Posts about Data Security by Professor Daniel J. Solove for his blog at TeachPrivacy, a privacy awareness and security training company.
Ransomware is one of the most frightening scourges to hit the Internet. Ransomware is a form of malware (malicious code) that encrypts a person’s files and demands a ransom payment to decrypt them. If the money isn’t paid, the encryption keys are destroyed, and the data is lost forever. Ransomware began to emerge in 2009, […]
By Daniel J. Solove Proponents for allowing government officials to have backdoors to encrypted communications need to read Franz Kafka. Nearly a century ago, Kafka deftly captured the irony at the heart of their argument in his short story, “The Burrow.” After the Paris attacks, national security proponents in the US and abroad have been […]
“The US is developing a law of cybersecurity that is incoherent and unduly complex,” says Ed McNicholas, one of the foremost experts on cybersecurity law. McNicholas is a partner at Sidley Austin LLP and co-editor of the newly-published treatise, Cybersecurity: A Practical Guide to the Law of Cyber Risk (with co-editor Vivek K. Mohan). The […]
By Daniel J. Solove It is essential that children learn about data privacy and security. Their lives will be fully enveloped by technologies that involve data. But far too little about these topics is currently taught in most schools. Fortunately, there is a solution, one that I’m proud to have been involved in creating. The […]
By Daniel J. Solove At my annual event, the Privacy+Security Forum, which was held last month, one of the sessions involved privacy and security in fiction. The panelists had some terrific readings suggestions, and I thought I’d share with you the write-up that they generated for their session. The speakers were: Peter Winn, Assistant U.S. […]
By Daniel J. Solove The US regulates privacy with a sectoral approach, with laws that are directed only to specific industries. In contrast, the EU and many other countries have an omnibus approach — one overarching law that regulates privacy consistently across all industries. The US is an outlier from the way most countries regulate […]
I am pleased to announce that Alan Westin’s classic work, Privacy and Freedom, is now back in print. Originally published in 1967, Privacy and Freedom had an enormous influence in shaping the discourse on privacy in the 1970s and beyond, when the Fair Information Practice Principles (FIPPs) were developed. The book contains a short introduction […]
I’m very excited that the 1st annual Privacy + Security Forum (Oct. 21-23 in Washington, DC) is finally beginning! We have about 190 speakers and 60+ sessions. Session Descriptions: Session Descriptions Guide [link no longer available] Readings: Readings for each session are on our schedule page [link no longer available] Session Times and Location: Session […]
By Daniel J. Solove In a profound ruling with enormous implications,the European Court of Justice (ECJ) has declared the Safe Harbor Arrangement to be invalid. [Press Release] [Opinion] The Safe Harbor Arrangement The Safe Harbor Arrangement has been in place since 2000, and it is a central means by which data about EU citizens can […]
A popular way some organizations are raising awareness about phishing is by engaging in simulated phishing exercises of their workforce. Such simulated phishing can be beneficial, but there are some potential pitfalls and also important things to do to ensure that it is effective. 1. Be careful about data collection and discipline Think about the data […]