PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

The FTC Has the Authority to Enforce Data Security: FTC v. Wyndham Worldwide Corp.

by Daniel J. Solove The U.S. Court of Appeals for the 3rd Circuit just affirmed the district court decision in FTC v. Wyndham Worldwide Corp., No. 14-3514 (3rd. Cir. Aug. 24, 2015).  The case involves a challenge by Wyndham to an Federal Trade Commission (FTC) enforcement action emerging out of data breaches at the Wyndham. […]

Should the FTC Kill the Password? The Case for Better Authentication

Co-authored by Professor Woodrow Hartzog. Authentication presents one of the greatest security challenges organizations face. How do we accurately ensure that people seeking access to accounts or data are actually whom they say they are? People need to be able to access accounts and data conveniently, and access must often be provided remotely, without being […]

Understanding the FTC on Privacy and Security

Privacy Training Blog FTC

by Daniel J. Solove I recently held a webinar about the Federal Trade Commission (FTC) for TRUSTe called Understanding the FTC on Privacy and Security.   The webinar is free and is archived at TRUSTe’s site. Here is a brief synopsis of the webinar: For the past nearly two decades, the FTC has risen to […]

Going Bankrupt with Your Personal Data

By Daniel J. Solove   A recent New York Times article discusses the issue of what happens to your personal data when companies go bankrupt or are sold to other companies: When sites and apps get acquired or go bankrupt, the consumer data they have amassed may be among the companies’ most valuable assets. And […]

Health Data Security in Crisis, Phase 2 Audits, and Other HIPAA Privacy + Security Updates

By Daniel J. Solove Co-authored with Professor Paul Schwartz This post is part of a post series where we round up some of the interesting news and resources we’re finding. We have split the health/HIPAA material from our updates on other topics. To see our updates for other topics, click here. For a PDF version […]

Facebook Privacy Sherpas, the Internet of Things, and Other Privacy + Security Updates

By Daniel J. Solove and Paul M. Schwartz This post is co-authored with Professor Paul M. Schwartz. This post is part of a post series where we round up some of the interesting news and resources we’re finding. For a PDF version of this post, and for archived issues of previous posts, click here.

The Worst Password Ever Created

by Daniel J. Solove People create some very bad passwords. In the list of the most popular passwords of 2014, all of them are terrible. Just look at the top 10: 123456 password 12345 12345678 Qwerty 123456789 1234 baseball dragon football

Should the FTC Be Regulating Privacy and Data Security?

by Daniel J. Solove This post was co-authored with Professor Woodrow Hartzog. This past Tuesday the Federal Trade Commission (FTC) filed a complaint against AT&T for allegedly throttling the Internet of its customers even though they paid for unlimited data plans. This complaint was surprising for many, who thought the Federal Communications Commission (FCC) was […]

Who Are the Privacy and Security Cops on the Beat?

by Daniel J. Solove Are privacy and security laws being enforced effectively? This post is post #3 of a series called Enforcing Privacy and Security Laws.

Follow Professor Solove on Social Media

If you are interested in privacy and data security issues, there are many great ways Professor Solove can help you stay informed: Professor Solove’s LinkedIn Influencer blog You can follow Professor Solove on his blog at LinkedIn, where he is an “LinkedIn Influencer.”  He blogs about various privacy and data security issues. His blog has […]