PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Top 10 Privacy Law Developments of the Decade 2010-2019

Top 10 Privacy Law Developments of the Decade 2010-2019 02

It is an understatement to say that a lot has happened in privacy law during the past decade. Here is my list of the most notable developments. NOTE: I am giving a particular emphasis to what I find to be notable from a United States perspective.  What is notable privacy law depends upon where one […]

Read More…

Cartoon: Multi-Jurisdictional Privacy Law Compliance

Cartoon Multi-Jurisdictional Privacy Law Compliance Poodle - TeachPrivacy CCPA Training 02 small

This cartoon depicts the challenges of multi-jurisdictional privacy law compliance. In 2018, organizations scrambled to comply with the GDPR.  In 2019, businesses are scrambling to comply with the California Consumer Privacy Act (CCPA).  And, there will be a new referendum on privacy law in California next year — CCPA 2.0.  There’s a flurry of legislative […]

Read More…

Developing a Multi-Jurisdictional Approach to Privacy Laws — An Interview with K Royal

Global Privacy Law

I’m thrilled to interview K Royal, Senior Director, Western Region, Privacy, at TrustArc. K has had a long career in privacy law, having served as privacy counsel for several companies. She’s also an adjunct professor at Arizona State University. Prof Solove: What is the need for a multi-jurisdictional approach to privacy laws? K Royal: With the European […]

Read More…

Cartoon: Cookies and the GDPR

Cartoon Cookies and the GDPR

This cartoon depicts how, after the GDPR, countless websites have cookie notices and require agreeing to accept cookies.  I find these cookie notices to be form over substance.  These notices are virtually meaningless and don’t help consumers. They are a nuisance.  They give privacy a bad name because people start to think that privacy is […]

Read More…

Entering the New Age of Privacy in the US: Learning from GDPR — An Interview with Daniel Barber

I had the chance to interview Daniel Barber, CEO and Co-founder of DataGrail. DataGrail is a purpose-built privacy management platform that ensures sustained compliance with the GDPR, CCPA, and forthcoming regulations. Their customers span a variety of industries and include Databricks, Plexus Worldwide, TRI Pointe Homes, Outreach, Intercom, and SaaStr. Daniel and I spoke about the lessons […]

Read More…

Profiling and the GDPR: An interview with Mark Singer and Raf Sanchez

I had the opportunity to interview Mark Singer and Raf Sanchez, both at Beazley, about the issue of profiling and the GDPR. Mark Singer is a member of the Cyber & Executive Risk Group at Beazley. Mark handles insurance coverage issues arising out of cybersecurity, technology errors and omissions, data privacy, intellectual property, media and advertising liabilities. Raf […]

Read More…

Cartoon: Data Subject Access Requests Under the CCPA and GDPR

Cartoon Data Subject Access Requests (DSARs) - TeachPrivacy CCPA Training 02

This cartoon is about data subject access requests (DSARs) — sometimes called “subject access requests” (SARs).  The GDPR Article 15 provides for DSARs.  The new California Consumer Privacy Act (CCPA) provides individuals with a right to learn about the personal data collected and shared about them over the past 12 months. For more background about […]

Read More…

Anatomy of a Privacy Law

Anatomy of a Privacy Law - Prof Daniel Solove 01

I was recently giving a presentation about new privacy laws, and I created the infographic above to catalog the various elements that privacy laws often have.  Going through this list can help to assess how complete a privacy law is.  For example, the California Consumer Privacy Act (CCPA) is often compared to the General Data […]

Read More…

The Funniest Privacy and Security Stock Photos

Security On Off

I’ve been creating security and privacy awareness training for years, and I am always in the hunt for good stock photos to illustrate these issues.  I thought I’d share with you some of the most ridiculous ones I’ve come across. For the past four years, I’ve posted just the funniest hacker stock photos, but this year, I […]

Read More…

Locating Personal Data and Tracking Privacy Rights: An Interview with Dimitri Sirota

One of the biggest challenges for organizations is locating all the personal data they have. This task must be done, however, to comply with the General Data Protection Regulation (GDPR) and other privacy laws. Moreover, the GDPR and the new California Consumer Privacy Act provide that individuals have rights regarding their data. These rights often […]

Read More…