PRIVACY + SECURITY BLOG

News, Developments, and Insights

Cartoon: The Privacy Paradox

This cartoon is about the “privacy paradox” — the phenomenon where people say that they value privacy highly, yet in their behavior relinquish their personal data for very little in exchange or fail to use measures to protect their privacy. I recently wrote an article about the privacy paradox: The Myth of the Privacy Paradox, […]

Cartoon: GDPR Lawful Basis

This cartoon is about the GDPR’s lawful basis requirement to process personal data. One of the biggest differences between U.S. and EU privacy law is that in the U.S., organizations can collect and use personal data in nearly any way they choose as long as they state what they are doing in their privacy notice […]

A Terrifying New Dimension of Ransomware

Ransomware has long been a scourge. Since at least 2012, ransomware has grown dramatically. Ransoms have increased — the average ransom payout is now more than $40,000.   Organizations most hit are public sector, software services, professional services, and healthcare.  Healthcare, in particular, is a soft target because of the need to get systems back and […]

Top 10 Privacy Law Developments of the Decade 2010-2019

It is an understatement to say that a lot has happened in privacy law during the past decade. Here is my list of the most notable developments. NOTE: I am giving a particular emphasis to what I find to be notable from a United States perspective.  What is notable privacy law depends upon where one […]

What Should Privacy Awareness Training Include?

Privacy awareness training educates an organization’s workforce about the way that the organization protects privacy and the workforce’s role in this endeavor. In this post, I explain what privacy awareness training should include. Privacy awareness training typically covers the following things: