PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

The Privacy Pillory and the Security Rack: The Enforcement Toolkit

by Daniel J. Solove Are privacy and security laws being enforced effectively? This post is post #2 in a series called Enforcing Privacy and Security Laws. See the end of this post for links to other posts in this series. What kind of sanctions do privacy and security laws use for enforcement? In this post, […]

Why Enforce Privacy and Security Laws?

by Daniel J. Solove PART 1 Are privacy and security laws being enforced effectively? This post is part of a series called Enforcing Privacy and Security Laws. How are privacy and security laws enforced? How should they be enforced? What enforcement works well? What doesn’t? What are the various agencies that are enforcing privacy laws […]

Jennifer Lawrence’s Nude Photos and Civil Rights Law: An Interview with Danielle Citron

Online Harm

“It is a sexual violation. It’s disgusting. The law needs to be changed, and we need to change.” — Jennifer Lawrence on her nude photos being non-consensually disclosed online Fairly recently, Jennifer Lawrence’s iCloud account was hacked and her private nude photos were stolen and posted online. She was mortified. Her case is just one […]

How to Enter the Privacy Profession

by Daniel J. Solove The privacy profession is growing by leaps and bounds, but entering it is tricky. My law students and others frequently ask me how they can enter the privacy field. Most jobs seem to require a few years of experience, but the privacy profession is still relatively new, and getting this experience […]

Why Do Lawsuits for Data Breaches Continue Even Though the Law Is Against Plaintiffs?

by Daniel J. Solove If there’s a big data breach, the class action lawyers will start nipping like a bunch of hungry crocodiles. Upwards of forty separate lawsuits were filed against Target after its data breach, and one was filed the day after the breach became public knowledge. The law, however, has thus far been […]

Does Training Really Work? Can It Reduce Data Security Breaches?

by Daniel J. Solove According to a recent report by Enterprise Management Associates, 56% of employees are not receiving any sort of data security awareness training. This is a rather distressing statistic. It is particularly distressing because according to another study, “when specific employee behaviors are addressed in a meaningful way to bring about a […]

Why the C-Suite Should Have Coffee with the Privacy and Security Officers Every Week

  by Daniel J. Solove As I discussed in a previous post, the two key things that organizations can do to prevent data incidents can be summed up in a simple rhyme: The C-Suite must care The workforce must be aware In this post, I want to focus on the “C-Suite” – a term used […]

The 2 Essential Ways to Prevent Data Breaches

by Daniel J. Solove We’re in the midst of a crisis in data protection. Billions of passwords stolen. . . Mammoth data breaches. . . Increasing threats. . . Malicious hackers . . .