PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Key EDPB (European Data Protection Board) Documents for GDPR

EU Article 29 Working Party GDPR Guidance

The EDPB (European Data Protection Board) was created by the EU Data Protection Directive in 1996.  Its purpose is to provide advice, opinions, and guidance about data protection.  The EDPB (European Data Protection Board) is composed of a representative from each EU member state. Below are some of the most important guidelines to be issued […]

Key WP29 Documents for GDPR

EU Article 29 Working Party GDPR Guidance

The Article 29 Working Party was created by the EU Data Protection Directive in 1996.  Its purpose is to provide advice, opinions, and guidance about data protection.  The Article 29 Working Party is composed of a representative from each EU member state.  The General Data Protection Regulation (GDPR) will replace the Working Party with the […]

My Privacy and Security Scholarship in 2017

Scholarship about Privacy and Security

In this post, I provide a brief overview of my scholarship last year. Risk and Anxiety: A Theory of Data Breach Harms  I co-authored  Risk and Anxiety: A Theory of Data Breach Harms with Professor Daniel Keats Citron.  The piece is forthcoming in Texas Law Review this year.  Even though there continues to be a steady […]

Cartoon on GDPR Vendor Management

Cartoon GDPR Vendor Management TeachPrivacy GDPR Training

  This cartoon depicts the challenges of complying with GDPR’s requirements for vendor management.   Under the GDPR, there are serious responsibilities when using a vendor to process personal data.  Broadly, there are three things that data controllers must do: 1. Data controllers must perform due diligence in selecting vendors and that are complaint with GDPR. […]

10 Reasons Why the Fourth Amendment Third Party Doctrine Should Be Overruled in Carpenter v. US

10 Reasons to Overrule the Fourth Amendment Third Party Doctrine

The U.S. Supreme Court will be hearing arguments this week in Carpenter v. United States, which is one of the most important Fourth Amendment cases before the Court.  The case involves whether the Third Party Doctrine will remain viable.  If so, the Fourth Amendment will fade into obsolescence in today’s digital age. In this post, […]

Silencing #MeToo: How NDAs and Litigation Stifle Victims, Innovators, and Critics — An Interview with Orly Lobel

  Countless women have been coming forward to say #MeToo and share their traumatic stories of sexual harassment and assault. But there are many stories we’re not hearing. These stories are being silenced by extremely broad nondisclosure agreements (NDAs), some made at the outset of employment and others when settling litigation over sexual harassment. They […]

Beyond GDPR: The Challenge of Global Privacy Compliance — An Interview with Lothar Determann

For multinational organizations in an increasingly global economy, privacy law compliance can be bewildering these days. There is a tangle of international privacy laws of all shapes and sizes, with strict new laws popping up at a staggering speed. Federal US law continues to fade in its influence, with laws and regulators from abroad taking the […]

Game of Risks: An Interview with Adam Levin on the HBO Breach, Cybersecurity Insurance, and Cyber Risks

  Recently, HBO suffered a massive data breach. The hackers stole unreleased episodes of Game of Thrones and have been leaking them before they are broadcast. Episodes of other shows were also stolen. The hackers grabbed 1.5 terabytes of data including sensitive internal documents.  

Cybersecurity vs. Humans: The Human Problem Requires a Human Answer

Data Security Human Error - Security Awareness Training

According to a recent Ponemon Institute study, the odds of an organization having a data breach are 1 in 4.  The study also found that the average cost of a data breach is $3.62 million in 2017.  That’s a drop of 10%, but the size of data breaches has increased. The Human Problem The vast […]