PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Speaking at Privacy Week Event of the Philippines National Privacy Commission

Privacy Week Event by the National Privacy Commission of the Philippines

On May 28, 2021, at 9:30 AM Philippine time (Thursday, May 27 at 8:30 PM Eastern), I will be speaking about “The Myth of the Privacy Paradox” at the Philippines Privacy Week event put on by the Philippines National Privacy Commission (NPC).

My talk will be moderated by Jon Bello, a partner at Medialdea Bello and Suarez Law Offices.

If you’re interested in attending, you can register here.

Continue Reading

Privacy Laws Around the World

Worldwide Privacy Law Project

I am creating courses and whiteboards (1-page summaries) about privacy laws of world countries. I am making a few whiteboards available for free.

Each whiteboard is a 1-page visual summary of a country’s main privacy law. Check them out here!

Colombia Privacy Law Mexico Privacy Law Turkey Privacy Law

Continue Reading

Privacy+Security Forum: May 24-26, 2021

Privacy+Security Forum

Register now for the Privacy+Security Forum Spring Academy (May 24-26, 2021). Our event will be virtual.

We have a great lineup of speakers and keynotes.

We are also going to be using a great new networking platform so you can catch up with friends at virtual tables.

I hope you can join us!

Continue Reading

Video: Dark Patterns – A Conversation with Elkina, Ross, and Solove

Dark Patterns LI Live 03

Please check out the conversation I had with Alexandra Ross and Elena Elkina about dark patterns.

A “dark pattern” is a term coined in 2010 by  Harry Brignull, who defined it as “a user interface that has been carefully crafted to trick users into doing things, such as buying insurance with their purchase or signing up for recurring bills.” The California Privacy Rights Act (CPRA) defines a “dark pattern” as  “a user interface designed or manipulated with the substantial effect of subverting or impairing user autonomy, decision-making, or choice, as further defined by regulation.”

Elena is a co-founder of Aleada Consulting, a woman and minority owned privacy consulting firm in Silicon Valley which helps clients a wide array of important privacy matters (data mapping, DPIAs, DSARs, compliance with HIPAA, CCPA, GDPR, etc.). Alexandra is Director, Senior Data Protection, Use & Ethics Counsel at Autodesk. She is also the founder of The Privacy Guru.

For more background about dark patterns, please see my recent post for Dark Patterns Reading List and Resources. In this post, I provide a list of useful articles, writings, websites, videos, and other resources on dark patterns.

Also check out Elena’s blog post about dark patterns and the CPRA: New Privacy Regulations – California’s Dark Patterns Ban

Continue Reading

Upcoming LinkedIn Live Conversation on Dark Patterns

LinkedIn Live Conversation on Dark Patterns

I will be having a LinkedIn Live session on Tuesday, May 11, at 1 PM Eastern:

Dark Patterns: A Conversation with Elena Elkina, Alexandra Ross,
and Daniel Solove

Tuesday, May 11 at 1 PM Eastern

I’ll be speaking with:

Elena Elkina

Elena is a a co-founder of Aleada Consulting, a woman and minority owned privacy consulting firm in Silicon Valley which helps clients a wide array of important privacy matters (data mapping, DPIAs, DSARs, compliance with HIPAA, CCPA, GDPR, etc.).

Alexandra Ross

Alexandra is Director, Senior Data Protection, Use & Ethics Counsel at Autodesk.

Watch it here. It’s free.

UPATE: The video is archived here.

Continue Reading

Upcoming Book Reading of The Eyemonger at World Bank Event

I will be speaking on May 19th at 4:30pm EST at a virtual book reading of my children’s book, THE EYEMONGER.

The event is hosted by the World Bank Data Privacy Office and the World Bank Group Family Network.

How to Be a Privacy Superhero: Defeating Spooky Eyes and Internet Spies
Virtual Book Reading of The Eyemonger
Wed, May 19, 2021, from 4:30 PM to 5:30 PM EST

To attend, RSVP here. After you RSVP, a Zoom link will be sent to you.

If you’re interested in children’s privacy, I created a page of resources about children’s privacy for educators and parents here.

Continue Reading

Talking to Kids About Privacy Event

FPF and Common Sense Media Event - Talking to Kids About Privacy
I will be speaking at an event organized by the Future of Privacy Forum (FPF) and Common Sense Media about talking to kids about privacy.  There is a great lineup of speakers.

Talking to Kids About Privacy
May 13 from 12:00-1:00 Eastern

The event site is here. You can register here.

Speakers

  • Rob Girling, Co-Founder, Artefact Group
  • Sonia Livingstone, Professor of Social Psychology, London School of Economics and Political Science (LSE)
  • Kelly Mendoza, Vice President, Education Programs, Common Sense Media
  • Anna Morgan, Head of Legal, Deputy Commissioner, Irish Data Protection Commission (DPC)
  • Daniel Solove, Professor of Law, George Washington University Law School; Founder, TeachPrivacy

Moderator

  • Amelia Vance, Director, Youth and Education Privacy, Future of Privacy Forum (FPF)

If you’re interested in children’s privacy, I created a page of resources about children’s privacy for educators and parents here.

Continue Reading

Podcast Interview with Information and Privacy Commissioner of Ontario on Privacy and Children

Teaching kids about privacy

On this podcast, Info Matters, I chat with Patricia Kosseim, Information and Privacy Commissioner (IPC) of Ontario, Canada about kids and privacy and my children’s book on privacy, THE EYEMONGER.

Episode Summary: Parents, kids, teachers, this one’s for you! Explaining privacy in a way that kids can understand — concepts and tools you can use to start discussing this very important topic from a young age. Conversation with international privacy expert Daniel Solove with highlights from his children’s book The Eyemonger.

If you’re interested in children’s privacy, I created a page of resources about children’s privacy for educators and parents here.

Continue Reading

Dark Patterns Reading List and Resources

Dark Patterns List of Resources

Dark patterns are starting to receive increased regulatory attention, which is a welcome development in the evolution of privacy law. Here’s a dark patterns resource and reading list.

What Are “Dark Patterns”?

Harry Brignull coined the term “dark pattern” in 2010, defining it as “a user interface that has been carefully crafted to trick users into doing things, such as buying insurance with their purchase or signing up for recurring bills.” He now has a site devoted to dark patterns.

Regulating Dark Patterns

Dark patterns are increasingly becoming a focus of regulation. Regulators have long been reluctant to regulate technological design, but increasingly the reality is becoming clear: To effectively protect privacy, design must be regulated. The term “dark patterns” is catching on, and regulators are increasingly emboldened to regulate. It’s far more palatable to try to stop “dark patterns” than it is to restrict certain “technological designs.”

Under the California Privacy Rights Act (CPRA), the use of dark patterns to obtain consent will render consent invalid. A dark pattern is “a user interface designed or manipulated with the substantial effect of subverting or impairing user autonomy, decision-making, or choice, as further defined by regulation.” The privacy bill pending in the State of Washington seeks to restrict dark patterns. The FTC will be holding a dark patterns workshop later this month.

Dark Patterns Reading List and Resources

Here’s a list of resources about dark patterns that are worth attention:

Continue Reading

Cartoon: Data Ethics

Cartoon Data Ethics - TeachPrivacy Privacy Training 01 small

This cartoon is about “data ethics,” a term for when companies make an effort to review the ethical ramifications of their activities involving personal data. I generally applaud looking at ethics broadly because it avoids being unduly constrained in its focus by narrow conceptions of privacy.  But there often isn’t sufficient rigor in the analysis of data ethics.

Ultimately, companies are formed to make a profit. We must not forget their true nature. A tiger can snuggle with you like a kitten, but it is still a tiger. Corporations can act ethically, but their nature is to make profits. When profits conflict with ethics, it’s hard for companies to resist the pull of their nature. This is why regulation is a necessity.

We should reward companies for acting ethically. But just as with the snuggly tiger, we shouldn’t ever let our guard down.

Continue Reading