PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Upcoming Book Reading of The Eyemonger at World Bank Event

I will be speaking on May 19th at 4:30pm EST at a virtual book reading of my children’s book, THE EYEMONGER. The event is hosted by the World Bank Data Privacy Office and the World Bank Group Family Network. How to Be a Privacy Superhero: Defeating Spooky Eyes and Internet Spies Virtual Book Reading of […]

The Impact of the Schrems II Decision: An Interview with Wim Nauwelaerts

Schrems II

In Facebook Ireland Ltd. v. Maximillian Schrems (Schrems II) (July 16, 2020), the European Court of Justice (CJEU) invalidated the Privacy Shield, a widely-used method to transfer personal data from the EU to the US. The decision also put other data transfer mechanisms—Standard Contractual Clauses (SCC) and Binding Corporate Rules (BCRs)—into significant doubt. The court’s concern was the deficiency of […]

How Cyberinsurance Is Responding to Ransomware: An Interview with Ken Suh, Mark Singer, and Marcello Antonucci

Ransomware has long been a scourge, and it has been growing into a pandemic with no signs of slowing down. I recently had the opportunity to discuss ransomware with several experts at Beazley. Based in Chicago, Ken Suh is the focus group leader for cyber & tech claims at Beazley. Mark Singer is a cyber & tech […]

Ransomware and the Role of Cyber Insurance: An Interview with Kimberly Horn

hacker setting up ransomware

Ransomware has long been a scourge, and it’s getting worse. I recently had the chance to talk about ransomware and cyber insurance with Kimberly Horn, the Global Claims Team Leader for Cyber & Tech Claims at Beazley. Kim has significant experience in data privacy and cyber security matters, including guiding insureds through immediate and comprehensive responses to […]

Cartoon on Data Breach

Cartoon Data Security Breach 02 small

This cartoon is about evolution of data breaches, which began to grab headlines back in 2005, thanks in large part to California’s data breach notification law — the first of such laws.  Since that time, every state has passed breach notification laws, and there are breach notification laws sprouting up around the world.  Every day, […]

Speaking at the FTC Hearing on Data Security on December 12

12/13/18 Update: Here is the video from the session described below. On Wednesday, December 12, 2018, I’ll be speaking at the Data Security hearing, part of the FTC Hearings on Competition and Consumer Protection in the 21st Century.  My panel begins at 1:00 PM: The U.S. Approach to Consumer Data Security Wednesday, December 12, 2018 from […]

The Future of Cybersecurity Insurance and Litigation: An Interview with Kimberly Horn

Cybersecurity litigation is currently at a crossroads. Courts have struggled in these cases, coming out in wildly inconsistent ways about whether a data breach causes harm. Although the litigation landscape is uncertain, there are some near certainties about cybersecurity generally: There will be many data breaches, and they will be terrible and costly. We thus […]

Cartoon: Devils of Data Security

Cartoon Devils of Security - TeachPrivacy Security Awareness Training 02 medium

I hope you enjoy my latest cartoon about data security — a twist on the angel on one shoulder and devil on the other.  Humans are the weakest link for data security.  Attempts to control people with surveillance or lots of technological restrictions often backfire.  I believe that the most effective solution is to train […]

Cartoon: Dark Web

Cartoon Dark Web - TeachPrivacy Security Training 03 medium

I hope you enjoy my latest cartoon about passwords on the Dark Web.  These days, it seems, login credentials and other personal data are routinely stocking the shelves of the Dark Web.  Last year, a hacker was peddling 117 million LinkedIn user email and passwords. And, late last year, researchers found a file with 1.4 billion passwords […]

In re Zappos: The 9th Circuit Recognizes Data Breach Harm

Data Breach Harm and Standing: Increased Risk of Future Harm

In In re Zappos.com, Inc., Customer Data Security Breach Litigation (9th Cir., Mar. 8, 2018), the U.S. Court of Appeals for the 9th Circuit issued a decision that represents a more expansive way to understand data security harm.  The case arises out of a breach where hackers stole personal data on 24 million+ individuals.  Although […]