PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Facebook’s Psych Experiment: Consent, Privacy, and Manipulation

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
July 7, 2014

facebook psych blog 1

by Daniel J. Solove

This weekend, the results of an experiment conducted by researchers and Facebook were released, creating a fierce debate over the ethics of the endeavor. The experiment involved 689,003 people on Facebook whose News Feed was adjusted to contain either more positive or more negative emotional content. The researchers were looking for whether this had an effect on these people’s moods. And it did, albeit a small one. People exposed to more positive content had posts that were more positive, and those exposed to more negative content had posts that were more negative. This was measured by the types of words they used.

The experiment launched a fierce response from critics, some of whom decried it as unethical and creepy. In my view, it isn’t productive to castigate Facebook or the researchers, as the problems here emerge from some very difficult unresolved issues that go far beyond this experiment and Facebook. I want to explore these issues, because I’m more interested in making progress on these issues than on casting stones.

Continue Reading

Privacy and Data Security Violations: What’s the Harm?

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
July 2, 2014

privacy and data security violation blog 1

by Daniel J. Solove

“It’s just a flesh wound.”

Monty Python and the Holy Grail

Suppose your personal data is lost, stolen, improperly disclosed, or improperly used. Are you harmed?

Suppose a company violates its privacy policy and improperly shares your data with another company. Does this cause a harm?

In most cases, courts say no. This is the case even when a company is acting negligently or recklessly. No harm, no foul.

Continue Reading

Does the U.S. Supreme Court’s Decision on the 4th Amendment and Cell Phones Signal Future Changes to the Third Party Doctrine?

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
July 2, 2014

T

by Daniel J. Solove

Today, the U.S. Supreme Court handed down a decision on two cases involving the police searching cell phones incident to arrest. The Court held 9-0 in an opinion written by Chief Justice Roberts that the Fourth Amendment requires a warrant to search a cell phone even after a person is placed under arrest.

The two cases are Riley v. California and United States v. Wurie, and they are decided in the same opinion with the title Riley v. California. The Court must have chosen toname the case after Riley to make things hard for criminal procedure experts, as there is a famous Fourth Amendment case called Florida v. Riley, 488 U,S, 445 (1989), which will now create confusion whenever someone refers to the “Riley case.”

Continue Reading

Being a Juror Can Result in a Huge Loss of Privacy

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
June 30, 2014

being a juror blog 1

by Daniel J. Solove

For trial attorneys, a key component to winning is carefully selecting people for the jury and tailoring arguments to best influence, nudge, or perhaps even manipulate jurors into reaching a particular verdict. As a result, there is a hunger to learn about the private lives of jurors, and serving on a jury can entail a huge loss of privacy.

Continue Reading

How the FTC Can Readily Halt Identity Theft

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
June 16, 2014

ftc halts identity theft blog 1

by Daniel J. Solove

Identity theft is terrible crime, and it can wreak havoc on victims’ lives. In an identity theft, the thief uses a victim’s personal information to improperly access accounts, obtain credit in the victim’s name, or impersonate the victim for other purposes.

But there is an effective way to stop a lot of identity theft, and the legal framework is already in place to do it. In a relatively short time, the Federal Trade Commission (FTC) could prevent a significant amount of identity theft – perhaps even a majority of it – and no new laws need to be passed.

I know that it might be hard to believe – as hard to believe as a suitcase filled with a million dollars just sitting abandoned on the sidewalk – but it is quite true.

Before I explain how, I need to provide some background.

Continue Reading

Is the Right to Be Forgotten Good or Bad? This Is the Wrong Question

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
May 29, 2014

right to be forgotten good or bad blog 1

by Daniel J. Solove

Is the right to be forgotten good or bad?

This is the question many are asking these days in light of the recent EU Court of Justice (ECJ) decision that requires search engines such as Google to remove personal data from search results when people request it. (For more background, I wrote about the ECJ decision last week.)

After the decision was released, critics attacked the right to be forgotten as impractical, undesirable, and antithetical to free speech.

Continue Reading

What Google Must Forget: The EU Ruling on the Right to Be Forgotten

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
May 20, 2014

 

google right to be forgotten blog 1

by Daniel J. Solove

In a momentous decision, the EU Court of Justice has ruled in favor of a Spanish man who sought to have links to his personal data removed from Google search results. Under what has become known as the “right to be forgotten,” EU citizens have a right to the deletion of certain personal data under the EU Data Protection Directive.

The EU Court of Justice has concluded that “the operator of a search engine is obliged to remove from the list of results displayed following a search made on the basis of a person’s name links to web pages, published by third parties and containing information relating to that person, also in a case where that name or information is not erased beforehand or simultaneously from those web pages, and even, as the case may be, when its publication in itself on those pages is lawful.”

Continue Reading

6 Lessons from the Costliest HIPAA Settlement to Date

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
May 20, 2014

Costliest HIPAA Settlement blog 1

by Daniel J. Solove

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently announced the costliest HIPAA settlement to date — a $4.8 million settlement with New York and Presbyterian Hospital (NYP) and Columbia University (CU). The case involved the disclosure of protected health information on the Internet. Here are some lessons from this latest case:

Continue Reading

Snapchat and FTC Privacy and Security Consent Orders

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
May 19, 2014

snapchat and ftc blog 1

by Daniel J. Solove

Co-authored by Woodrow Hartzog

snapchat and ftc blog 2

The Federal Trade Commission (FTC) recently entered into a consent order with the media service Snapchat for not living up to its promises about how it maintains the privacy and security of user’s data. The FTC order prohibits Snapchat from “misrepresenting the extent to which it maintains the privacy, security, or confidentiality of users’ information” and requires the company “to implement a comprehensive privacy program that will be monitored by an independent privacy professional for the next 20 years.”

Continue Reading

Big Data and Our Children’s Future: On Reforming FERPA

Daniel Solove     @daniel-solove.bsky.social
Founder of TeachPrivacy
May 14, 2014

Double check

by Daniel J. Solove

Last week, the White House released its report, Big Data: Seizing Opportunities, Preserving Values. My reaction to it is mixed. The report mentions some concerns about privacy with Big Data and suggests some reforms, but everything is stated so mildly, in a way designed to please everyone. The report is painted in pastels; it finesses the hard issues and leaves specifics for another day. So it is a step forward, which is good, but it is a very small step, like a child on a beach reluctantly dipping a toe into ocean.

Continue Reading