PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Webinar: GDPR Enforcement, Trump 2.0, and Max Schrems Blog

Webinar - GDPR Enforcement Trump 2.0 Max Schrems 02 JPG

In this webinar, Professor Daniel Solove discusses with Max Schrems the future of EU-US data transfers in light of the Trump Administration’s actions regarding the PCLOB and the authoritarian turn in the US government.  The discussion also includes GDPR enforcement and class actions in the EU.

Speakers include:

Button Watch Webinar 02

Continue Reading

Webinar: State Privacy Legislation 2.0 Blog

In this webinar, Professor Daniel Solove discusses with Representative Monique Priestley (Vermont Legislature) the future direction of state privacy laws. Should state privacy laws continue to follow the traditional model? Should they take a data minimization approach? Should they include private rights of action? Additionally, the discussion will explore the practical realities of the state legislative process.

Speakers include:

Button Watch Webinar 02

Continue Reading

Review of On Privacy and Technology by Kirkus Reviews

ON PRIVACY AND TECHNOLOGY Kirkus Reviews

I’m very pleased about the review of my new book, ON PRIVACY AND TECHNOLOGY, by Kirkus Reviews: 

Solove reflects on the challenges posed by technology to privacy.

According to the author, a law professor specializing in intellectual property, the “dizzying pace of changing technologies” constitutes a profound challenge to the protection of privacy, one that largely has not been met with an adequate response. In the European Union, the General Data Protection Regulation of 2016 is a “grand achievement” and a “terrific law,” per Solove, but it still does not do enough, and the many laws around the globe modeled upon it are considerably less effective. At the heart of the problem, the author argues with an impressive blend of provocation and prudence, is a lot of muddled thinking about privacy—more specifically, the employment of metaphors that confuse rather than clarify. (For example, artificial intelligence is simply not intelligence—it’s just a lot of “math plus data.”) Moreover, contrary to the dystopian narrative famously proposed by George Orwell in 1984, the author observes that the surveillance of individuals is rarely noticed, and almost no one feels inhibited by it. In fact, Solove posits, the entire discussion about privacy is usually misconceived, and his searching treatise aims to set clear parameters for future debate. Ultimately, the author contends that protecting privacy is really about power: “The law can naively hope that virtue or restraint will do the work of regulation, that organizations will just do the right thing, that the lion will lay down with the lamb. In reality, however, power rarely yields to anything except power.” Solove is the Eugene L. and Barbara A. Bernard Professor of Intellectual Property and Technology Law at the George Washington University Law School, and his expertise is beyond reproach. He’s been thinking about this important issue for a quarter century, and as a result his reflections achieve an admirable depth. For such a brief study—the book is not much longer than 100 pages—an extraordinary expanse of intellectual territory is traversed with rigor and subtlety.

A stimulating overview of one of the central issues of our time.

 

Order
ON PRIVACY AND TECHNOLOGY


Continue Reading

ON PRIVACY AND TECHNOLOGY – Video Trailer

ON PRIVACY AND TECHNOLOGY Video Trailer

I recently released a trailer for my new book, On Privacy and Technology.

Can law protect privacy and keep pace with new technologies, especially AI? The oft-heard answer is no – the law is too slow; policymakers lack sufficient expertise to regulate technology; and regulation will stifle innovation. In my short and accessible book, I argue that these views are wrong. There are effective ways to regulate technology, and they involve reigning in the power of Big Tech and holding companies accountable for the harms they cause.

Learn more about my new book in this video trailer.

 

Order
ON PRIVACY AND TECHNOLOGY


Continue Reading

U.S. State Privacy Laws: Making Sense of the Mess

  U.S. State Privacy Laws: Making Sense of the Mess

The year kicked off with several privacy laws coming into effect, and there are several more scheduled to become active this year. Here’s a current list:

Iowa (January 1, 2025)
Delaware (January 1, 2025)
Nebraska (January 1, 2025)
New Hampshire (January 1, 2025)
New Jersey (January 15, 2025)
Tennessee (July 1, 2025)
Minnesota (July 31, 2025)
Maryland (October 1, 2025)

Continue Reading

Artificial Intelligence and Privacy – FINAL VERSION

Article Artificial Intelligence and Privacy Final Version

I’m delighted to share the newly-published final version of my article:

Artificial Intelligence and Privacy
77 Florida Law Review 1 (2025)

The article aims to provide the conceptual and practical ground work for how to understand the relationship between AI and privacy as well as provide a roadmap for how privacy law should regulate AI.

Abstract:

This Article aims to establish a foundational understanding of the intersection between artificial intelligence (AI) and privacy, outlining the current problems AI poses to privacy and suggesting potential directions for the law’s evolution in this area. Thus far, few commentators have explored the overall landscape of how AI and privacy interrelate. This Article seeks to map that territory.

Some commentators question whether privacy law is appropriate for addressing AI. In this Article, I contend that although existing privacy law falls far short of resolving the privacy problems with AI, privacy law properly conceptualized and constituted would go a long way toward addressing them.

Privacy problems emerge with AI’s inputs and outputs. These privacy problems are often not new; they are variations of longstanding privacy problems. But AI remixes existing privacy problems in complex and unique ways. Some problems are blended together in ways that challenge existing regulatory frameworks. In many instances, AI exacerbates existing problems, often threatening to take them to unprecedented levels.

Overall, AI is not an unexpected upheaval for privacy; it is, in many ways, the future that has long been predicted. But AI glaringly exposes the longstanding shortcomings, infirmities, and wrong approaches of existing privacy laws.

Ultimately, whether through patches to old laws or as part of new laws, many issues must be addressed to confront the privacy problems that AI is affecting. In this Article, I provide a roadmap to the key issues that the law must tackle and guidance about the approaches that can work and those that will fail. 

Download Button
Continue Reading

The Prediction Society: AI and the Problems of Forecasting the Future – FINAL VERSION

Article The Prediction Society
I’m thrilled to announce the release of the final version of my article.

The Prediction Society: AI and the Problems of Forecasting the Future

2025 Illinois Law Review 1 (2025)

 

Abstract:

Predictions about the future have been made since the earliest days of humankind, but today, we are living in a brave new world of prediction. Today’s predictions are produced by machine learning algorithms that analyze massive quantities of personal data. This type of algorithm is commonly referred to as artificial intelligence (AI). Increasingly, important decisions about people are being made based on these algorithmic predictions.

Algorithmic predictions are a type of inference. Many laws struggle to account for inferences, and even when they do, the laws lump all inferences together. But as we argue in this Article, predictions are different from other inferences. Predictions raise several unique problems that current law is ill-suited to address. First, algorithmic predictions create a fossilization problem because they reinforce patterns in past data and can further solidify bias and inequality from the past. Second, algorithmic predictions often raise an unfalsifiability problem. Predictions involve an assertion about future events. Until these events happen, predictions remain unverifiable, resulting in an inability for individuals to challenge them as false. Third, algorithmic predictions can involve a preemptive intervention problem, where decisions or interventions render it impossible to determine whether the predictions would have come true. Fourth, algorithmic predictions can lead to a self-fulfilling prophecy problem where they actively shape the future they aim to forecast.

More broadly, the rise of algorithmic predictions raises an overarching concern: Algorithmic predictions not only forecast the future but also have the power to create and control it. The increasing pervasiveness of decisions based on algorithmic predictions is leading to a prediction society where individuals’ ability to author their own future is diminished while the organizations developing and using predictive systems are gaining greater power to shape the future.

Privacy and data protection law do not adequately address algorithmic predictions. Many laws lack a temporal dimension and do not distinguish between predictions about the future and inferences about the past or present. Predictions about the future involve considerations that are not implicated by other types of inferences. Many laws provide correction rights and duties of accuracy that are insufficient to address problems arising from predictions, which exist in the twilight between truth and falsehood. Individual rights and anti-discrimination law also are unable to address the unique problems with algorithmic predictions.

We argue that the use of algorithmic predictions is a distinct issue warranting different treatment from other types of inference. We examine the issues laws must consider when addressing the problems of algorithmic predictions.

Download Button

Continue Reading

Privacy Scholarship News

Privacy Scholarship News

I have a few items of scholarship news to share.

Divider 01

SSRN Downloads: A Personal Milestone

Daniel Solove SSRN 550K

I’m excited and grateful for this article discussing a milestone I reached by surpassing 500K SSRN downloads. The only other law professor with more than 500K downloads is Cass Sunstein.

Check out the article for more details.

Divider 01

Continue Reading

Webinar – AI and Privacy Collide: Why 2025 Will Rewrite the Rules Blog

Webinar AI and Privacy Collide

AI presents significant challenges to privacy. How should the clash be resolved?  This webinar covers the key events of 2024 and why 2025 will be a pivotal year for rewriting the rules for AI and privacy. We discussed conflicting regulatory trends, such as the dramatic rise of AI bills in the U.S. states, the increasing regulation of AI in the EU and around the world, and the new administration’s deregulatory agenda.

Speakers include:

 

Button Watch Webinar 02

Continue Reading