONIC SURVEILLANCE LAW
Recording Police Encounters
State Electronic Surveillance Law
GOVERNMENT ACCESS TO PERSONAL DATA
Fourth Amendment: Third-Party Doctrine
Bank Secrecy Act of 1970
Right to Financial Privacy Act of 1978 (RFPA)
Subpoenas
Federal Statutory Provisions for Government Access to Records
SEARCHES AND SEIZURES OF MEDIA DOCUMENTS
Privacy Protection Act of 1980 (PPA)
FOR FURTHER REFERENCE
Treatises
Books
Articles and Other Sources
CHAPTER 5: NATIONAL SECURITY AND FOREIGN INTELLIGENCE
ESSENTIAL POINTS
THE FOURTH AMENDMENT
FOREIGN INTELLIGENCE GATHERING
Foreign Intelligence Surveillance Act of 1978 (FISA)
USA Freedom Act of 2015
GOVERNMENT ACCESS TO PERSONAL DATA FOR NATIONAL SECURITY PURPOSES
National Security Letters (NSLs)
USA Patriot Act of 2001, § 215
STATE SECRETS
THE INTELLIGENCE COMMUNITY
Intelligence Agencies
Intelligence Reform and Terrorism Prevention Act of 2004 (IRTPA)
FOR FURTHER REFERENCE
Treatises
Books
Government Reports
Articles and Other Sources
CHAPTER 6: HEALTH PRIVACY
ESSENTIAL POINTS
PATIENT-PHYSICIAN CONFIDENTIALITY
Ethical Rules
Evidentiary Privileges
The Breach of Confidentiality Tort
Public Disclosure of Private Facts
Key Points: Common Law Torts and Medical Information
Tort Liability for Failing to Disclose Personal Data’
MEDICAL INFORMATION
State Regulation
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
De-Identifying Data Under HIPAA
Court Cases
HIPAA Myths and Facts
HIPAA Problems to Avoid
OCR HIPAA Enforcement Actions
State Enforcement Actions
The Common Rule
Federal Drug and Alcohol Confidentiality Statute
Subpoenas for Medical Information
CONSTITUTIONAL PROTECTIONS
Constitutional Right to Privacy
Constitutional Right to Information Privacy
Fourth Amendment
GENETIC INFORMATION
Genetic Testing and Discrimination
FOR FURTHER REFERENCE
Treatises
Books
Articles and Other Sources
CHAPTER 7: GOVERNMENT RECORDS
ESSENTIAL POINTS
FAIR INFORMATION PRACTICES (FIPs)
COURT RECORDS
Common Law Right to Access Court Records
Protective Orders
Depositions and Interrogatories
Pseudonymous Litigation
Juror Privacy
The First Amendment Right to Access
PUBLIC RECORDS
Freedom of Information Act (FOIA)
State Public Records
State Freedom of Information Statutes
The Constitution and Personal Data in Public Records
When Does the Constitution Limit the Government from Disclosing Personal Information?
Critical Infrastructure Information Act of 2002 (CIIA)
PRIVACY RIGHTS IN GOVERNMENT RECORDS
The Privacy Act of 1974
Establishing a Violation of the Privacy Act
State Privacy Acts
State Statutes Regulating Government Website Privacy Policies
DNA Databases
Driver’s Privacy Protection Act of 1994 (DPPA)”
DPPA: Key Points
Identification Records and Requirements
Social Security Numbers
GOVERNMENT PRIVACY AND SECURITY MANAGEMENT
E-Government Act of 2002
Federal Information Security Management Act of 2002 (FISMA)
Office of Mgmt. & Budget
FOR FURTHER REFERENCE
Treatises
Books
Articles and Other Sources
CHAPTER 8: FINANCIAL DATA
ESSENTIAL POINTS
The Financial Services Industry
Fair Credit Reporting Act of 1970 (FCRA)
The Consumer Financial Protection Bureau
Credit Reporting Limits
FCRA: Keys to Compliance
FTC FCRA Enforcement Actions
THE USE AND DISCLOSURE OF FINANCIAL INFORMATION
Gramm-Leach-Bliley Act of 1999 (GLBA)
CFPB Enforcement Actions
Right to Financial Privacy Act of 1978 (RFPA)
Bank Secrecy Act of 1970 (BSA)
Torts and Financial Privacy
State Financial Statutes
California’s SB1 and FCRA Preemption
TAX PRIVACY
Internal Revenue Code
IDENTITY THEFT
Identity Theft Assumption and Deterrence Act of 1998
State Identity Theft Statutes
GOVERNMENT ACCESS TO FINANCIAL INFORMATION
FOR FURTHER REFERENCE
Treatises
Articles and Other Sources
CHAPTER 9: CONSUMER DATA
ESSENTIAL POINTS
PERSONALLY IDENTIFIABLE INFORMATION
Approaches to Defining PII
Injury and Standing
Standing
TORT LAW
CONTRACT AND PROMISSORY ESTOPPEL
Breach of Contract
Promissory Estoppel
Are Privacy Policies Contracts?
Liability for Third-Party Apps?
FTC ENFORCEMENT OF SECTION 5 OF THE FTC ACT
Statutes Granting Enforcement Authority to the FTC
Triggers for FTC Complaints
FTC Consent Decrees
CFPB ENFORCEMENT
FEDERAL STATUTES: ENTERTAINMENT RECORDS
Cable Communications Policy Act of 1984 (CCPA)
Video Privacy Protection Act of 1988 (VPPA)
Video Privacy Protection Act Amendments Act of 2012
FEDERAL STATUTES: MARKETING
Telecommunications Act of 1996
Telephone Consumer Protection Act of 1991 (TCPA)
Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM)
FCC Enforcement
FCC, Privacy Guidelines for ISPs (2016)
FEDERAL STATUTES: INTERNET USE AND ELECTRONIC COMMUNICATIONS
Children’s Online Privacy Protection Act of 1998 (COPPA)
FTC COPPA Enforcement Actions
Complying with COPPA
How to Determine if a Website (or a Portion of It) Is Directed at Children
Electronic Communications Privacy Act of 1986 (ECPA)
Computer Fraud and Abuse Act (CFAA)
Is the CFAA Too Broad and Vague?
FEDERAL STATUTES: OVERVIEW
Scope of Federal Statute Coverage
Federal Statutes and Private Rights of Action
Federal Statutes and Liquidated Damages
Federal Statutes and Criminal Penalties
Federal Statutes: Enforcement
Federal Statutes and Preemption
Federal Statutes and Opt-In/Opt-Out
STATE STATUTES
Unfair and Deceptive Acts and Practices Acts (UDAP Acts)
Radio Frequency Identification (RFID)
State Statutes Regulating Private-Sector Use of RFID
“Eraser” or “Right to Be Forgotten” Laws
Marketing
Spyware
State Spyware Statutes
Video Privacy
Transparency
FIRST AMENDMENT
FOR FURTHER REFERENCE
Books
Articles and Other Sources
CHAPTER 10: DATA SECURITY
ESSENTIAL POINTS
DATA BREACH NOTIFICATION STATUTES
Rise of the State Statutes
State Data Security Breach Notification Statutes
State Data Security Breach Notification Laws Key
State Data Security Breach Notification Laws
PII Definitions In State Data Security Breach Notification Laws (Overview)
State Credit Freeze Statutes
FTC ENFORCEMENT UNDER SECTION 5 OF THE FTC ACT
CFPB ENFORCEMENT
FCC ENFORCEMENT
TORT
What Constitutes a Privacy Harm?
DATA DISPOSAL
State Data Disposal Statutes
FOR FURTHER REFERENCE
Treatises
Books
Articles and Other Sources
CHAPTER 11: EDUCATION PRIVACY
ESSENTIAL POINTS
STUDENT RECORDS
Family Educational Rights and Privacy Act of 1974 (FERPA)
Protection of Pupil Rights Amendment of 1978 (PPRA)
Every Student Succeeds Act (ESSA)
Individuals with Disabilities Education Act (IDEA)
National School Lunch Act (NSLA)
Jeanne Clery Disclosure of Campus Security Policy and Campus Crime Statistics Act (Clery Act)
Other Regulations
Gainful Employment Rule (2011)
Other Statutes
STATE LAWS
Student Data Collection, Use, and Disclosure
Social Media Account Access
STUDENT SPEECH AND EXPRESSION
State Anti-Bullying Laws
SEARCHES AND SURVEILLANCE
Fourth Amendment
SELF-REGULATORY MEASURES
Future of Privacy Forum, Student Data Privacy Pledge (2014)
FOR FURTHER REFERENCE
Treatises
Articles and Other Sources
CHAPTER 12: EMPLOYMENT PRIVACY
ESSENTIAL POINTS
SEARCHES
Government Employees: Fourth Amendment
Private Sector Employees: Fourth Amendment
Searches and Surveillance by Private-Sector Employers
QUESTIONING AND TESTING
Fourth Amendment
Constitutional Right to Information Privacy
Employee Polygraph Protection Act of 1988 (EPPA)
Americans with Disabilities Act of 1990 (ADA)
Occupational Safety and Health Act (OSHA)
Genetic Information Nondiscrimination Act of 2008 (GINA)
State Employment Testing and Inquiry Laws
State Criminal Background Check “Ban the Box” Laws
EMPLOYEE ACCESS TO THE COMPUTER NETWORK
SURVEILLANCE AND MONITORING
Electronic Communications Privacy Act (ECPA)
What Every Employer Must Know to Comply with ECPA
Employment Privacy Law: Public VS. Private Sector
EMPLOYER SOCIAL MEDIA POLICIES AND PRACTICES
National Labor Relations Act (NLRA)
The NLRA and Social Media Policies
Employer Access to Employee Social Media Accounts
FOR FURTHER REFERENCE
Treatises
Articles and Other Sources
CHAPTER 13: INTERNATIONAL PRIVACY LAW
ESSENTIAL POINTS
Data Protection and Information Privacy: A Note on Terminology
WORLDWIDE PRIVACY RIGHTS AND GUIDELINES
Universal Declaration of Human Rights (1948)
OECD Privacy Guidelines (1980)
OECD Member Countries”The Influence of the OECD Guidelines
UN Guidelines for the Regulation of Computerized Personal Files (1990)
EUROPE
European Convention on Human Rights (ECHR)
Council of Europe Convention on Privacy
EU Data Protection Directive
A Leading German Case on Search Engines
The General Data Protection Regulation (GDPR)
The EU-US Privacy Shield Framework (2016)
Principles of the Privacy Shield
Other Safe Harbor Arrangements
Positive Adequacy Determinations by the EU Commission 2
Passenger Name Record (PNR) Agreements
Model Contractual Clauses
Binding Corporate Rules (BCRs)
Discovery from EU Member Nations in U.S. Litigation
Directive on Privacy and Electronic Communications (E-Privacy Directive)
EU Data Retention Directive
European Data Protection Supervisor (EDPS)
NORTH AMERICA
Canada
PIPEDA’s 10 Privacy Principles
Provincial Privacy Laws
Mexico
SOUTH AMERICA
Argentina
Habeas Data
Brazil
MIDDLE EAST
Dubai
Israel
ASIA
Japan
China
Hong Kong
Singapore
South Korea
India
Philippines
EUROPE, NON–EU COUNTRIES
Russia
Turkey
APEC
APEC Privacy Framework (2004)
APEC Privacy Framework’s Nine Principles
APEC Member Nations
APEC Cross Border Privacy Rules System
FTC Enforcement of the APEC Cross–Border Privacy Rules System
AUSTRALIA
Constitution
Australia’s 13 Privacy Principles (2014)
FOR FURTHER REFERENCE
Treatises and Books
Articles and Other Sources
The book is PRIVACY LAW FUNDAMENTALS (IAPP 2017).
* * * *
This post was authored by Professor Daniel J. Solove, who through TeachPrivacy develops computer-based privacy training, data security training, HIPAA training, and many other forms of awareness training on privacy and security topics. Professor Solove also posts at his blog at LinkedIn. His blog has more than 1 million followers.
Professor Solove is the organizer, along with Paul Schwartz of the Privacy + Security Forum (Oct. 4-7, 2017 in Washington, DC), an annual event that aims to bridge the silos between privacy and security.
NEWSLETTER: Subscribe to Professor Solove’s free newsletter (2x per month).
TWITTER: Follow Professor Solove on Twitter.
