by Daniel J. Solove
This post was co-authored with Professor Woodrow Hartzog.
This past Tuesday the Federal Trade Commission (FTC) filed a complaint against AT&T for allegedly throttling the Internet of its customers even though they paid for unlimited data plans. This complaint was surprising for many, who thought the Federal Communications Commission (FCC) was the agency that handled such telecommunications issues. Is the FTC supposed to be involved here?
by Daniel J. Solove
Are privacy and security laws being enforced effectively? This post is post #5 of a series called Enforcing Privacy and Security Laws.
Under the Health Insurance Portability and Accountability Act (HIPAA), various organizations can be randomly selected to be audited – even if no complaint has been issued against them and even if there has been no privacy incident or breach.
What the audits thus far have revealed is quite alarming. I’ll discuss more on that later.
by Daniel J. Solove
The recent cases of Ebola in the United States demonstrate challenges to health privacy in today’s information age — both in preventing employees from snooping into patient information as well as preventing the disclosure of patient identities.
by Daniel J. Solove
Are privacy and security laws being enforced effectively? This post is post #4 of a series called Enforcing Privacy and Security Laws.
The Health Insurance Portability and Accountability Act (HIPAA) regulations govern health information maintained by various entities covered by HIPAA (“covered entities”) and other organizations that receive health information from covered entities when performing functions for them. HIPAA is enforced by the Office for Civil Rights (OCR) in the Department of Health and Human Services (HHS). Additionally, state attorneys general (AGs) may enforce HIPAA – only a few federal privacy laws can also be enforced by state AGs.
by Daniel J. Solove
Are privacy and security laws being enforced effectively? This post is post #3 of a series called Enforcing Privacy and Security Laws.
by Daniel J. Solove
Are privacy and security laws being enforced effectively? This post is post #2 in a series called Enforcing Privacy and Security Laws. See the end of this post for links to other posts in this series.
What kind of sanctions do privacy and security laws use for enforcement? In this post, I will discuss the various tools that are frequently used in the enforcement of privacy/security laws.
by Daniel J. Solove
PART 1
Are privacy and security laws being enforced effectively? This post is part of a series called Enforcing Privacy and Security Laws.
How are privacy and security laws enforced? How should they be enforced? What enforcement works well? What doesn’t? What are the various agencies that are enforcing privacy laws doing? How do the agencies compare in their enforcement efforts?
I plan to explore these questions in a series of posts. Collectively, I’ll call this series “Enforcing Privacy and Security Laws.”
“It is a sexual violation. It’s disgusting.
The law needs to be changed, and we need to change.”
— Jennifer Lawrence on her nude photos being
non-consensually disclosed online
Fairly recently, Jennifer Lawrence’s iCloud account was hacked and her private nude photos were stolen and posted online. She was mortified.
Her case is just one of many, according to Professor Danielle Citron (University of Maryland School of Law), who very recently published a book about online harassment, Hate Crimes in Cyberspace (Harvard University Press 2014).
It is a compelling and provocative book. It is a bold book. And as the recent news stories indicate, it is a book that couldn’t be more timely and more needed. One might think that online harassment is rare. Who would write such mean and vile things? What kind of person would harass Zelda Williams, the daughter of Robin Williams, who was viciously attacked online immediately after her father’s death? Even Caligula would show more humanity.
by Daniel J. Solove
After Apple announced that it wouldn’t provide law enforcement with an easy back door to access data on people’s devices, we heard loud whining coming from the FBI and various security proponents that this would be bad for security.
by Daniel J. Solove
Last week, I gave a keynote address at a conference called Safeguarding Health Information: Building Assurance through HIPAA Security, sponsored by the National Institute of Standards and Technology (NIST) and the Department of Health and Human Services (HHS), Office for Civil Rights (OCR). I’d like to summarize my remarks here for anyone interested who wasn’t able to attend.
Free newsletter with cartoons, writings, events, webinars, training, humor and whiteboards.
