Posts about Privacy and Security by Professor Daniel J. Solove for his blog at TeachPrivacy, a privacy awareness and security training company.
I am pleased to announce that Alan Westin’s classic work, Privacy and Freedom, is now back in print. Originally published in 1967, Privacy and Freedom had an enormous influence in shaping the discourse on privacy in the 1970s and beyond, when the Fair Information Practice Principles (FIPPs) were developed. The book contains a short introduction […]
I’m very excited that the 1st annual Privacy + Security Forum (Oct. 21-23 in Washington, DC) is finally beginning! We have about 190 speakers and 60+ sessions. Session Descriptions: Session Descriptions Guide [link no longer available] Readings: Readings for each session are on our schedule page [link no longer available] Session Times and Location: Session […]
By Daniel J. Solove In a profound ruling with enormous implications,the European Court of Justice (ECJ) has declared the Safe Harbor Arrangement to be invalid. [Press Release] [Opinion] The Safe Harbor Arrangement The Safe Harbor Arrangement has been in place since 2000, and it is a central means by which data about EU citizens can […]
My new annual event, the Privacy + Security Forum (Oct. 21-23 in Washington, DC), is just a week away. I’m very excited about it. The goals of the event are to better unite privacy and security and to have sessions that are substantive and interactive
A popular way some organizations are raising awareness about phishing is by engaging in simulated phishing exercises of their workforce. Such simulated phishing can be beneficial, but there are some potential pitfalls and also important things to do to ensure that it is effective. 1. Be careful about data collection and discipline Think about the data […]
By Daniel J. Solove Whenever I go to a doctor and am asked what I do for a living, I say that I focus on information privacy law. “HIPAA?” the doctors will ask. “Yes, HIPAA,” I confess. And then the doctor’s face turns grim. At first, it looks like the face of a doctor about […]
Co-authored by Professor Woodrow Hartzog. Authentication presents one of the greatest security challenges organizations face. How do we accurately ensure that people seeking access to accounts or data are actually whom they say they are? People need to be able to access accounts and data conveniently, and access must often be provided remotely, without being […]
By Daniel J. Solove Co-authored by Professor Paul Schwartz This post is part of a post series where we round up some of the interesting news and resources we’re finding. For a PDF version of this post, and for archived issues of previous posts, click here. We cover health issues in a separate post. News […]
By Daniel J. Solove A recent New York Times article discusses the issue of what happens to your personal data when companies go bankrupt or are sold to other companies: When sites and apps get acquired or go bankrupt, the consumer data they have amassed may be among the companies’ most valuable assets. And […]
By Daniel J. Solove I’m a St. Louis Cardinals fan, so I guess it is fitting that my favorite team becomes embroiled in a big privacy and data security incident. At the outset, apologies for the feature photo above. It pulled up under a search for “baseball hacker,” and as a collector of ridiculous […]