By Daniel J. Solove
Co-authored with Professor Paul Schwartz
This post is part of a post series where we round up some of the interesting news and resources we’re finding. We have split the health/HIPAA material from our updates on other topics. To see our updates for other topics, click here.
For a PDF version of this post, and for archived issues of previous posts, click here.
I am a lover of literature (I teach a class in law and literature), and I also love privacy and security, so I thought I’d list some of my favorite novels about privacy and security.
I’m also trying to compile a more comprehensive list of literary works about privacy and security, and I welcome your suggestions.
By Daniel J. Solove
Co-authored by Professor Paul Schwartz
This post is part of a post series where we round up some of the interesting news and resources we’re finding. This post includes developments from the first part of 2015. For a PDF version of this post, and for archived issues of previous posts, click here.
NOTE: Health privacy and security issues will now be covered in a separate update post.
By Daniel J. Solove
The U.S. Court of Appeals for the 2nd Circuit just issued a 97-page ruling limiting the NSA’s power to sweep up data about people’s phone calls. The case is ACLU v. Clapper, and the court held that the USA Patriot Act Section 215 doesn’t authorize the kind of sweeping collection of phone call metadata that the NSA has been engaging in. The court’s holding is limited to statutory interpretation — the scope of data collection authorized by Section 215. The court doesn’t base its holding on the Fourth Amendment, though it does note the uncertain status of current Fourth Amendment law.
The bottom line is that the NSA has been gathering a lot more data than it has been authorized to gather.
. . . the Empire would have won. A search of records would have revealed where Luke Skywalker was living on Tatooine. A more efficient collection and aggregation of Jawa records would have located the droids immediately. Simple data analysis would have revealed that Ben Kenobi was really Obi Wan Kenobi. A search of birth records would have revealed that Princess Leia was Luke’s sister. Had the Empire had anything like the NSA, it would have had all the data it needed, and it could have swept up the droids and everyone else, and that would have been that.
There is an important lesson to be learned from Star Wars: If you are trying to establish and maintain a ruthless Empire, you can greatly benefit from better data aggregation and analysis.
By Daniel J. Solove
Law firms are facing grave privacy and security risks. Although a number of firms are taking steps to address these risks, the industry as a whole needs to grasp the severity of the risk. For firms, privacy and security risks can be significantly higher than for other organizations. Incidents can be catastrophic. On a scale of 1 to 10, the risks law firms are facing are an 11.
This is not time for firms to keep calm and carry on. The proper response is to freak out.
By Daniel J. Solove
Once upon a time, there was a teacher who wanted to train people. At first, the teacher stated a list of things to do and not do. But this had little effect. The teacher was upset and started to doubt whether he could ever get through to people. But then the teacher tried a new approach – using stories. People remembered the stories, and the training started to change people’s behavior. And the teacher and everyone he taught lived happily ever after.
By Daniel J. Solove
This post is co-authored by Professor Neil Richards
The recent case of Google v. Vidal-Hall in the UK has generated quite a buzz, with Omer Tene calling it the “European privacy judicial decision of a decade.”
The case illustrates several fascinating aspects of the developing global law of privacy, with big implications for online marketing, Big Data, and the Internet of Things.
At first blush, it is easy to see the case as one more divergence between how privacy is protected in the EU and US, with a European Court once again showing how much eager it is to protect privacy than an American one. But the biggest takeaway from the case is not one of divergence; it is one of convergence!
By Daniel J. Solove
When you go to the hospital, you might worry about catching a staph infection or pneumonia, but you should also worry about contracting a nasty case of medical identity theft. Most people suffer significant harm from medical ID theft, and few are completely cured. This ailment is spreading dramatically as data spurts out of healthcare organizations these days as if from a ruptured aorta.
In January of this year, an article citing U.S. Department of Health and Human Services (HHS) statistics noted that in the past 5 years, there have been roughly 120,000 reported data breaches involving HIPAA protected health information. These breaches have involved more than 31 million individuals.
By Daniel J. Solove
Does scholarship really have an impact? For a long time, naysayers have attacked scholarship, especially scholarship about law. U.S. Supreme Court Chief Justice Roberts once remarked: “Pick up a copy of any law review that you see, and the first article is likely to be, you know, the influence of Immanuel Kant on evidentiary approaches in 18th Century Bulgaria, or something.” He noted that when the academy addresses legal issues at “a particularly abstract, philosophical level . . . they shouldn’t expect that it would be of any particular help or even interest to the members of the practice of the bar or judges.” Judge Harry Edwards also has attacked legal scholarship as largely irrelevant.