This cartoon depicts the challenges of multi-jurisdictional privacy law compliance. In 2018, organizations scrambled to comply with the GDPR. In 2019, businesses are scrambling to comply with the California Consumer Privacy Act (CCPA). And, there will be a new referendum on privacy law in California next year — CCPA 2.0. There’s a flurry of legislative […]
Category: Cartoons
Posts containing Cartoons by Professor Daniel J. Solove for his blog at TeachPrivacy, a privacy awareness and security training company.
Cartoon: Cookies and the GDPR
This cartoon depicts how, after the GDPR, countless websites have cookie notices and require agreeing to accept cookies. I find these cookie notices to be form over substance. These notices are virtually meaningless and don’t help consumers. They are a nuisance. They give privacy a bad name because people start to think that privacy is […]
HIPAA Cartoon: HIPAA as an Excuse
This cartoon depicts something that happens far too often with HIPAA — HIPAA is used as an excuse not to do something (such as make disclosures or provide access to records in ways that patients request) even though HIPAA doesn’t have such a restriction. This is often done out of a lack of knowledge about […]
Cartoon on Data Breach
This cartoon is about evolution of data breaches, which began to grab headlines back in 2005, thanks in large part to California’s data breach notification law — the first of such laws. Since that time, every state has passed breach notification laws, and there are breach notification laws sprouting up around the world. Every day, […]
Cartoon: Data Subject Access Requests Under the CCPA and GDPR
This cartoon is about data subject access requests (DSARs) — sometimes called “subject access requests” (SARs). The GDPR Article 15 provides for DSARs. The new California Consumer Privacy Act (CCPA) provides individuals with a right to learn about the personal data collected and shared about them over the past 12 months. For more background about […]
Cartoon: Data Minimization
This privacy cartoon is about data minimization, a principle embodied in many privacy laws. Under the data minimization principle, organizations are to collect, process, or share only the minimum necessary personal data to achieve their purpose. There’s a lot of hat tipping to data minimization, but this principle is often not followed enough. Far too […]
Cartoon: The CCPA, a Federal Comprehensive Privacy Law, and Preemption
For years, many policymakers, industry representatives, and commentators were opposed to a comprehensive federal privacy law. They typical federalism arguments were often trotted out. Then, in 2018, California passed the California Consumer Privacy Act (CCPA). Now, there seems to be a chorus for a comprehensive federal privacy law with preemption. I’ll be posting soon about […]
Cartoon: Data Breach Notification
This cartoon is about data breach notification. All 50 states plus the District of Columbia and Puerto Rico now have data breach notification laws, and breach notification laws are spreading around the globe. And, as is often said in data security, it’s not whether a breach will happen, but when . . .
Cartoon: Artificial Intelligence
This cartoon about artificial intelligence is based on something I often hear — that it is impossible to understand how certain decisions are made by certain algorithms. I wonder whether this problem is due to the fact that not enough effort is being devoted to addressing ethical issues such as the transparency of the decisionmaking […]
Cartoon: Halloween in the Age of Big Data
Happy Halloween! I hope you enjoy this privacy cartoon about Halloween and Big Data.