PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

What Is Sensitive Data? Different Definitions in Privacy Law

Sensitive Data Image 01

by Daniel J. Solove

I was corresponding with K. Royal the other day, as she was graciously providing some feedback on a training program I created, and we got to talking about sensitive data. In their privacy laws, many countries designate a special category of data called “sensitive data” that receives especially stringent protections.

The most common list of categories for sensitive data is the list in the EU Data Protection Directive, which includes data about “racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union memberships, health, and sex life.”

The US has no special category of “sensitive data” but US privacy law does protect certain forms of data more stringently (health, financial).

I find it interesting what various countries define as sensitive data, and K Royal has created an awesome chart that she shared with me:

Chart of Sensitive Data in Various Countries

To a privacy wonk like me, a chart like this makes me giddy with excitement, and so I thought I’d share it with you (with her permission, of course).

Here’s a tally of the various types of most-commonly recognized categories of sensitive data. This is based on a chart of the sensitive data category of many countries that K Royal created.

Sensitive Data Chart Word Tally 03

SPECIFIC COUNTRIES’ DEFINITIONS OF SENSITIVE DATA

You can access the full Excel spreadsheet of the data here.

Note: The entry for “standard” means the standard list from the EU Data Protection Directive. The categories encompassed by “standard” include the one beginning “national, Racial/Ethnic” through “sexual preferences and practices.”  More background about K’s project can be found at her blog.

If you want to see the spreadsheet data laid out in a blog post, you can see my longer post about the issue at my LinkedIn Blog.

Follow Professor Solove on Social Media

If you are interested in privacy and data security issues, there are many great ways Professor Solove can help you stay informed:

Professor Solove’s LinkedIn Influencer blog

LinkedIn Influencer 02 You can follow Professor Solove on his blog at LinkedIn, where he is an “LinkedIn Influencer.”  He blogs about various privacy and data security issues. His blog has more than 600,000 followers.

LinkedIn Influencer 01

*    *    *    *

Professor Solove’s Twitter Feed

Twitter 01Professor Solove is active on Twitter and posts links to current privacy and data security stories and new scholarship, cases, and developments of note.

*    *    *    *

Professor Solove’s Newsletter

Newsletter 01Sign up for our newsletter where Professor Solove provides information about his recent writings and new training programs that he has created.

*    *    *    *

Professor Solove’s LinkedIn Discussion Groups

Please join one or more of Professor Solove’s LinkedIn discussion groups, where you can follow new developments on privacy, data security, HIPAA, and education privacy issues. You can also participate in the discussion, share interesting news and articles, ask questions, or start new conversations:

Privacy and
Data Security
HIPAA Privacy
and Security
Education Privacy
and Data Security
Image Group LinkedIn Logo Education Privacy 01Image Group LinkedIn Logo HIPAA 01Image Group LinkedIn Logo Privacy Security 01

What Google Must Forget: The EU Ruling on the Right to Be Forgotten

 

google right to be forgotten blog 1

by Daniel J. Solove

In a momentous decision, the EU Court of Justice has ruled in favor of a Spanish man who sought to have links to his personal data removed from Google search results. Under what has become known as the “right to be forgotten,” EU citizens have a right to the deletion of certain personal data under the EU Data Protection Directive.

The EU Court of Justice has concluded that “the operator of a search engine is obliged to remove from the list of results displayed following a search made on the basis of a person’s name links to web pages, published by third parties and containing information relating to that person, also in a case where that name or information is not erased beforehand or simultaneously from those web pages, and even, as the case may be, when its publication in itself on those pages is lawful.”

Continue Reading

The Future of Global Privacy: Conflict or Harmony?

future of global privacy blog 1

by Daniel J. Solove

I recently had the opportunity to interview Christopher Kuner, Senior Of Counsel with Wilson Sonsini Goodrich & Rosati in Brussels. He is also an Honorary Professor at the University of Copenhagen, a visiting fellow at the London School of Economics, and teaches at the University of Cambridge. He is editor-in-chief of the law journal International Data Privacy Law, and has been active in international organizations such as the Council of Europe, the OECD, and UNCITRAL. His book entitled “Transborder Data Flows and Data Privacy Law” was published in 2013 by Oxford University Press. More information is available at his personal web site.

Continue Reading

The Year in Privacy 2013 and the Year to Come

high-tech technology background with eyes on computer display

by Daniel J. Solove

2013 was a remarkable year in privacy developments. Here are four main trends I saw occurring this year:

1. The heat on the NSA for its broad surveillance programs has been sustained and productive.

The Edward Snowden leaks revealed massive NSA surveillance efforts. What is most interesting in the aftermath of the recent NSA surveillance revelations has been the strong public disapproval of the NSA surveillance and courts finally taking some leadership on the issue, such as one court declaring the surveillance likely unconstitutional. The President’s Review Group on Intelligence and Communications Technologies recommended curbs on the NSA. Congress has yet to show leadership on the issue, which remains disappointing, but we are finally seeing the stirrings of a response and perhaps change. Indeed, 56% of people in a Pew poll “say that federal courts fail to provide adequate limits on the telephone and internet data the government is collecting.”

Moreover, the story regarding NSA surveillance keeps going on. It hasn’t faded. The overall trend is that there is now sustained heat on the NSA and a sustained stirring for changing the law to provide greater oversight and controls on government surveillance.

Continue Reading