All posts in New Developments

Privacy and Security in Health Tech: Improving Transparency About Practices

Daniel Solove
Founder of TeachPrivacy

Many app developers overlook privacy and security by failing to do one of the most basic first steps of data protection – informing consumers of their practices. For example, in a study published in 2016 in the Journal of the American Medical Association, 80% of diabetes apps surveyed didn’t have a notice informing consumers about privacy practices.  Another recent study of thousands of apps involving all topics revealed that nearly 50% lacked a privacy notice. A study by the Future of Privacy Forum in 2016 revealed that “only 70% of top health and fitness apps had a privacy policy.”

Continue Reading

New Edition of Privacy Law Fundamentals

Daniel Solove
Founder of TeachPrivacy

Privacy Law Fundamentals

I’m pleased to announce that a new 4th edition of my short guide, PRIVACY LAW FUNDAMENTALS  (IAPP 2017)  (co-authored with Professor Paul Schwartz) is now out in print.  This edition incorporates extensive developments in privacy law and includes an introductory chapter summarizing key new laws, cases and enforcement actions.

Privacy Law Fundamentals is designed with an accessible, portable format to deliver vital information in a concise (318 pages) and digestible manner. It includes key provisions of privacy statutes; leading cases; tables summarizing the statutes (private rights of action, preemption, liquidated damages, etc.); summaries of key state privacy laws; and an overview of FTC, FCC, and HHS enforcement actions.

“This is the essential primer for all privacy practitioners.” — David A. Hoffman, Intel Corp.

“In our fast-paced practice, there’s nothing better than a compact and accessible work that is curated by two of the great thinkers of the field.  It is a gem.” — Kurt Wimmer, Covington & Burling LLP

“Two giants of privacy scholarship succeed in distilling their legal expertise into an essential guide for a broad range of the privacy community.” — Jules Polonetsky, Future of Privacy Forum

“This book is my go-to reference for when I need quick, accurate information on privacy laws across sectors and jurisdictions.” — Nuala O’Connor, Center for Democracy and Technology

You can get a copy at IAPP’s bookstore or at Amazon.  For general information about this book as well as all my textbooks and useful resources, visit our Information Privacy Law textbook website.

The full table of contents is below:

Continue Reading

The Future of the FTC on Privacy and Security

Daniel Solove
Founder of TeachPrivacy

Future of the FTC

Co-authored by Professor Woodrow Hartzog

The Federal Trade Commission is the most important federal agency regulating privacy and security. Its actions and guidance play a significant role in setting the privacy agenda for the entire country. With the Trump Administration about to take control, and three of the five Commissioner seats open, including the Chairperson, a lot could change at the FTC. But dramatic change is not common at the agency. What will likely happen with the FTC’s privacy and security enforcement over the next four years?

Continue Reading

Information Security Training: Focus on the Human Problem

Daniel Solove
Founder of TeachPrivacy

Information Security Awareness Training Plan B

I created a new poster about information security training, which is debuting at the RSA conference.  This poster is based on the fact that the vast majority of information security incidents and data breaches occur because of human mistakes.   Information security is only in small part a technology problem; it is largely a human problem.

If you’re at RSA and are interested in information security awareness training, please drop by the TeachPrivacy booth at Moscone North 4802.

RSA Conference 2016

You can pick up a copy of this poster.  And you can also learn about our newest training, which includes a really neat Where’s Waldo style game where users spot privacy and security risks.

Continue Reading

Spot the Privacy and Security Risks Training Game

Daniel Solove
Founder of TeachPrivacy

Spot the Risks Privacy and Information Security Awareness Training

I’m pleased to announce a new training program:  Spot the Risks: Privacy and Security. The program is a Where’s Waldo style risk-spotting game that takes about 5 minutes to complete.  Trainees are asked to spot the risks in an office.  Feedback is provided about each risk so trainees learn many of the most important best practices.

Continue Reading

Drones, Data Breaches, Cramming, and Other Privacy + Security Updates

Daniel Solove
Founder of TeachPrivacy

drones and data breaches

by Daniel J. Solove

This post is co-authored with Professor Paul M. Schwartz.

This post is part of a post series where we round up some of the interesting news and resources we’re finding. For a PDF version of this post, and for archived issues of previous posts, click here.

We became quite busy after the last update, so we’re a bit backlogged. We are catching up on developments late last year and we have a lot of material. We will release the next issue soon, as there is too much material to fit into this issue.

For a PDF version of this post, click here.

Continue Reading

Privacy and Security Developments 2014 Issue 1

Daniel Solove
Founder of TeachPrivacy

privacy and security update

by Daniel J. Solove

Issue 2014 No. 1

This post is co-authored with Professor Paul M. Schwartz.

We spend a lot of time staying up to date so we can update our casebooks and reference books, so we thought we would share with you some of the interesting news and resources we’re finding. We plan to post a series of posts like this one throughout the year.

For a PDF version of this post, click here.

Continue Reading

Follow Professor Solove on Social Media

Daniel Solove
Founder of TeachPrivacy

If you are interested in privacy and data security issues, there are many great ways Professor Solove can help you stay informed:

Professor Solove’s LinkedIn Influencer blog

LinkedIn Influencer 02 You can follow Professor Solove on his blog at LinkedIn, where he is an “LinkedIn Influencer.”  He blogs about various privacy and data security issues. His blog has more than 600,000 followers.

LinkedIn Influencer 01

*    *    *    *

Professor Solove’s Twitter Feed

Twitter 01Professor Solove is active on Twitter and posts links to current privacy and data security stories and new scholarship, cases, and developments of note.

*    *    *    *

Professor Solove’s Newsletter

Newsletter 01Sign up for our newsletter where Professor Solove provides information about his recent writings and new training programs that he has created.

*    *    *    *

Professor Solove’s LinkedIn Discussion Groups

Please join one or more of Professor Solove’s LinkedIn discussion groups, where you can follow new developments on privacy, data security, HIPAA, and education privacy issues. You can also participate in the discussion, share interesting news and articles, ask questions, or start new conversations:

Privacy and
Data Security
HIPAA Privacy
and Security
Education Privacy
and Data Security
Image Group LinkedIn Logo Education Privacy 01 Image Group LinkedIn Logo HIPAA 01 Image Group LinkedIn Logo Privacy Security 01

5 Key Quotes from the FTC v. Wyndham Decision on Data Security

Daniel Solove
Founder of TeachPrivacy

5 key points ftc wyndham blog 1

by Daniel J. Solove

This post was co-authored by Professor Woodrow Hartzog.

The long-awaited federal district court opinion in FTC v. Wyndham was finally released last week. The U.S. District Court for the District of New Jersey rejected Wyndham’s arguments that the FTC lacks the authority to regulate unfair data security practices, that the FTC is required to issues rules before bringing an unfair data security complaint, and that the FTC failed to provide fair notice of what constitutes an unfair data security practice.

I blogged about the case here last week.

Continue Reading

One of the Most Important Data Security Cases Was Just Decided: FTC v. Wyndham

Daniel Solove
Founder of TeachPrivacy

ftc wyndham blog post

by Daniel J. Solove

The case has been quite long in the making. The opinion has been eagerly anticipated in privacy and data security circles. Fifteen years of regulatory actions have been hanging in the balance. We have waited and waited for the decision, and yesterday, it finally arrived.

The case is FTC v. Wyndham, and it is round one to the Federal Trade Commission (FTC).

Continue Reading