by Daniel J. Solove We’re in the midst of a crisis in data protection. Billions of passwords stolen. . . Mammoth data breaches. . . Increasing threats. . . Malicious hackers . . .
The 2 Essential Ways to Prevent Data Breaches
Category: Data Breach
Posts about Data Breaches by Professor Daniel J. Solove for his blog at TeachPrivacy, a privacy awareness and security training company.
The Biggest PR Mistake in Privacy and Data Security Incidents: An Interview with PR Expert Melanie Thomas
by Daniel J. Solove It happens all the time. An organization has a privacy incident or data breach. The news stories proliferate. Cries of “shame on you” reverberate across the Internet. A number of organizations have an incident response plan, but they often don’t have much of a plan for PR. Certain incidents can take […]
How Should the Law Handle Privacy and Data Security Harms?
by Daniel J. Solove In three earlier posts, I’ve been exploring the nature of privacy and data security harms. In the first post, Privacy and Data Security Violations: What’s The Harm?, I explored how the law often fails to recognize harm for privacy violations and data breaches. In the second post, Why the Law Often […]
Do Privacy Violations and Data Breaches Cause Harm?
by Daniel J. Solove In two earlier posts, I’ve been exploring the nature of privacy and data security harms. Post 1: Privacy and Data Security Violations: What’s The Harm? Post 2: Why the Law Often Doesn’t Recognize Privacy and Data Security Harms In this post, I want to explore two issues that frequently emerge in […]
Why the Law Often Doesn’t Recognize Privacy and Data Security Harms
by Daniel J. Solove In my previous post on privacy/security harms, I explained how the law is struggling to deal with privacy and data security harms. In this post, I will explore why. The Collective Harm Problem One of the challenges with data harms is that they are often created by the aggregation of many […]
Privacy and Data Security Violations: What’s the Harm?
by Daniel J. Solove “It’s just a flesh wound.” – Monty Python and the Holy Grail Suppose your personal data is lost, stolen, improperly disclosed, or improperly used. Are you harmed? Suppose a company violates its privacy policy and improperly shares your data with another company. Does this cause a harm? In most cases, courts […]
6 Lessons from the Costliest HIPAA Settlement to Date
by Daniel J. Solove The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently announced the costliest HIPAA settlement to date — a $4.8 million settlement with New York and Presbyterian Hospital (NYP) and Columbia University (CU). The case involved the disclosure of protected health information on the Internet. Here […]
Big Data and Our Children’s Future: On Reforming FERPA
by Daniel J. Solove Last week, the White House released its report, Big Data: Seizing Opportunities, Preserving Values. My reaction to it is mixed. The report mentions some concerns about privacy with Big Data and suggests some reforms, but everything is stated so mildly, in a way designed to please everyone. The report is painted […]
One of the Most Important Data Security Cases Was Just Decided: FTC v. Wyndham
by Daniel J. Solove The case has been quite long in the making. The opinion has been eagerly anticipated in privacy and data security circles. Fifteen years of regulatory actions have been hanging in the balance. We have waited and waited for the decision, and yesterday, it finally arrived. The case is FTC v. Wyndham, […]
Duties When Contracting with Data Service Providers
by Daniel J. Solove In the world of data protection, it’s an old story: Personal data gets shared with a third party data service provider, and then something goes wrong at the provider. Whose fault is it? The organization that shared the personal data with the vendor certainly has responsibility, as organizations are generally responsible […]