PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Lawsuits for Wrongful Data Collection – Biometric Data and Beyond: An Interview with Katherine Heaton and Amanda Thai

Lawsuits for Wrongful Data Collection

Powered by recent privacy laws, lawsuits for wrongful data collection have been rapidly increasing. The result is a growing body of caselaw, many unanswered questions, and a new landscape for companies to navigate.

I recently had the opportunity to discuss the expanding number of wrongful collection lawsuits with several experts at Beazley. Based in Denver, Katherine Heaton is the Focus Group Leader for Cyber Services and InfoSec at Beazley. Amanda Thai is a Cyber TPL Specialist in Beazley’s New York office.

Continue Reading

Cartoon – Phishing Emails

Cartoon Phishing Email - TeachPrivacy Data Security Training 02 small

This cartoon involves a common phishing scam – the inheritance email. For decades, phishers have been sending out the same email scams. One would think that after a while, people would learn about the common scams, and they wouldn’t work anymore. Unfortunately, people keep falling for the same scams over and over again.  Even a very low response rate still works for hackers because they send out their email messages so widely.

Continue Reading

Webinar – Privacy and Innovation: Strategies for Privacy Analyses of New Technologies

If you couldn’t make it to my webinar to discuss privacy and innovation, you can watch the replay here.   David Keating (Alston & Bird), Ashley Massengale (Porsche) and Nameir Abbas (Okta), and I discussed practical approaches and tips for assessments of new technologies under privacy regulatory standards.

Button Watch Video 01

Continue Reading

Webinar: Cross-Border Data Transfers: What’s Next?

Webinar Cross-Border Data Transfers 03

 

If you couldn’t make my webinar to discuss cross-border data transfers, you can watch the replay here. Justin Antonipillai of Wirewheel, Josh Harris of BBB National Programs and I discussed the new framework between the US and the EU for cross-border data transfers as well as the CBPRs.  We also discussed steps that companies should take today and what to expect in the future.

Button Watch Video 01

 

 

Continue Reading

The Best Books About Privacy

Best Privacy Books

I was invited by Shepherd to list my recommendations for the 5 best books about privacy. Shepherd is a site that posts lists of best books recommended by experts about various topics. It has excellent lists.

I was delighted to have the chance to share my admiration for superb books by Woodrow Hartzog, Danielle Citron, Neil Richards, Anita Allen, and Ari Waldman. There are many other excellent books about privacy, but I was asked to list just 5, so I had to exclude many other very worthy works.

Best Privacy Books 02

Best Privacy Books Covers

At my list of best privacy books at Shepherd, I describe how I became interested in the privacy field, and I provide short explanations for why I chose each book.

Continue Reading

Key Quotes from BREACHED!

Breached - Solove and Hartzog 11

Professor Woodrow Hartzog and I selected some key quotes from our new book, BREACHED! WHY DATA SECURITY LAW FAILS AND HOW TO IMPROVE IT (Oxford University Press 2022).

The Law’s Obsessive and Unproductive Focus on Data Breaches

“Too much of the current law of data security places the breach at the center of everything. Turning data security law into the “law of breaches” has the effect of over-emphasizing the conduct of the breached entities while ignoring the other actors and factors that contributed to the breach.” (p. 11)

“Data security law has an unhealthy obsession with data breaches. This obsession has, ironically, been the primary reason why the law has failed to stop the deluge of data breaches. The more obsessed with breaches the law has become, the more the law has failed to deal with them.” (p. 39)

“Breaches are already very costly and painful, so when regulators come along and add a little more to the pain, it often is not a game changer. This is especially true because the penalties are often far smaller than the overall costs of the breach.” (p. 55)

Data Security Is a Delicate Balance

“Current data security rules fail to address risk effectively. In many circumstances, the law penalizes breaches with little regard to considerations of risk and balance. Other times, the law levies no penalty against organizations even though their actions created enormous unwarranted risks.” (p. 12)

Continue Reading

Interview: Training Your Company on Privacy and Security Laws

Training Your Company on Privacy and Security Laws

Here is a recording of my interview with Jodi & Justin Daniels of Red Clover Advisors with their series, She Said Privacy/He Said Security,

In this interview I discuss how to educate your team on data privacy and security. I also reveal how to lead engaging training sessions on privacy laws, the different types of privacy laws that employees should be aware of, and tips and tricks on personal security and privacy.

Button Watch Video 01

 

Continue Reading

Video Recording of Debate with Professor Jane Bambauer on State Privacy Laws and the Uniform Personal Data Protection Act

Debate Solove Bambauer 04

Here is the recording of my debate with Prof. Jane Bambauer. We discussed state privacy laws and the pros and cons of the Uniform Law Commissions model privacy law, the Uniform Personal Data Protection Act (UPDPA).

Button Watch Video 01

Related Posts

A Critique of the Uniform Law Commission’s Uniform Personal Data Protection Act

ALI Data Privacy: Overview and Black Letter Text

Continue Reading

An Overview of Privacy Law in 2022

Free download of Chapter 1 of PRIVACY LAW FUNDAMENTALS (6th ed. 2022)

An Overview of Privacy Law

The chapter covers the types of privacy law, provides a list of US federal privacy laws, and includes an historical timeline of major developments in privacy law.

Continue Reading