By Daniel J. Solove Proponents for allowing government officials to have backdoors to encrypted communications need to read Franz Kafka. Nearly a century ago, Kafka deftly captured the irony at the heart of their argument in his short story, “The Burrow.” After the Paris attacks, national security proponents in the US and abroad have been […]
Category: Data Security
Posts about Data Security by Professor Daniel J. Solove for his blog at TeachPrivacy, a privacy awareness and security training company.
Ransomware’s Dilemma: Pay It or Not?
Ransomware is one of the most frightening scourges to hit the Internet. Ransomware is a form of malware (malicious code) that encrypts a person’s files and demands a ransom payment to decrypt them. If the money isn’t paid, the encryption keys are destroyed, and the data is lost forever. Ransomware began to emerge in 2009, […]
Does Cybersecurity Law Work Well? An Interview with Ed McNicholas
“The US is developing a law of cybersecurity that is incoherent and unduly complex,” says Ed McNicholas, one of the foremost experts on cybersecurity law. McNicholas is a partner at Sidley Austin LLP and co-editor of the newly-published treatise, Cybersecurity: A Practical Guide to the Law of Cyber Risk (with co-editor Vivek K. Mohan). The […]
K-12 Schools Must Teach Data Privacy and Security
By Daniel J. Solove It is essential that children learn about data privacy and security. Their lives will be fully enveloped by technologies that involve data. But far too little about these topics is currently taught in most schools. Fortunately, there is a solution, one that I’m proud to have been involved in creating. The […]
Great Fictional Works About Privacy and Security
By Daniel J. Solove At my annual event, the Privacy+Security Forum, which was held last month, one of the sessions involved privacy and security in fiction. The panelists had some terrific readings suggestions, and I thought I’d share with you the write-up that they generated for their session. The speakers were: Peter Winn, Assistant U.S. […]
The Growing Problems with the Sectoral Approach to Privacy Law
By Daniel J. Solove The US regulates privacy with a sectoral approach, with laws that are directed only to specific industries. In contrast, the EU and many other countries have an omnibus approach — one overarching law that regulates privacy consistently across all industries. The US is an outlier from the way most countries regulate […]
Alan Westin’s Privacy and Freedom
I am pleased to announce that Alan Westin’s classic work, Privacy and Freedom, is now back in print. Originally published in 1967, Privacy and Freedom had an enormous influence in shaping the discourse on privacy in the 1970s and beyond, when the Fair Information Practice Principles (FIPPs) were developed. The book contains a short introduction […]
Privacy+Security Forum Chart of Session Times + Speakers
I’m very excited that the 1st annual Privacy + Security Forum (Oct. 21-23 in Washington, DC) is finally beginning! We have about 190 speakers and 60+ sessions. Session Descriptions: Session Descriptions Guide [link no longer available] Readings: Readings for each session are on our schedule page [link no longer available] Session Times and Location: Session […]
Sunken Safe Harbor: 5 Implications of Schrems and US-EU Data Transfer
By Daniel J. Solove In a profound ruling with enormous implications,the European Court of Justice (ECJ) has declared the Safe Harbor Arrangement to be invalid. [Press Release] [Opinion] The Safe Harbor Arrangement The Safe Harbor Arrangement has been in place since 2000, and it is a central means by which data about EU citizens can […]
Phishing Your Employees: 3 Essential Tips
A popular way some organizations are raising awareness about phishing is by engaging in simulated phishing exercises of their workforce. Such simulated phishing can be beneficial, but there are some potential pitfalls and also important things to do to ensure that it is effective. 1. Be careful about data collection and discipline Think about the data […]