PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Understanding the FTC on Privacy and Security

Privacy Training Blog FTC

by Daniel J. Solove I recently held a webinar about the Federal Trade Commission (FTC) for TRUSTe called Understanding the FTC on Privacy and Security.   The webinar is free and is archived at TRUSTe’s site. Here is a brief synopsis of the webinar: For the past nearly two decades, the FTC has risen to […]

Going Bankrupt with Your Personal Data

By Daniel J. Solove   A recent New York Times article discusses the issue of what happens to your personal data when companies go bankrupt or are sold to other companies: When sites and apps get acquired or go bankrupt, the consumer data they have amassed may be among the companies’ most valuable assets. And […]

The Worst Password Ever Created

by Daniel J. Solove People create some very bad passwords. In the list of the most popular passwords of 2014, all of them are terrible. Just look at the top 10: 123456 password 12345 12345678 Qwerty 123456789 1234 baseball dragon football

Should the FTC Be Regulating Privacy and Data Security?

by Daniel J. Solove This post was co-authored with Professor Woodrow Hartzog. This past Tuesday the Federal Trade Commission (FTC) filed a complaint against AT&T for allegedly throttling the Internet of its customers even though they paid for unlimited data plans. This complaint was surprising for many, who thought the Federal Communications Commission (FCC) was […]

Who Are the Privacy and Security Cops on the Beat?

by Daniel J. Solove Are privacy and security laws being enforced effectively? This post is post #3 of a series called Enforcing Privacy and Security Laws.

Why Enforce Privacy and Security Laws?

by Daniel J. Solove PART 1 Are privacy and security laws being enforced effectively? This post is part of a series called Enforcing Privacy and Security Laws. How are privacy and security laws enforced? How should they be enforced? What enforcement works well? What doesn’t? What are the various agencies that are enforcing privacy laws […]

How the FTC Can Readily Halt Identity Theft

by Daniel J. Solove Identity theft is terrible crime, and it can wreak havoc on victims’ lives. In an identity theft, the thief uses a victim’s personal information to improperly access accounts, obtain credit in the victim’s name, or impersonate the victim for other purposes. But there is an effective way to stop a lot […]

Snapchat and FTC Privacy and Security Consent Orders

by Daniel J. Solove Co-authored by Woodrow Hartzog The Federal Trade Commission (FTC) recently entered into a consent order with the media service Snapchat for not living up to its promises about how it maintains the privacy and security of user’s data. The FTC order prohibits Snapchat from “misrepresenting the extent to which it maintains […]

Our Privacy and Data Security Depend Upon Contracts Between Organizations

by Daniel J. Solove Increasingly, companies, hospitals, schools, and other organizations are using cloud service providers (and also other third party data service providers) to store and process the personal data of their customers, patients, clients, and others. When an entity shares people’s personal data with a cloud service provider, this data is protected in […]

5 Key Quotes from the FTC v. Wyndham Decision on Data Security

by Daniel J. Solove This post was co-authored by Professor Woodrow Hartzog. The long-awaited federal district court opinion in FTC v. Wyndham was finally released last week. The U.S. District Court for the District of New Jersey rejected Wyndham’s arguments that the FTC lacks the authority to regulate unfair data security practices, that the FTC […]