PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

GDPR Training, Writings, and Resources: Roundup from the Past Year

General Data Protection Regulation - GDPR - Training Resources by Prof. Daniel Solove

The General Data Protection Regulation (GDPR) is one of the world’s strictest data privacy laws and requires privacy professionals around the globe to design and implement comprehensive compliance programs.  In the past year, I developed a series of resources and training courses to assist privacy professionals with this complex task.   GDPR Whiteboard 200+ pages of […]

The Hidden Force That Will Drive GDPR Privacy Compliance

GDPR Compliance

  The clock is ticking on getting ready to comply with the EU General Data Protection Regulation (GDPR). EU regulators will start enforcing it on May 25, 2018. GDPR is less than a year away, and it’s quite a challenge to get ready for. Becoming compliant is not something that can be achieved overnight, or in a […]

Student Privacy in Peril: Massive Data Gathering With Inadequate Privacy and Security

TeachPrivacy Ad Privacy Training Security Training 01

In October, personal financial data — including social security numbers, loan repayment histories and bank-routing numbers – of thousands of college students was exposed on the Department of Education’s (ED) direct loan website. For seven minutes, anyone surfing the direct loan website could find personal information about students who had borrowed from the Department of […]

Education Privacy in Peril

Education Privacy

I have been spending a lot of time examining education privacy lately, and there are some very troubling things going on in this field.   At a general level, schools lack much sophistication in how they handle privacy issues.  Other industry sectors that handle sensitive personal data have Chief Privacy Officers and a comprehensive privacy program.  […]

Are People Really Harmed By a Data Breach?

Data Breach

“It’s just a flesh wound.” — Monty Python and the Holy Grail Over at Privacy & Security Source, Andrew Serwin, a leading privacy lawyer and author of an excellent treatise on privacy law, has a very thoughtful and informative post [link no longer available] about cases where courts found no harm to individuals by data […]

Family Privacy Rights in Death-Scene Images of the Deceased

Death Scene Photos and Privacy

In Newsweek, Jessica Bennett tells the tragic story about a family being harassed by the spread of death-scene images of their daughter, who was killed in an automobile accident. The photos of Nikki Catsouras were particularly gruesome — Nikki was decapitated in the crash. According to the article, soon after the crash, photos taken by […]