I had the great opportunity to interview Mahmood Sher-Jan about new developments in data incident response. Mahmood Sher-Jan, CHPC, is the Founder and CEO of RadarFirst, a company dedicated to applying innovation and software technology to address the growing data privacy and security challenges faced by organizations that maintain regulated personal data. He holds patents in incident management, fraud prevention, […]
I will be having a LinkedIn Live session on Tuesday, May 11, at 1 PM Eastern: Dark Patterns: A Conversation with Elena Elkina, Alexandra Ross, and Daniel Solove Tuesday, May 11 at 1 PM Eastern I’ll be speaking with: Elena Elkina Elena is a a co-founder of Aleada Consulting, a woman and minority owned privacy […]
I will be speaking on May 19th at 4:30pm EST at a virtual book reading of my children’s book, THE EYEMONGER. The event is hosted by the World Bank Data Privacy Office and the World Bank Group Family Network. How to Be a Privacy Superhero: Defeating Spooky Eyes and Internet Spies Virtual Book Reading of […]
On this podcast, Info Matters, I chat with Patricia Kosseim, Information and Privacy Commissioner (IPC) of Ontario, Canada about kids and privacy and my children’s book on privacy, THE EYEMONGER. Episode Summary: Parents, kids, teachers, this one’s for you! Explaining privacy in a way that kids can understand — concepts and tools you can use […]
In a recent case, the U.S. Court of Appeals for the 11th Circuit weighed in on an issue that has continued to confound courts: Is there an injury caused by a data breach when victims don’t immediately suffer financial fraud? I wrote on this issue in an article with Professor Danielle Citron in 2018, Risk and Anxiety: […]
The U.S. Court of Appeals for the 5th Circuit just issued a blistering attack on HIPAA enforcement by the U.S. Department of Health and Human Services (HHS). In University of Texas M.D. Anderson Cancer v. Department of Health and Human Services (No. 19-60226, Jan. 14, 2021), the 5th Circuit struck down a fine and enforcement […]
Here are some of highlights of my privacy training, writing, resources, and humor from 2020.
Numerous privacy laws are requiring that companies provide individuals with data rights — rights to access their data, correct their data, learn about uses of their data, delete their data, and more. Administering these rights can be quite complicated for organizations.
In Facebook Ireland Ltd. v. Maximillian Schrems (Schrems II) (July 16, 2020), the European Court of Justice (CJEU) invalidated the Privacy Shield, a widely-used method to transfer personal data from the EU to the US. The decision also put other data transfer mechanisms—Standard Contractual Clauses (SCC) and Binding Corporate Rules (BCRs)—into significant doubt. The court’s concern was the deficiency of […]
Ransomware has long been a scourge, and it has been growing into a pandemic with no signs of slowing down. I recently had the opportunity to discuss ransomware with several experts at Beazley. Based in Chicago, Ken Suh is the focus group leader for cyber & tech claims at Beazley. Mark Singer is a cyber & tech […]