PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

2024 Highlights: Privacy and AI Scholarship

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
December 18, 2024

Highlights 2024 Privacy and AI Scholarship

Here’s a roundup of my scholarship for 2024. But first, a preview of my forthcoming book (Feb 2025):

ON PRIVACY AND TECHNOLOGY

(Oxford University Press) – Available for Pre-Order

On Privacy and Technology

From the book jacket:

Succinct and eloquent, On Privacy and Technology is an essential primer on how to face the threats to privacy in today’s age of digital technologies and AI.

With the rapid rise of new digital technologies and artificial intelligence, is privacy dead? Can anything be done to save us from a dystopian world without privacy?

In this short and accessible book, internationally renowned privacy expert Daniel J. Solove draws from a range of fields, from law to philosophy to the humanities, to illustrate the profound changes technology is wreaking upon our privacy, why they matter, and what can be done about them. Solove provides incisive examinations of key concepts in the digital sphere, including control, manipulation, harm, automation, reputation, consent, prediction, inference, and many others.

Compelling and passionate, On Privacy and Technology teems with powerful insights that will transform the way you think about privacy and technology.

Continue Reading

Why Individual Rights Can’t Protect Privacy

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
December 17, 2024

Why Individual Rights Can't Protect Privacy

Today, the California Privacy Protection Agency (CPPA) published a large advertisement in the San Francisco Chronicle encouraging people to exercise their privacy rights. “The ball is in your court,” the ad declared. (H/T Paul Schwartz)

CPPA ad in the SF Chronicle on individual privacy rights. Photo by Paul Schwartz.

Continue Reading

FERPA & School Privacy

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
December 17, 2024

FERPA & School Privacy

When it comes to privacy issues, schools are in the Dark Ages. I cannot think of any other industry that is so far behind.

Unfortunately, education privacy often exists below the radar, and this area hasn’t received the attention it needs.

The scope of coverage of the Family Educational Rights and Privacy Act (FERPA) is a challenging issue. It does not cover all information about students. Nor does it cover all information about people that a school maintains. In this newsletter I have gathered some resources on this topic.

Divider 01Continue Reading

Webinar – Privacy Under the Trump Administration

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
December 13, 2024

Webinar: Privacy Under The Trump Administration

In this webinar, we discuss how privacy issues will fare under the upcoming Trump 2.0 Administration. What will the impact be on FTC privacy enforcement and the FTC surveillance rulemaking effort? How will HIPAA enforcement be affected? Is a federal privacy law more or less likely? What will happen to AI policy? What other privacy issues and policy developments are on the horizon?

Speakers include:

Button Watch Webinar 02

Continue Reading

The Tyranny of Algorithms

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
December 8, 2024

We live today increasingly under the tyranny of algorithms. They rule over us. They shape what we say and how we interact with each other. They shape behavior. They affect whether people get jobs and other essential things in life. And algorithms kill people.

Algorithms work behind the curtains, cloaked in secrecy, often unaccountable.

Algorithmic Predictions about Human Behavior

Yuki Matsumi and I wrote about the dangers of algorithmic predictions in The Prediction Society: AI and the Problems of Forecasting the Future, 2025 U. Ill. L. Rev. (2025). We argue that algorithms that attempt to forecast the future and impede human autonomy in the process.

Increasingly, algorithmic predictions are used to make decisions about credit, insurance, sentencing, education, and employment. We contend that algorithmic predictions are being used “with too much confidence, and not enough accountability. Ironically, future forecasting is occurring with far too little foresight.”

We contend that algorithmic predictions “shift control over people’s future, taking it away from individuals and giving the power to entities to dictate what people’s future will be.” Algorithmic predictions do not work like a crystal ball, looking to the future. Instead, they look to the past. They analyze patterns in past data and assume that these patterns will persist into the future. Instead of predicting the future, algorithmic predictions fossilize the past. We argue: “Algorithmic predictions not only forecast the future; they also create it.”

Prediction Society - Algorithms and the Problems of Forecasting the Future 08

Additionally, we contend: “Algorithms are not adept at handling unexpected human swerves. For an algorithm, such swerves are noise to be minimized. But swerves are what make humanity different from machines.”

Continue Reading

Cybersecurity and Privacy Resources

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
December 4, 2024

Cybersecurity and Privacy resources

Here are some great cybersecurity and privacy resources.

Continue Reading

Notable Privacy and Security Books 2024

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
November 29, 2024

Here are some notable books on privacy and security from 2024. To see a more comprehensive list of nonfiction works about privacy and security for all years, Professor Paul Schwartz and I maintain a resource page on Nonfiction Privacy + Security Books.

Continue Reading

Information Fiduciaries and Privacy

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
November 26, 2024

Information Fiduciaries and Privacy 02 JPEG

Information fiduciaries have emerged as a major part of the discussion of privacy regulation.  In a nutshell, the information fiduciaries approach aims to apply aspects of fiduciary law to the companies that collect and use our personal data. As one court explained the fiduciary relationship: “A fiduciary relationship is one founded on trust or confidence reposed by one person in the integrity and fidelity of another.  Out of such a relation, the laws raise the rule that neither party may exert influence or pressure upon the other, take selfish advantage of his trust, or deal with the subject matter of the trust in such a way as to benefit himself or prejudice the other except in the exercise of utmost good faith.”  Mobile Oil Corp. v. Rubenfeld, 339 N.Y.S.2d 623, 632 (1972).

The earliest proponent of the idea of viewing companies as information fiduciaries was the late Ian Kerr in 2001, who noted that “some service provider-user relationships display all of the constituent elements of a fiduciary relationship.” See Ian Kerr, The Legal Relationship Between Online Service Providers and Users, 35 Can. Bus. L.J. 419 (2001).

Cover - Digital Person 01In 2004, in my book, The Digital Person: Technology and Privacy In the Information Age (NYU Press 2004) (Amazon) (free digital copy on SSRN), argued that concepts from the law of fiduciary relationships should be applied to situations involving data privacy. (pp. 101-104). I contended that “the law should hold that companies collecting and using our personal information stand in a fiduciary relationship with us.”  I contended that “If our relationships with the collectors and users of our personal data are redefined as fiduciary ones, then this would be the start of a significant shift in the way the law understands their obligations to us. The law would require them to treat us in a different way—at a minimum, with more care and respect. By redefining relationships, the law would make a significant change to the architecture of the information economy.” (p. 104).

Continue Reading

Digital Dossiers and the Aggregation Effect

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
November 25, 2024

Digital Person 03

Cover - Digital Person 01This year is the 20th anniversary of my first book, The Digital Person: Technology and Privacy In the Information Age (NYU Press 2004) (Amazon) (free digital copy on SSRN). I thought that it would be a great opportunity to engage in a reflection on some of the points I discussed in the book.  Apologies for the self-indulgence.

The key theme in The Digital Person is about the rise of what I call “digital dossiers” – the extensive repositories of personal data about us that are collected and used by large organizations. The government and private industry propelled each other into the digital age and beyond through the collection and use of personal data. At the time I wrote, the story culminated with the rise of the internet. Since that time, new technologies have taken the spotlight – AI, Big Data, smart phones, the Internet of Things, social media, and much more. The book is so old that my publisher long ago allowed me to post the entire digital version online for free. And yet, the basic problems and ideas discussed in the book largely remain the same. There are new chapters in the story, but its direction has been quite predictable. I could practically reissue the book with a new preface that says “I told you so.”

Continue Reading

Cartoon – Notice and Choice

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
November 17, 2024

Cartoon Notice and Choice 02a JPEG

Here’s a new cartoon on the notice-and-choice approach to privacy — the way that many U.S. privacy laws regulate.  Sadly, most of the state laws are based on notice and choice.

Here are some of my recent writings critiquing the notice-and-choice approach:

 

Do you want to use this cartoon in presentations, classes, or newsletters?
Click here to license this cartoon. 

Continue Reading