This cartoon is about the GDPR’s lawful basis requirement to process personal data. One of the biggest differences between U.S. and EU privacy law is that in the U.S., organizations can collect and use personal data in nearly any way they choose as long as they state what they are doing in their privacy notice […]
I have posted to SSRN a copy of my latest draft article, The Myth of the Privacy Paradox. It’s available for download for free. Here’s the abstract:
This cartoon is about new technology and privacy. With each new technology, there have been outcries that privacy will be lost forever. A while ago, I wrote a post collecting headlines and book covers that proclaimed “the death of privacy” throughout the ages. Despite being under constant threat, privacy has somehow has managed to survive. […]
For Data Privacy Day, here’s a cartoon about the history of privacy. A constant stream of articles and books proclaim that privacy is dead. But people have been saying that privacy is dead for quite some time. This is either the longest death scene in history, or privacy isn’t dying.
Ransomware has long been a scourge. Since at least 2012, ransomware has grown dramatically. Ransoms have increased — the average ransom payout is now more than $40,000. Organizations most hit are public sector, software services, professional services, and healthcare. Healthcare, in particular, is a soft target because of the need to get systems back and […]
I am pleased to announce that Professor Paul Schwartz and I have released new supplemental materials for our INFORMATION PRIVACY LAW casebooks: (1) edited version of Carpenter v. US (2) overview of the CCPA + state biometric privacy laws
Updated on March 27, 2020 — The California AG came out with a modified modified draft of the CCPA regulation on March 11, 2020. Most notably, a few of the changes in the February 7 draft were walked back. I will discuss the details below. On Friday, February 7, 2020, the California AG dropped a […]
Here are some of highlights of my privacy training, writing, resources, and humor from 2019.
I am pleased to announce my new CCPA FAQ that covers all the key details of the California Consumer Protection Act.
Privacy awareness training educates an organization’s workforce about the way that the organization protects privacy and the workforce’s role in this endeavor. In this post, I explain what privacy awareness training should include. Privacy awareness training typically covers the following things: