Posts about Privacy & Security Harm by Professor Daniel J. Solove for his blog at TeachPrivacy, a privacy awareness and security training company.
Move over robocop, there’s a new constable in town — the robocall cop. In the past decade, robocalls have surged. There has also been a dramatic rise in litigation about these calls under the Telephone Consumer Protection Act (TCPA). The TCPA litigation is led by a small group of serial litigators, people who have assumed the […]
Cybersecurity litigation is currently at a crossroads. Courts have struggled in these cases, coming out in wildly inconsistent ways about whether a data breach causes harm. Although the litigation landscape is uncertain, there are some near certainties about cybersecurity generally: There will be many data breaches, and they will be terrible and costly. We thus […]
I have a confession to make, one that is difficult to fess up to on the US side of the pond: I love the GDPR. There, I said it. . . In the United States, a common refrain about GDPR is that it is unreasonable, unworkable, an insane piece of legislation that doesn’t understand how […]
In In re Zappos.com, Inc., Customer Data Security Breach Litigation (9th Cir., Mar. 8, 2018), the U.S. Court of Appeals for the 9th Circuit issued a decision that represents a more expansive way to understand data security harm. The case arises out of a breach where hackers stole personal data on 24 million+ individuals. Although […]
My new article was just published: Risk and Anxiety: A Theory of Data Breach Harms, 96 Texas Law Review 737 (2018). I co-authored the piece with Professor Danielle Keats Citron. We argue that the issue of harm needs a serious rethinking. Courts are too quick to conclude that data breaches don’t create harm. There are two […]
In this post, I provide a brief overview of my scholarship last year. Risk and Anxiety: A Theory of Data Breach Harms I co-authored Risk and Anxiety: A Theory of Data Breach Harms with Professor Daniel Keats Citron. The piece is forthcoming in Texas Law Review this year. Even though there continues to be a steady […]
Harm has become the key issue in data breach cases. During the past 20 years, there have been hundreds of lawsuits over data breaches. In many cases, the plaintiffs have evidence to establish that reasonable care wasn’t used to protect their data. But the cases have often been dismissed because courts conclude that the […]
When is a person harmed by a privacy violation? The U.S. Supreme Court just handed down a decision in an important case, Spokeo Inc. v. Robins. Plaintiff Thomas Robins sued Spokeo under the Fair Credit Reporting Act (FCRA) because Spokeo had inaccurate information about him in its profile. Spokeo’s profiles are used by potential employers […]
I am pleased to announce that Alan Westin’s classic work, Privacy and Freedom, is now back in print. Originally published in 1967, Privacy and Freedom had an enormous influence in shaping the discourse on privacy in the 1970s and beyond, when the Fair Information Practice Principles (FIPPs) were developed. The book contains a short introduction […]
By Daniel J. Solove What is privacy? This is a central question to answer, because a conception of privacy underpins every attempt to address it and protect it. Every court that holds that something is or isn’t privacy is basing its decision on a conception of privacy — often unstated. Privacy laws are also based […]