PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

The Ultimate Unifying Approach to Complying with All Laws and Regulations

The Ultimate Unifying Approach to Complying with All Laws and Regulations

Professor Woodrow Hartzog and I have just published our new article, The Ultimate Unifying Approach to Complying with All Laws and Regulations19 Green Bag 2d 223 (2016).  Our article took years of research and analysis, intensive writing, countless drafts, and endless laboring over every word. But we hope we achieved a monumental breakthrough in the law.  Here’s the abstract:

There are countless laws and regulations that must be complied with, and the task of figuring out what to do to satisfy all of them seems nearly impossible. In this article, Professors Daniel Solove and Woodrow Hartzog develop a unified approach to doing so. This approach (patent pending) was developed over the course of several decades of extensive analysis of every relevant law and regulation.

Continue Reading

Teaching Information Privacy Law

Eyes Privacy 01

I originally posted a version of this post more than 10 years ago, in 2005.  I think it is important to re-post it, with a few updates.

I strongly recommend teaching information privacy law in law schools.  I have authored several textbooks in the field, and I know that this might seem like a self-plug.  But I really am a big believer that all law schools should have not just one course on information privacy law, but several — no matter what textbooks are used!

Information privacy law remains a fairly new field, and it has yet to take hold as a course taught consistently in most law schools.  Last year, I wrote a post complaining about the fact that only about 25% of law schools have a course on privacy law. I’m hoping to change all that.

Privacy Law

So if you’re an academic interested in exploring issues involving information technology, criminal procedure, or free speech, you should consider adding information privacy law to your course package.  If you’re a practitioner, consider teaching an information privacy law course as an adjunct.

Here are some reasons to teach the course:

Continue Reading

The Scope and Potential of FTC Data Protection

FTC Privacy and Security

I am pleased to announce the publication of my article, The Scope and Potential of FTC Data Protection., 83 George Washington Law Review 2230 (2015).  I wrote the article with Professor Woodrow Hartzog.

FTC StatueThe article addresses  the scope of FTC authority in the areas of privacy and data security (which together we refer to as “data protection”).  We argue that the FTC not only has the authority to regulate data protection to the extent it has been doing, but that its granted jurisdiction can expand its reach much more. Normatively, we argue that the FTC’s current scope of data protection authority is essential to the United States data protection regime and should be fully embraced to respond to the privacy harms unaddressed by existing remedies available in tort or contract, or by various statutes. In contrast to the legal theories underlying these other claims of action, the FTC can regulate with a much different and more flexible understanding of harm than one focused on monetary or physical injury.

We contend that the FTC can and should push the development of norms a little more (though not in an extreme or aggressive way). We discuss why the FTC should act with greater transparency and more nuanced sanctioning and auditing.

The article was part of a great symposium organized by the George Washington University Law Review: The FTC at 100.

GW Law Review FTC Symposium

Here is a table of contents of the issue, along with links to where you can access each essay and article.

Continue Reading

Does Cybersecurity Law Work Well? An Interview with Ed McNicholas

Cyber Security

“The US is developing a law of cybersecurity that is incoherent and unduly complex,” says Ed McNicholas, one of the foremost experts on cybersecurity law. 

McNicholas is a partner at Sidley Austin LLP and co-editor of the newly-published treatise, Cybersecurity: A Practical Guide to the Law of Cyber Risk (with co-editor Vivek K. Mohan).   The treatise is a superb guide to this rapidly-growing body of law, and it is nicely succinct as treatises go.  It is an extremely useful volume that I’m delighted I have on my desk.  If you practice in this field, get this book.

Continue Reading

Social Dimensions of Privacy

Digital Person 02
I recently received my copy of Social Dimensions of Privacy, edited by Beate Roessler & Dorota Mokrosinska.  The book was published by Cambridge University Press this summer.

Social Dimensions of Privacy ISBN 9781107052376I’m delighted as I look over this book.  The book has a wonderful selection of short philosophical essays on privacy, and I’m honored to be included among the terrific group of chapter authors, who include Anita Allen, Paul Schwartz, Helen Nissenbaum, Judith Wagner DeCew, Kirsty Hughes, Colin Bennett, Adam Moore, and Priscilla Regan, among many others.  Each chapter is succinct and well-chosen.

From the book blurb: “Written by a select international group of leading privacy scholars, Social Dimensions of Privacy endorses and develops an innovative approach to privacy. By debating topical privacy cases in their specific research areas, the contributors explore the new privacy-sensitive areas: legal scholars and political theorists discuss the European and American approaches to privacy regulation; sociologists explore new forms of surveillance and privacy on social network sites; and philosophers revisit feminist critiques of privacy, discuss markets in personal data, issues of privacy in health care and democratic politics. The broad interdisciplinary character of the volume will be of interest to readers from a variety of scientific disciplines who are concerned with privacy and data protection issues.”

My chapter is entitled “The Meaning and Value of Privacy.”

Here’s a full table of contents:

Continue Reading