PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

OPM Data Breach Fallout, Fingerprints, and Other Privacy + Security Updates

By Daniel J. Solove Co-authored by Professor Paul Schwartz This post is part of a post series where we round up some of the interesting news and resources we’re finding. For a PDF version of this post, and for archived issues of previous posts, click here. We cover health issues in a separate post. News […]

Security Experts Critique Government Backdoor Access to Encrypted Data

by Daniel J. Solove In a recent report (link no longer available), MIT security experts critiqued calls by government law enforcement for backdoor access to encrypted information.  As the experts aptly stated: “Political and law enforcement leaders in the United States and the United Kingdom have called for Internet systems to be redesigned to ensure […]

Mr. Robot: My Review of the New TV Series

by Daniel J. Solove I’ve really been enjoying the new TV series Mr. Robot on USA. Network.  It presents highly-engaging depictions of hacking and social engineering, and it is great entertainment for privacy and security  geeks. The protagonist is Elliot Alderson (played by Rami Malek), a tech who works at a cybersecurity firm in New York City.  […]

The OPM Data Breach: Harm Without End?

By Daniel J. Solove The recent breach of the Office of Personnel Management (OPM) network involved personal data on millions of federal employees, including data related to background checks. OPM is now offering 18 months of free credit monitoring and identity theft insurance to victims. But as experts note in a recent Washington Post article, […]

Boards of Directors Must Grapple with Privacy and Cybersecurity

By Daniel J. Solove Privacy and cybersecurity have become issues that should be addressed at the board level. No longer minor risks, privacy and cybersecurity have become existential issues. The costs and reputational harm of privacy and security incidents can be devastating. Yet not enough boards are adequately engaged with these issues. According to a […]

Big Data, Big Data Breaches, Big Fines and Other Privacy + Security Updates

By Daniel J. Solove Co-authored by Professor Paul Schwartz This post is part of a post series where we round up some of the interesting news and resources we’re finding. This post includes developments from the first part of 2015. For a PDF version of this post, and for archived issues of previous posts, click […]

If the Empire in Star Wars Had Big Data

Star Wars Privacy and Security Awareness Darth Vader

. . . the Empire would have won. A search of records would have revealed where Luke Skywalker was living on Tatooine.  A more efficient collection and aggregation of Jawa records would have located the droids immediately.  Simple data analysis would have revealed that Ben Kenobi was really Obi Wan Kenobi. A search of birth […]

Law Firm Cyber Security and Privacy Risks

law firm data security

By Daniel J. Solove Law firms are facing grave privacy and security risks. Although a number of firms are taking steps to address these risks, the industry as a whole needs to grasp the severity of the risk. For firms, privacy and security risks can be significantly higher than for other organizations. Incidents can be […]

The Worst Password Ever Created

by Daniel J. Solove People create some very bad passwords. In the list of the most popular passwords of 2014, all of them are terrible. Just look at the top 10: 123456 password 12345 12345678 Qwerty 123456789 1234 baseball dragon football