PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

The Funniest Password Recovery Questions and Why Even These Don’t Work

Passwords

  A recent article in Wired argues that it is time to kill password recovery questions. Password recovery questions are those questions that you set up in case you forget your password. Common questions are: In what city were you born? What is your mother’s maiden name? Where did you go to high school? […]

Read More…

HIPAA’s Failure to Provide Enough Patient Control Over Medical Records

  A Not-So-Far-Fetched Seinfeld Episode In a Seinfeld episode called “The Package” from 1996 (click here to see the scene), airing just months after HIPAA was passed,  Elaine goes to see a doctor for a rash. […]

Read More…

An Updated List of Privacy Law Fellowships

Fellowships can be a great way to kick start a career in privacy law.  I have added new fellowships the list I published in February 2016, as well as updated deadlines and other relevant information.  Click here to see the fully updated list of privacy fellowships.  If you know of others I should add, please email me. […]

Read More…

The Triumph of the Privacy Profession: An Interview with Bamberger and Mulligan

The past 20 years have seen the remarkable emergence of the privacy profession. Starting from nothing, this profession originally included a handful of people called Chief Privacy Officers (CPOs). Nobody grew up saying they wanted to be a CPO. Nobody knew what CPOs did. […]

Read More…

The 5 Things Every Privacy Lawyer Needs to Know about the FTC: An Interview with Chris Hoofnagle

Privacy and Security Training

The Federal Trade Commission (FTC) has become the leading federal agency to regulate privacy and data security. The scope of its power is vast – it covers the majority of commercial activity – and it has been enforcing these issues for decades. An FTC civil investigative demand (CID) will send shivers down the spine of […]

Read More…

A List of Privacy Law Fellowships

One way to enter the privacy profession is to do a fellowship, and fortunately, an increasing number of fellowship opportunities are emerging. I have written about the challenges of breaking in to the privacy law profession, especially the challenges that recent law school graduates will face.  There are no established career paths in this field […]

Read More…

What Can We Learn From Bad Passwords?

By Daniel J. Solove The SplashData annual list of the 25 most widely used bad passwords recently was posted for passwords used in 2015.  The list is compiled annually by examining passwords leaked during a particular year.  Here is the list of passwords for 2015, and below it, I have some thoughts and reactions to […]

Read More…

Teaching Information Privacy Law

I originally posted a version of this post more than 10 years ago, in 2005.  I think it is important to re-post it, with a few updates. I strongly recommend teaching information privacy law in law schools.  I have authored several textbooks in the field, and I know that this might seem like a self-plug.  […]

Read More…