PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

GDPR Training, Writings, and Resources: Roundup from the Past Year

General Data Protection Regulation - GDPR - Training Resources by Prof. Daniel Solove

The General Data Protection Regulation (GDPR) is one of the world’s strictest data privacy laws and requires privacy professionals around the globe to design and implement comprehensive compliance programs.  In the past year, I developed a series of resources and training courses to assist privacy professionals with this complex task.   GDPR Whiteboard 200+ pages of […]

Beyond GDPR: The Challenge of Global Privacy Compliance — An Interview with Lothar Determann

For multinational organizations in an increasingly global economy, privacy law compliance can be bewildering these days. There is a tangle of international privacy laws of all shapes and sizes, with strict new laws popping up at a staggering speed. Federal US law continues to fade in its influence, with laws and regulators from abroad taking the […]

GDPR Cartoon: Taking Privacy Seriously

cartoon-gdpr-training-privacy-shield-training-02

I created this cartoon to illustrate the fact that despite the increasing risk that privacy violations pose to an organization, many organizations are not increasing the funding and resources devoted to privacy.  More work gets thrown onto the shoulders of under-resourced privacy departments. It is time that the C-Suite (upper management) wakes up to the […]

Privacy Shield Training

Privacy Shield Training Course

I have produced a new Privacy Shield training course that provides a short introduction to the EU-US Privacy Shield Framework.  Privacy Shield is an arrangement reached between the EU and US for companies to transfer data about EU citizens to the US.  Privacy Shield replaces the Safe Harbor Arrangement, which was invalidated in 2015 in […]

A New US-EU Safe Harbor Agreement Has Been Reached

EU-US Privacy Shield Safe Harbor Training

Last year, the death of the US-EU Safe Harbor Arrangement sent waves of shock and despair to the approximately 4500 companies that used this mechanism to transfer personal data from the US to the EU.  But a new day has dawned.

Blogging Highlights 2015: Privacy Issues

Privacy Training

I’ve been going through my blog posts from 2015 to find the ones I most want to highlight.  Here are some selected posts on privacy issues: I. PHILOSOPHICAL Privacy by Design: 4 Key Points What Is Privacy? II. PRIVACY LAW Why All Law Schools Should Teach Privacy Law — and Why Many Don’t

10 Implications of the New EU General Data Protection Regulation (GDPR)

EU GDPR Training General Data Protection Regulation

Last week, the EU issued the General Data Protection Regulation (GDPR), a long-awaited comprehensive privacy regulation that will govern all 28 EU member countries.  Clocking in at more than 200 pages, this is quite a document to digest.  According to the European Commission press release: “The regulation will establish one single set of rules which […]

The Growing Problems with the Sectoral Approach to Privacy Law

Sectoral Omnibus Privacy Regulation

By Daniel J. Solove The US regulates privacy with a sectoral approach, with laws that are directed only to specific industries.  In contrast, the EU and many other countries have an omnibus approach — one overarching law that regulates privacy consistently across all industries.  The US is an outlier from the way most countries regulate […]

Sunken Safe Harbor: 5 Implications of Schrems and US-EU Data Transfer

By Daniel J. Solove In a profound ruling with enormous implications,the European Court of Justice (ECJ) has declared the Safe Harbor Arrangement to be invalid. [Press Release]  [Opinion] The Safe Harbor Arrangement The Safe Harbor Arrangement has been in place since 2000, and it is a central means by which data about EU citizens can […]

Privacy Law: From a National Dish to a Global Stew

By Daniel J. Solove This post is co-authored by Professor Neil Richards The recent case of Google v. Vidal-Hall in the UK has generated quite a buzz, with Omer Tene calling it the “European privacy judicial decision of a decade.” The case illustrates several fascinating aspects of the developing global law of privacy, with big […]