I originally posted a version of this post more than 10 years ago, in 2005. I think it is important to re-post it, with a few updates.
I strongly recommend teaching information privacy law in law schools. I have authored several textbooks in the field, and I know that this might seem like a self-plug. But I really am a big believer that all law schools should have not just one course on information privacy law, but several — no matter what textbooks are used!
Information privacy law remains a fairly new field, and it has yet to take hold as a course taught consistently in most law schools. Last year, I wrote a post complaining about the fact that only about 25% of law schools have a course on privacy law. I’m hoping to change all that.
So if you’re an academic interested in exploring issues involving information technology, criminal procedure, or free speech, you should consider adding information privacy law to your course package. If you’re a practitioner, consider teaching an information privacy law course as an adjunct.
Here are some reasons to teach the course:
1. It’s fresh.
There’s a new privacy story nearly every second. The field changes quickly. Students are fascinated by the topic. Lively cases and fascinating issues abound. There’s barely a dull moment in the course. Every topic is interesting. There is no rule against perpetuities to cover!
The field is growing dramatically, and there are lots of jobs out there. Breaking into the field can be a bit challenging because employers want some experience practicing in the field first, but there are ways to get in the door. If you’re interested, I wrote a post not too long ago about advice about how to enter the field. And once in the door, the demand for privacy lawyers is huge! There are plenty of great internships and fellowships for students and recent graduates.
Each year, there is tremendous growth in the number of privacy professionals. Most major companies have not just a Chief Privacy Officer (CPO) but entire teams of people who handle privacy matters. Financial institutions must have a privacy officer per Gramm-Leach-Bliley Act. Health institutions must have a privacy officer per HIPAA regulations. The International Association of Privacy Professionals (IAPP), the professional association for those in the field, has grown astronomically over the course of the past decade. It now has more than 20,000 members, and each year grows by leaps and bounds.
3. The law is growing as if on steroids.
For the past few decades, privacy law has grown so fast that it must be illegal. Regulators continue to expand their enforcement into privacy and cybersecurity matters. Many new laws are being passed regarding privacy in the states, as well as at the federal level. For example, in 2005, only California had a data breach notification statute. Now, more than 90% of the states have such a law. There are countless cases being decided. The development of privacy law abroad has been staggering, and the implications for US companies are profound.
4. The field has some staying power.
As long as computers and information remain in fashion, privacy will remain a big issue. It’s not going away . . . the field, that is. Privacy . . . well, that’s a different story. . .
5. There is plenty of material to cover.
My casebook with Professor Paul Schwartz has grown over the course of five editions to be 1200 pages long, and we have to leave so much great material out. When I teach my information privacy law class, I can only cover less than half the book. Because there is so much material to work with, you can teach the course in many different ways and focus on many different issues.
6. There are great synergies between teaching and scholarship.
There’s a lot left to write about in the field, and teaching the course helps tremendously in developing good ideas for scholarship. The community of folks who write in privacy law is wonderful – a really neat group of professors. We love to welcome new folks into this great club.
Additionally, the relationship between practitioners and academics in the field is wonderful. The practitioners really read scholarship and attend academic events. The academics frequently learn from practitioners. In so many other fields, the academics and practitioners live in very separate worlds, but that’s not the case with privacy. There is a real sense among many academics and practitioners that their work will be better if they pay attention to reach other.
7. The course is intellectually rich.
There are countless interesting theoretical issues to ponder. The issues in privacy law are quite challenging — in a fascinating way. The theory doesn’t turn off students — they really dig it. Really!
8. It’s a land of plenty.
The field is very accessible. There are many great books, articles, websites, and other resources in the field. Twitter and LinkedIn abound with people writing about these issues, so there is a never-ending stream of information and discussion about new developments. Once you start teaching, writing, and thinking about privacy, you will feel like you’ve discovered a fertile field that extends to the horizon in every direction.
So think about adding information privacy law to your course package. It’s a rewarding and fascinating course. Many law schools still don’t have a course in the field, and it is my hope that someday it will be offered everywhere.
* * * *
This post was authored by Professor Daniel J. Solove, who through TeachPrivacy develops computer-based privacy training, data security training, HIPAA training, and many other forms of awareness training on privacy and security topics. This post was originally posted on his blog at LinkedIn, where Solove is a “LinkedIn Influencer.” His blog has more than 920,000 followers.
Professor Solove is the organizer, along with Paul Schwartz of the Privacy + Security Forum (Oct. 24-26, 2016 in Washington, DC), an annual event that aims to bridge the silos between privacy and security.