Archive of all posts about data security by Professor Daniel J. Solove for his blog at TeachPrivacy, a privacy awareness and security training company.
For several years, I have been posting about notable books on privacy and security, and this post lists some of the notable books from 2015. To see a more comprehensive list of nonfiction works about privacy and security, you might consult this resource page that Professor Paul Schwartz and I maintain: Nonfiction Privacy + Security […]
By Daniel J. Solove The SplashData annual list of the 25 most widely used bad passwords recently was posted for passwords used in 2015. The list is compiled annually by examining passwords leaked during a particular year. Here is the list of passwords for 2015, and below it, I have some thoughts and reactions to […]
Professor Woodrow Hartzog and I have just published our new article, The Ultimate Unifying Approach to Complying with All Laws and Regulations, 19 Green Bag 2d 223 (2016). Our article took years of research and analysis, intensive writing, countless drafts, and endless laboring over every word. But we hope we achieved a monumental breakthrough in the […]
By Daniel J. Solove ProPublica has been running a series of lengthy articles about HHS Office for Civil Rights (OCR) enforcement that are worth reading. A Sustained and Vigorous Critique of OCR HIPAA Enforcement A ProPublica article from early in 2015 noted that HIPAA fines were quite rare. The article noted that from 2009 through […]
I am pleased to announce the publication of my article, The Scope and Potential of FTC Data Protection., 83 George Washington Law Review 2230 (2015). I wrote the article with Professor Woodrow Hartzog. The article addresses the scope of FTC authority in the areas of privacy and data security (which together we refer to as […]
I’ve been going through my blog posts from 2015 to find the ones I most want to highlight. Here are some selected posts about security: The Worst Password Ever Created Should the FTC Kill the Password? The Case for Better Authentication
Ransomware is one of the most frightening scourges to hit the Internet. Ransomware is a form of malware (malicious code) that encrypts a person’s files and demands a ransom payment to decrypt them. If the money isn’t paid, the encryption keys are destroyed, and the data is lost forever. Ransomware began to emerge in 2009, […]
By Daniel J. Solove Proponents for allowing government officials to have backdoors to encrypted communications need to read Franz Kafka. Nearly a century ago, Kafka deftly captured the irony at the heart of their argument in his short story, “The Burrow.” After the Paris attacks, national security proponents in the US and abroad have been […]
“The US is developing a law of cybersecurity that is incoherent and unduly complex,” says Ed McNicholas, one of the foremost experts on cybersecurity law. McNicholas is a partner at Sidley Austin LLP and co-editor of the newly-published treatise, Cybersecurity: A Practical Guide to the Law of Cyber Risk (with co-editor Vivek K. Mohan). The […]
By Daniel J. Solove It is essential that children learn about data privacy and security. Their lives will be fully enveloped by technologies that involve data. But far too little about these topics is currently taught in most schools. Fortunately, there is a solution, one that I’m proud to have been involved in creating. The […]