Author: Daniel Solove
Posts by Daniel Solove
A Guide to Grading Exams
This post is a reprise of a post I wrote many years ago that has remained popular. I thought I’d repost it now, during exam grading season, to help professors who want to learn the science and art of grading exams. It’s that time of year again. Students have taken their finals, and now […]
Ransomware The Horror Grows
As the FBI warned, ransomware has proven to be a formidable threat costing businesses over $1 billion in 2016, averaging 4,000 attacks per day. Ransomware forces victims to choose between losing access to their files or paying a fee that can range between hundreds and thousands of dollars. Ransomware has already made headlines in the first […]
The U.S. Congress Is Not the Leader in Privacy or Data Security Law
A common myth is that the U.S. Congress is a leader in creating privacy and data security law. But this has not been true for quite some time. Congress isn’t leading, and even the policies and practices of US companies are increasingly built around the law of the European Union (EU) or the states. In […]
Congress’s Attempt to Repeal the FCC Internet Privacy Rules: The Void Will Be Filled
Recently, Congress voted to overturn new FCC rules that regulated the privacy of broadband Internet Service Providers (ISPs). The rules implemented the Communications Act, 47 U.S.C. § 222 to ISPs, requiring opt in for sharing sensitive customer data, opt out for sharing non-sensitive customer data, as well as transparency requirements. Sensitive data includes precise geo-location, children’s […]
2017 HIPAA Enforcement
The first quarter of 2017 is not yet over and the OCR has already released details of four HIPAA enforcement penalties totaling over $11 million. 2016 set a record with $20 million in fines for the year, with $5.2 million of that coming in the first quarter. In just the first 2 months of […]
Cartoon About Connected Devices
This cartoon depicts the potential future of the Internet of Things. As more and more devices are connected to the Internet, including ones implanted in people’s bodies, increasing thought must be given to the privacy and security implications. The speed of technological development is moving at a far greater pace than the speed of policy […]
Phishing Cartoon: Signs of a Phishing Scam
Misspelled words and bad grammar are tell-tale signs of phishing. Why don’t phishers learn spelling and grammar? Can’t they afford a copy of Strunk and White? Phishers don’t need to spell better because their poorly-written schemes still fool enough people. It’s just math for the phishers — a numbers game. If you handle IT […]
Privacy Cartoon: Privacy Budget vs. Security Budget
My cartoon depicts the discrepancy in the security and privacy budgets at many organizations. Of course, the cartoon is an exaggeration. In an IAPP survey of Chief Privacy Officers at Fortune 1000 companies in 2014, privacy budgets were nearly half of what security budgets were. That’s actually better for privacy than many might expect. […]
Lessons from 2016, the Biggest HIPAA Enforcement Year on Record
Time to call the Guinness Book of World Records because HHS has set a new world record in HIPAA enforcement. 2016 saw a considerable increase in HIPAA enforcement resolution agreements and monetary penalties. At the end of 2016, the OCR logged over $20 million in fines for HIPAA violations from 15 enforcement actions with monetary […]