Here are some of highlights of my privacy training, writing, resources, and humor from 2019.
2019 Highlights in Privacy Training, Writing, Resources, and Humor
- SHARE:
-
-
-
-
Top 10 Privacy Law Developments of the Decade 2010-2019
It is an understatement to say that a lot has happened in privacy law during the past decade. Here is my list of the most notable developments.
NOTE: I am giving a particular emphasis to what I find to be notable from a United States perspective. What is notable privacy law depends upon where one is situated. For example, if one is from a small country, that country’s developments are quite notable even if not well-known on a worldwide stage.
- SHARE:
-
-
-
-
What Should Privacy Awareness Training Include?
Privacy awareness training educates an organization’s workforce about the way that the organization protects privacy and the workforce’s role in this endeavor. In this post, I explain what privacy awareness training should include. Privacy awareness training typically covers the following things:
- SHARE:
-
-
-
-
CCPA FAQ
I am pleased to announce my new CCPA FAQ that covers all the key details of the California Consumer Protection Act.
- SHARE:
-
-
-
-
Notable Privacy and Security Books 2019
Here are some notable books on privacy and security from 2019. To see a more comprehensive list of nonfiction works about privacy and security, Professor Paul Schwartz and I maintain a resource page on Nonfiction Privacy + Security Books.
- SHARE:
-
-
-
-
Cartoon: Facial Recognition
Facial recognition technology involves using algorithms to identify people based on their faces. Distinctive details about people’s faces are compiled into “face templates,” which are then stored in a database and used to find facial matches,
Facial recognition is quickly being deployed by many companies for various purposes, such as authenticating identity (unlocking smart phones) and identifying people in photos. Other uses include using the data to track people’s location and behavior. Facial recognition technology also can detect people’s emotions – an ability that could be used to manipulate people.
- SHARE:
-
-
-
-
An Open Letter to Law School Deans about Privacy Law Education in Law Schools
UPDATE: A follow-up letter was sent to all U.S. law school deans in 2023. Read more about the follow-up letter here.
Recently a group of legal academics and practitioners in the field of privacy law sent a letter to the deans of all U.S. law schools about privacy law education in law schools. My own brief intro about this endeavor is here in italics, followed by the letter. The signatories to the letter have signed onto the letter, not this italicized intro.
Although the field of privacy law grown dramatically in past two decades, education in law schools about privacy law has significantly lagged behind. Most U.S. law schools lack a course on privacy law. Of those that have courses, many are small seminars, often taught by adjuncts. Of the law schools that do have a privacy course, most often just have one course. Most schools lack a full-time faculty member who focuses substantially on privacy law.
This state of affairs is a great detriment to students. I am constantly approached by students and graduates from law schools across the country who are wondering how they can learn about privacy law and enter the field. Many express great disappointment at the lack of any courses, faculty, or activities at their schools.
- SHARE:
-
-
-
-
Cartoon: The Travails of CCPA Compliance
This cartoon depicts the travails of complying with the CCPA as it rapidly evolves. The CCPA originated when a referendum regarding consumer privacy rights was scheduled to be on the ballot in November 2018. Alastair Mactaggart, the referendum’s sponsor, offered to withdraw it if California passed a law. So, in the summer of 2018, the California legislature passed the CCPA in an all-out dash to beat the deadline for the referendum’s withdrawal
Businesses scrambled to get ready to comply for the CCPA’s effective date – January 2020. Being ready to comply with the CCPA requires quite a lot of work. Further complicating compliance, the CCPA is riddled with ambiguities and difficult tradeoffs between privacy and data security.
- SHARE:
-
-
-
-
Cartoon: Social Media
It is hard to imagine a world without social media. People are increasingly relying on social media to maintain friendships, share photos and happenings with family, and keep current with the news. But there’s a dark side – more superficial relationships, cyberbullying, harassment, hate speech, and manipulation. Social media has become a cesspool of lies and misinformation campaigns, a place where radicalized hate groups can spread their venom, recruit more members, and rally their followers to attack.
Several prominent social media sites are struggling to figure out what to do. In the early days of the commercial Internet (mid 1990s through early 2000s), idealists pushed a vision of the Internet as a free speech zone. Bad speech would be countered and beaten by good speech, lies would be defeated by truth, and freedom and happiness would reign. Platforms could just remain neutral and rarely intervene. They could mainly let the battles be fought, with the faith that eventually the forces of good would win out over the forces of evil.
But this view is naive. We have seen in the past 10-15 years that lies, hate, harassment, defamation, invasion of privacy, and many other social ills are festering online. Social media platforms must wake up and realize that the earlier idealism isn’t the direction reality is taking us. A position of neutrality isn’t appropriate. Platforms must intervene more; they must govern.
Social media platforms currently lack much experience and skill with governance. They don’t have enough personnel who have the background to formulate wise rules, procedures, and due process. But the call for platforms to govern is increasing in volume, and they can’t keep avoiding it. This is why social media companies should start hiring more people in the humanities, who often have a background in thinking about complicated moral and philosophical issues.
- SHARE:
-
-
-
-
Cartoon: Data Use and Transparency
Wouldn’t it be nice if companies were completely transparent in their privacy notices? Typically, privacy notices are filled with long clunky prose that manages to say hardly anything meaningful to consumers. These notices are written by lawyers who carefully craft every sentence so that they won’t pin down a company. The drafters of privacy notices do this because it is difficult to anticipate all the uses of personal data that might be fruitful in the future. Companies want to avoid making promises that are too limiting of how they might use personal data. This could tie their hands in the future, making them less nimble in the dynamic and fast-paced world of business in the digital age.
From a business standpoint, having greater room to use personal data in different ways is a great benefit. From a consumer standpoint, consumers are not adequately informed about how their data is being used.
Additionally, companies often have many different things going on with personal data, and there frequently isn’t a strong enough central command structure to oversee everything that’s happening. Companies aren’t evil in all of this, but the interests of companies and those of consumers are often not fully aligned.
- SHARE:
-
-
-
-