PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

New Supplemental Materials for INFORMATION PRIVACY LAW Casebooks


I am pleased to announce that Professor Paul Schwartz and I have released new supplemental materials for our INFORMATION PRIVACY LAW casebooks:

(1) edited version of Carpenter v. US

(2) overview of the CCPA + state biometric privacy laws

Continue Reading

Top 10 Privacy Law Developments of the Decade 2010-2019

Top 10 Privacy Law Developments of the Decade 2010-2019 02

It is an understatement to say that a lot has happened in privacy law during the past decade. Here is my list of the most notable developments.

NOTE: I am giving a particular emphasis to what I find to be notable from a United States perspective.  What is notable privacy law depends upon where one is situated.  For example, if one is from a small country, that country’s developments are quite notable even if not well-known on a worldwide stage.

Continue Reading

Cartoon: The Travails of CCPA Compliance

Cartoon CCPA Sisyphus 04

This cartoon depicts the travails of complying with the CCPA as it rapidly evolves.  The CCPA originated when a referendum regarding consumer privacy rights was scheduled to be on the ballot in November 2018.  Alastair Mactaggart, the referendum’s sponsor, offered to withdraw it if California passed a law.  So, in the summer of 2018, the California legislature passed the CCPA in an all-out dash to beat the deadline for the referendum’s withdrawal

Businesses scrambled to get ready to comply for the CCPA’s effective date – January 2020.  Being ready to comply with the CCPA requires quite a lot of work.  Further complicating compliance, the CCPA is riddled with ambiguities and difficult tradeoffs between privacy and data security.

Continue Reading

Cartoon: Multi-Jurisdictional Privacy Law Compliance

Cartoon Multi-Jurisdictional Privacy Law Compliance Poodle - TeachPrivacy CCPA Training 02 small

This cartoon depicts the challenges of multi-jurisdictional privacy law compliance. In 2018, organizations scrambled to comply with the GDPR.  In 2019, businesses are scrambling to comply with the California Consumer Privacy Act (CCPA).  And, there will be a new referendum on privacy law in California next year — CCPA 2.0.  There’s a flurry of legislative activity in the states on privacy — IAPP has a great chart tracking what is going on.  And, each year, more and more countries are passing new comprehensive privacy laws.

We are witnessing the growing pains of privacy law.  Privacy wasn’t adequately regulated for too long, and now the concerns are festering, sparking a rush to action. In the US, state legislation on privacy will continue until the concerns are allayed.  A thoughtful and powerful federal law could weaken the enthusiasm for states to jump into the fray, but this is a challenge with Congress as polarized as it is.

For more on the issue, I recently interviewed K Royal on this topic – see here for the interview.

Continue Reading