PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Why Metadata Matters: The NSA and the Future of Privacy

 by Daniel J. Solove Over at Slate, Dahlia Lithwick and Steve Vladeck have a great piece about why “metadata” matters. It is very much worth reading. Here are some of my thoughts on the matter. Several National Security Agency (NSA) surveillance programs involve gathering metadata about our communications (the numbers we call or the email […]

Privacy and Data Security in Higher Education

by Daniel J. Solove I was recently interviewed in HR Horizons, the magazine of the National Association of College and University Business Officers (NACUBO) on the topic of privacy and data security in higher education. Here are a few excerpts: What is the difference between data security and data privacy, and what risks do each […]

Is Privacy Law Constitutional? Is Personal Data Speech?

by Daniel J. Solove Professor Neil M. Richards (Washington University School of Law) has posted a draft chapter of his forthcoming book about privacy law and free speech. It is a fascinating piece — very accessible and engaging. It’s called Why Data Privacy Law is (Mostly) Constitutional. Eyebrows were raised a few years ago when […]

A List of Privacy Training and Data Security Training Requirements in Laws, Regulations, and Industry Codes

by Daniel J. Solove I was recently asked whether I had a list of the various laws, regulations, and industry codes that require privacy and/or data security training.  I know about a number of training requirements, but didn’t have a formal list.  I realized that such a list would be useful, so I created one […]

The Stunning Need for Improvement on Mobile and Cloud Risks

by Daniel J. Solove A recent study by the Ponemon Institute, The Risk of Regulated Data on Mobile Devices and in the Cloud*, reveals a stunning need for improvement on managing the risks of mobile devices and cloud computing services. The survey involved 798 IT and IT security practitioners in a variety of organizations including […]

Higher Education Needs Privacy Officers and Privacy/Security Training

In 2007, Seung Cho, a student at Virginia Tech, killed 32 students and faculty and wounded 17. He then committed suicide. One of the most troublesome things about this incident was that it might have been prevented if school officials and employees had a better grasp of privacy law. Appointed by the state governor, the […]

Employers and Schools that Demand Account Passwords and the Future of Cloud Privacy

by Daniel J. Solove In 2012, the media erupted with news about employers demanding employees provide them with their social media passwords so the employers could access their accounts. This news took many people by surprise, and it set off a firestorm of public outrage. It even sparked a significant legislative response in the states. […]

New Privacy Training Programs: US, EU, and Global Privacy Law

by Daniel J. Solove We have launched several new privacy training programs, including a series with brief introductions to privacy law.  We have completed a privacy training program about US Privacy Law with a video and interactive material / quiz questions.  And we just completed a training program about EU Privacy Law.  This program has […]

New Financial Privacy Training Programs

by Daniel J. Solove We have begun producing a new program series about financial privacy.  The first two programs are completed. The first part is an overview video that discusses the importance of financial privacy and the various laws and regulations that regulate.  These laws and regulations are discussed very broadly.  The video concludes with […]