PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

New Privacy Law Reference Book: Privacy Law Fundamentals

Privacy Law Fundamentals

Professor Paul Schwartz (Berkeley School of Law) and I recently published a new book, PRIVACY LAW FUNDAMENTALS.  This book is a distilled guide to the essential elements of U.S. data privacy law. In an easily-digestible format, the book covers core concepts, key laws, and leading cases.
Continue Reading

The Do Not Call List’s Memory Lapse

Phone

So you signed up for the federal Do Not Call List and expect not to receive any more of those annoying telemarketing calls ever again. Think again. Signing up expires after 5 years, so if you signed up back when the list first came into existence, you’ll need to sign up all over again soon. It’s the FTC’s way of making us feel like Sisyphus. Lame.

Continue Reading

How Should Data Security Breach Notification Work?

Data Breach Notification

In 2005, a series of data security breaches affected tens of millions of records of personal information. I blogged about them herehereherehere, and here.

One of the major issues with data security breaches involves what kind of notification companies should provide. The spate of data security breach announcements began in February 2005, when ChoicePoint announced its breach pursuant to California’s data breach notification law. At the time, California was the only state that mandated individual notice following a breach. Subsequently, numerous states passed laws requiring that companies notify individuals of breaches. Federal legislation is currently being considered to create a national security breach provision. But key questions remain in hot contention. First, what kind of breach should trigger a notification? If the risk of harm is low, some companies contend, then providing notice can be quite costly with little benefit in return. Second, what kind of notice should be given? Notice to each individual affected? Notice to the media or FTC only?

Continue Reading

The Free Credit Reports That Aren’t Free

Free Credit Report

You’ve probably seen the commericals, which run incessantly on CNN and other cable channels. A happy young man says: “I’m thinking of a number . . . ” That number is a credit score, which you can obtain at a website called FreeCreditReport.com. You probably have heard that under a new federal law, credit reporting agencies are required to provide each person with a free credit report once a year. That website, however, has the much more obscure name AnnualCreditReport.com. I previously blogged about my experiences using AnnualCreditReport.com. One of the problems is that if you don’t know that the correct website is AnnualCreditReport.com, then it is very easy to go to the FreeCreditReport.com website. After all, it is featured quite prominently in a Google search for “free credit report.”

But there’s one catch — it ain’t free. Far from it. From the fine print:

Continue Reading