PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Digital Dossiers and the Aggregation Effect

Digital Person 03

This year is the 20th anniversary of my first book, The Digital Person: Technology and Privacy In the Information Age (NYU Press 2004) (Amazon) (free digital copy on SSRN). I thought that it would be a great opportunity to engage in a reflection on some of the points I discussed in the book.  Apologies for […]

Against Privacy Essentialism – My Response to Angel and Calo’s Critique of My Theory of Privacy

Against Privacy Essentialism - Solove Response to Angel and Calo 03

What is “privacy”? The concept of privacy has been elusive to define, but I developed a theory for understanding privacy about 20 years ago. Maria Angel and Ryan Calo recently published a formidable critique of my theory of privacy: Maria P. Angel and Ryan Calo, Distinguishing Privacy Law: A Critique of Privacy as Social Taxonomy, […]

Are Many Privacy Violations Also Data Breaches?

Privacy and Security

Data breaches and privacy violations have long been thought of as different things, but actually, there is a lot of overlap. Two recent FTC cases address this issue. These cases involve the Health Breach Notification Rule, 16 CFR Part 318, which covers health data breaches beyond HIPAA. The Rule had long existed, but the FTC […]

The Prediction Society: Algorithms and the Problems of Forecasting the Future

The Prediction Society - Algorithms and the Problems of Forecasting the Future 02

I am excited to share my new paper draft with Hideyuki (“Yuki”) Matsumi, The Prediction Society: Algorithms and the Problems of Forecasting the Future.  The paper is available for free on SSRN. Yuki is currently pursuing a PhD at Vrije Universiteit Brussel. Yuki began his career as a technologist, then turned to law, where he […]

Cybersecurity and Data Security: What Every Lawyer Should Know

Cybersecurity and Data Security Speakers What Every Lawyer Should Know

I was recently on a terrific panel called Cybersecurity and Data Security: What Every Lawyer Should Know held by Penn State Dickinson Law.  The program focused on the latest developments in cybersecurity and data privacy. The panel was moderated by Professor Daryl Lim, H. Laddie Montague Jr. Chair in Law at Penn St. Dickinson Law. […]

Lawsuits for Wrongful Data Collection – Biometric Data and Beyond: An Interview with Katherine Heaton and Amanda Thai

Powered by recent privacy laws, lawsuits for wrongful data collection have been rapidly increasing. The result is a growing body of caselaw, many unanswered questions, and a new landscape for companies to navigate. I recently had the opportunity to discuss the expanding number of wrongful collection lawsuits with several experts at Beazley. Based in Denver, Katherine […]

Restoring the CDA Section 230 to What It Actually Says

CDA 230 02

When Donald Trump targeted the Communications Decency Act (CDA) Section 230, a debate about the law flared up.  Numerous reforms were proposed, some even seeking to abolish the law.  Unfortunately, the debate has been clouded with confusion and misinformation. Although I disagree with many of the proposals to reform it or abolish Section 230, I […]

The Deal with Data Rights: An Interview with Heather Federman

Numerous privacy laws are requiring that companies provide individuals with data rights — rights to access their data, correct their data, learn about uses of their data, delete their data, and more. Administering these rights can be quite complicated for organizations.