PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Preparing for GDPR: A Year to Batten Down the Hatches

GDPR Cartoon by Daniel J Solove

The General Data Protection Regulation (GDPR) will go into effect on May 25, 2018.  The GDPR strengthens privacy protections in the EU and includes a number of additional rights and responsibilities.

Continue Reading

Privacy Training for Data Privacy Day

Data Prviacy Data Privacy Awareness Training Courses 01

Data Privacy Day Logo 01

For Data Privacy Day this year, I’m happy to make available for the day two new short privacy training programs I created in collaboration with Intel.  Ordinarily, I require a login to view my training programs, but for this day, I have put them outside the wall for anyone to see.  So click on the programs below to watch them — I’ll keep them up through the weekend.  Then, they’ll go behind the wall, so you’ll need to request an evaluation login to see them afterwards.

NOTE: These programs are now no longer publicly available.  To see them, please contact us.

The first program is a short 2-minute awareness video about Data Retention.

The second program is an 8.5 minute program called Defining Personal Information.  It seeks to explain how to identify personal information, which is a tricky issue because what counts as personal information is not static and is contextual and contingent in some cases.

These programs were created for Intel with their collaboration.  Intel graciously allowed me to add generic versions of these programs to my training course library.   And in support of Data Privacy Day, Intel was encouraging of my making them publicly available.

I. Data Retention

Privacy Awareness Training Module - Data Retention

II. Defining Personal Information

Privacy Awareness Training Module - Defining Personal Information

Continue Reading

“Privacy”: A Unique Play Starring Your Smart Phone

Privacy Awareness

I was fortunate to see James Graham’s incisive play “Privacy” this past Sunday at the Public Theater in New York City.  The play is a witty and immensely engaging examination of all the data being collected about us and being assembled into digital dossiers.  Technology is adeptly woven into the play.  At many points during the production, audience members are asked to use their smart phones.  The script is entertaining and intelligent.  There is never a dull moment, and I was laughing throughout. Continue Reading

Spot the Privacy and Security Risks Training Game

Spot the Risks Privacy and Information Security Awareness Training

I’m pleased to announce a new training program: Spot the Risks: Privacy and Security. The program is a Where’s Waldo style risk-spotting game that takes about 5 minutes to complete.  Trainees are asked to spot the risks in an office.  Feedback is provided about each risk so trainees learn many of the most important best practices.

Continue Reading

New Privacy and Security Awareness Training Programs

security awareness training

I created some new training programs last year, and here are some of the highlights:

Security Training Malware -- Ransomware Attack

The Ransomware Attack (~5 mins)

This short program (~5 minutes) consists of an interactive cartoon vignette about malware.  The program is highly interactive, and trainees engage with a scenario involving ransomware. Although this program involves ransomware, the lessons it teaches apply broadly to all malware.  The program focuses on how to avoid having malware installed on one’s computer and what to do (and not to do) if this ever happens.

Module Lifecycle of Personal Data 01

The Life Cycle of Personal Data (~ 15 mins)

This privacy awareness training course (~ 15 minutes) is a highly-interactive overview of privacy responsibilities and protections regarding the collection, use, and sharing of personal data.  The course has 8 quiz questions. The course tracks the life cycle of personal data, starting from when it is collected or created. The course concludes with a discussion of data retention and destruction.

Continue Reading