A recent case involving the Illinois Biometric Information Privacy Act (BIPA), Rivera v Google (N.D. Ill. No. 16 C 02714, Dec. 28, 2018), puts the ills of Spokeo Inc. v. Robins on full display. In Rivera, plaintiffs sued Google under BIPA, which prohibits companies from collecting and storing specific types of biometric data without people’s consent. The plaintiffs alleged that Google […]
I’m pleased to announce that there is a newly-created archive of all of my notable privacy+security books posts – for years 2008-present. Together, there are probably about 100 books featured. The past decade has seen a tremendous abundance of scholarship on privacy and security topics, and there are some truly essential books discussed in these […]
It is sad to say goodbye to ConcurringOpinions.com, a law professor blog I co-founded in 2005. The blog began when a group of us (Dave Hoffman, Kaimi Wenger, Nate Oman, and me) who were blogging at PrawfsBlawg decided we wanted more autonomy in blog governance, so we founded Concurring Opinions. Over the years, we added […]
Much Internet traffic is not human. According to the NY Times: How much of the internet is fake? Studies generally suggest that, year after year, less than 60 percent of web traffic is human; some years, according to some researchers, a healthy majority of it is bot. For a period of time in 2013, the Times reported this […]
Move over robocop, there’s a new constable in town — the robocall cop. In the past decade, robocalls have surged. There has also been a dramatic rise in litigation about these calls under the Telephone Consumer Protection Act (TCPA). The TCPA litigation is led by a small group of serial litigators, people who have assumed the […]
Here are some notable books on privacy and security from 2018. To see a more comprehensive list of nonfiction works about privacy and security, Professor Paul Schwartz and I maintain a resource page on Nonfiction Privacy + Security Books.
Pagosa Springs Medical Center (PSMC) has agreed to pay $111,400 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) for an alleged violation of HIPAA. OCR found that the company failed to deactivate a former employee’s access to a web-based calendar that contained the protected health information […]
On December 4, 2018, New York Attorney General Barbara D. Underwood announced a $4.95 million settlement with Oath, Inc. (formerly known as AOL), for violating the Children’s Online Privacy Protection Act (COPPA). This is the largest penalty in a COPPA enforcement case in U.S. history.
Advanced Care Hospitalists PL (ACH) has agreed to pay $500,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) for an alleged violation of HIPAA. OCR found that the company shared protected health information (PHI) with an unknown vendor without a business associate agreement (BAA). According to […]
12/13/18 Update: Here is the video from the session described below. On Wednesday, December 12, 2018, I’ll be speaking at the Data Security hearing, part of the FTC Hearings on Competition and Consumer Protection in the 21st Century. My panel begins at 1:00 PM: The U.S. Approach to Consumer Data Security Wednesday, December 12, 2018 from […]