PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Privacy Papers for Policymakers Event

FPF Privacy Papers for Policymakers 2022

I’m honored and thrilled that my article with Professor Danielle Keats Citron, Privacy Harms, 102 B.U. Law Review — (forthcoming 2022) has been selected for recognition by the Future of Privacy Forum in the Privacy Papers for Policymakers Competition. The Privacy Papers for Policymakers Event takes place on February 10, 2022 from 1 PM to 3 PM […]

Privacy Harms: A New Version

Typology of Privacy Harms - Citron and Solove 06

Professor Danielle Citron and I have thoroughly revised our article, Privacy Harms, forthcoming 102 B.U. Law Review __ (2022). You can download the latest draft for free on SSRN. Some of the things we updated: We reordered the piece to discuss earlier on our theory of when harm should be required. We added a discussion of […]

Standing and Privacy Harms: A Critique of TransUnion v. Ramirez

Standing and Privacy Harms

I recently published a short essay with Professor Danielle Citron critiquing the recent Supreme Court decision, TransUnion v. Ramirez (U.S. June 25, 2021) where the Court held that plaintiffs lacked standing to use FCRA’s private right of action to sue for being falsely labeled as terrorists in their credit reports. The essay is here: Daniel J. […]

Cartoon: Privacy Harms

Cartoon Privacy Harms - TeachPrivacy Privacy Training 02 small

Friday’s U.S. Supreme Court decision, TransUnion v. Ramirez (U.S. June 25, 2021), prompted me to release this cartoon about privacy harms that I created a while ago.  In TransUnion, a group of plaintiffs sued TransUnion for falsely labeling them as potential terrorists in their credit reports. The Supreme Court held that only some plaintiffs had standing […]

Standing in Data Breach Cases: Why Harm Is Not “Manufactured”

Data Breach Standing - 11th Circuit

In a recent case, the U.S. Court of Appeals for the 11th Circuit weighed in on an issue that has continued to confound courts: Is there an injury caused by a data breach when victims don’t immediately suffer financial fraud?  I wrote on this issue in an article with Professor Danielle Citron in 2018, Risk and Anxiety: […]

Privacy Harms

Privacy Harms

Professor Danielle Keats Citron (University of Virginia School of Law) and I have just posted a draft of our new article, Privacy Harms, on SSRN (free download). Here’s the abstract: Privacy harms have become one of the largest impediments in privacy law enforcement. In most tort and contract cases, plaintiffs must establish that they have […]

Top 10 Privacy Law Developments of the Decade 2010-2019

Top 10 Privacy Law Developments of the Decade 2010-2019 02

It is an understatement to say that a lot has happened in privacy law during the past decade. Here is my list of the most notable developments. NOTE: I am giving a particular emphasis to what I find to be notable from a United States perspective.  What is notable privacy law depends upon where one […]

The Trouble with Spokeo: Standing, Privacy Harms, and Biometric Information

Rivera v Google BIPA - Illinois Biometric Information Privacy Act - Facial Recognition - Spokeo

A recent case involving the Illinois Biometric Information Privacy Act (BIPA), Rivera v Google (N.D. Ill. No. 16 C 02714, Dec. 28, 2018), puts the ills of Spokeo Inc. v. Robins on full display.  In Rivera, plaintiffs sued Google under BIPA, which prohibits companies from collecting and storing specific types of biometric data without people’s consent.  The plaintiffs alleged that Google […]