PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Are Many Privacy Violations Also Data Breaches?

Privacy and Security

Data breaches and privacy violations have long been thought of as different things, but actually, there is a lot of overlap. Two recent FTC cases address this issue. These cases involve the Health Breach Notification Rule, 16 CFR Part 318, which covers health data breaches beyond HIPAA. The Rule had long existed, but the FTC […]

The Prediction Society: Algorithms and the Problems of Forecasting the Future

The Prediction Society - Algorithms and the Problems of Forecasting the Future 02

I am excited to share my new paper draft with Hideyuki (“Yuki”) Matsumi, The Prediction Society: Algorithms and the Problems of Forecasting the Future.  The paper is available for free on SSRN. Yuki is currently pursuing a PhD at Vrije Universiteit Brussel. Yuki began his career as a technologist, then turned to law, where he […]

Cybersecurity and Data Security: What Every Lawyer Should Know

I was recently on a terrific panel called Cybersecurity and Data Security: What Every Lawyer Should Know held by Penn State Dickinson Law.  The program focused on the latest developments in cybersecurity and data privacy. The panel was moderated by Professor Daryl Lim, H. Laddie Montague Jr. Chair in Law at Penn St. Dickinson Law. […]

Lawsuits for Wrongful Data Collection – Biometric Data and Beyond: An Interview with Katherine Heaton and Amanda Thai

Powered by recent privacy laws, lawsuits for wrongful data collection have been rapidly increasing. The result is a growing body of caselaw, many unanswered questions, and a new landscape for companies to navigate. I recently had the opportunity to discuss the expanding number of wrongful collection lawsuits with several experts at Beazley. Based in Denver, Katherine […]

Restoring the CDA Section 230 to What It Actually Says

CDA 230 02

When Donald Trump targeted the Communications Decency Act (CDA) Section 230, a debate about the law flared up.  Numerous reforms were proposed, some even seeking to abolish the law.  Unfortunately, the debate has been clouded with confusion and misinformation. Although I disagree with many of the proposals to reform it or abolish Section 230, I […]

The Deal with Data Rights: An Interview with Heather Federman

Numerous privacy laws are requiring that companies provide individuals with data rights — rights to access their data, correct their data, learn about uses of their data, delete their data, and more. Administering these rights can be quite complicated for organizations.  

Top 10 Privacy Law Developments of the Decade 2010-2019

Top 10 Privacy Law Developments of the Decade 2010-2019 02

It is an understatement to say that a lot has happened in privacy law during the past decade. Here is my list of the most notable developments. NOTE: I am giving a particular emphasis to what I find to be notable from a United States perspective.  What is notable privacy law depends upon where one […]

The FTC Can Rise to the Privacy Challenge, but Not Without Help From Congress

FTC

Over at Lawfare, I have an essay co-authored by Chris Hoofnagle and Woodrow Hartzog called The FTC Can Rise to the Privacy Challenge, but Not Without Help From Congress.  This piece is also posted at the Brooking Institution’s TechTank.  The essay begins: Facebook’s recent settlement with the Federal Trade Commission (FTC) has reignited debate over whether the […]