PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Cartoon: Cookies and the GDPR

Cartoon Cookies and the GDPR

This cartoon depicts how, after the GDPR, countless websites have cookie notices and require agreeing to accept cookies.  I find these cookie notices to be form over substance.  These notices are virtually meaningless and don’t help consumers. They are a nuisance.  They give privacy a bad name because people start to think that privacy is […]

Entering the New Age of Privacy in the US: Learning from GDPR — An Interview with Daniel Barber

I had the chance to interview Daniel Barber, CEO and Co-founder of DataGrail. DataGrail is a purpose-built privacy management platform that ensures sustained compliance with the GDPR, CCPA, and forthcoming regulations. Their customers span a variety of industries and include Databricks, Plexus Worldwide, TRI Pointe Homes, Outreach, Intercom, and SaaStr. Daniel and I spoke about the lessons […]

ALI Data Privacy: Overview and Black Letter Text — Available for Download

American Law Institute (ALI) Data Privacy 01

Professor Paul Schwartz and I have posted the black letter text of the American Law Institute (ALI), Principles of the Law, Data Privacy. Professor Paul Schwartz and I were co-reporters on the project.  Earlier this year, I wrote a post about our completion of the project.  According to the ALI press release: “The Principles seek to […]

Establishing a Robust Law School Educational Program for Privacy Law

Privacy Law Educational Progaram

Recently, the International Association of Privacy Professionals (IAPP) released a ranking of law schools based on their educational programs in privacy law.  Although I applaud the effort to focus more attention on the issue of teaching privacy law in law schools, there are many aspects of the project that I would do differently.  In this […]

The FTC Can Rise to the Privacy Challenge, but Not Without Help From Congress

FTC

Over at Lawfare, I have an essay co-authored by Chris Hoofnagle and Woodrow Hartzog called The FTC Can Rise to the Privacy Challenge, but Not Without Help From Congress.  This piece is also posted at the Brooking Institution’s TechTank.  The essay begins: Facebook’s recent settlement with the Federal Trade Commission (FTC) has reignited debate over whether the […]

ALI Principles of Law, Data Privacy

ALI Principles of Law Data Privacy

I’m thrilled that, the American Law Institute (ALI) has approved the Principles of the Law, Data Privacy. Professor Paul Schwartz and I were co-reporters on the project.  According to the ALI press release: “The Principles seek to provide a set of best practices for entities that collect and control data concerning individuals and guidance for […]

Profiling and the GDPR: An interview with Mark Singer and Raf Sanchez

I had the opportunity to interview Mark Singer and Raf Sanchez, both at Beazley, about the issue of profiling and the GDPR. Mark Singer is a member of the Cyber & Executive Risk Group at Beazley. Mark handles insurance coverage issues arising out of cybersecurity, technology errors and omissions, data privacy, intellectual property, media and advertising liabilities. Raf […]

Anatomy of a Privacy Law

Anatomy of a Privacy Law - Prof Daniel Solove 01

I was recently giving a presentation about new privacy laws, and I created the infographic above to catalog the various elements that privacy laws often have.  Going through this list can help to assess how complete a privacy law is.  For example, the California Consumer Privacy Act (CCPA) is often compared to the General Data […]