We spend a lot of time staying up to date so we can update our casebooks and reference books, so we thought we would share with you some of the interesting news and resources we’re finding. We plan to post a series of posts like this one throughout the year.
I was corresponding with K. Royal the other day, as she was graciously providing some feedback on a training program I created, and we got to talking about sensitive data. In their privacy laws, many countries designate a special category of data called “sensitive data” that receives especially stringent protections.
The most common list of categories for sensitive data is the list in the EU Data Protection Directive, which includes data about “racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union memberships, health, and sex life.”
The US has no special category of “sensitive data” but US privacy law does protect certain forms of data more stringently (health, financial).
I find it interesting what various countries define as sensitive data, and K Royal has created an awesome chart that she shared with me:
Note: The entry for “standard” means the standard list from the EU Data Protection Directive. The categories encompassed by “standard” include the one beginning “national, Racial/Ethnic” through “sexual preferences and practices.” More background about K’s project can be found at her blog.
If you want to see the spreadsheet data laid out in a blog post, you can see my longer post about the issue at my LinkedIn Blog.
Sign up for our newsletter where Professor Solove provides information about his recent writings and new training programs that he has created.
* * * *
Professor Solove’s LinkedIn Discussion Groups
Please join one or more of Professor Solove’s LinkedIn discussion groups, where you can follow new developments on privacy, data security, HIPAA, and education privacy issues. You can also participate in the discussion, share interesting news and articles, ask questions, or start new conversations:
This is the question many are asking these days in light of the recent EU Court of Justice (ECJ) decision that requires search engines such as Google to remove personal data from search results when people request it. (For more background, I wrote about the ECJ decision last week.)
After the decision was released, critics attacked the right to be forgotten as impractical, undesirable, and antithetical to free speech.