Who Can Sue Over Lost or Misused Data?

It’s hardly controversial to say that data breaches are a bad thing for business, resulting in lost customers, lost confidence, and lost credibility.  But what about the lost data?  What kind of consequences come, for instance, when a malicious insider sells vast quantities of customer data, or an outsider exploits a weakness in your security… Read More

A Follow-Up Q&A on LinkedIn v. hiQ

After our discussion of LinkedIn v. hiQ earlier this week, we received a lot of questions from clients and readers about the implications of the case.  We thought it might be easier to compile some of these questions and our responses to continue the conversation about this important case. Q. It seems unfair that hiQ… Read More

Why Deference Matters in Privacy – A Supreme Court Case Study

Summer is always an interesting time for lawyers, because it’s the time of year when the Supreme Court’s term comes to a close and when, typically, they issue their most controversial or difficult rulings.  In fact, the Court sometimes waits until the actual last day of the term before handing out the tough, 5-4 split… Read More

The Challenges of Ethical AI

There have been dozens of articles and news pieces about the need for “ethics in AI” or “ethical AI.”  This (apparently brand new) issue arises from a number of causes, including public concern over facial recognition, the use of automated decisionmaking, and the ongoing public fascination with the darker side of artificial intelligence (see: Black… Read More

Curb Your (AI)nthusiasm

The Boston Dynamics “dogs” have become something of an inside joke around here: any time we want to suggest that an idea, project, or new technology might have worrisome long-term implications, the robotic canines come up in conversation.  Much of it has to do with their somewhat surreal, uncanny valley look, something familiar enough to… Read More

The Joke’s On You

There are times when it’s difficult to pick a topic to write about for this blog, because data privacy and data partnerships are such broad subjects that it’s like selecting from an unlimited menu of issues.  We could discuss GDPR or CCPA or a data breach or technological trends or creating a mutually beneficial data… Read More

The Values Crisis

Let’s talk about values. We sometimes talk about “use cases” for data, which is a shorthand for “how do you intend to make this particular information set perform a new category of work or combine with other information sets to perform a new category of work.”  It’s important, as we discuss in Data Leverage, to… Read More

Through the Glass Darkly

Privacy is an interesting concept, one that both intrigues and baffles us, teasing us with seemingly unanswerable questions.  What does it mean to have privacy, or is it even a commodity capable of possession?  Is it simply the “right to be let alone,” as Warren and Brandeis wrote in their famous Harvard Law Review Article… Read More

We All Care About Data Security, Except When We Don’t

It should be clear by now that we are most comfortable expressing our thoughts in the form of movie quotes, falling as we do into that demographic of Americans who believe that if you can’t say it with a gif from an 80s movie, you don’t need to say it at all. Really, it works… Read More

Key Takeaways from the International Conference of Data Protection and Privacy Commissioners

Last week, I attended the 40th ICDPPC in Brussels, which is the global meeting of all privacy and data security regulators.  The theme of the conference was “Debating Ethics,” and it was a deep dive into the interplay between digital commerce, regulation, and human dignity.  There were representatives from around the globe, of course, but… Read More

The Carpenter Decision

The Supreme Court has issued this year’s most important ruling on privacy in Carpenter v. United States. It is a major development in privacy law, laying the foundation for an interpretation of the Fourth Amendment that protects against generalized government surveillance by electronic means. Together with United States v. Jones, it brings Fourth Amendment jurisprudence into the… Read More

The Scariest Data Breach So Far This Year

I could do a blog exclusively on data breaches because they happen so frequently that I’d never run out of material. Eight hours ago, the Supreme Court of India’s website was hacked, apparently by “HighTech Brazil Hackteam.” I imagine that they’re either a group of highly motivated lawyers or, given their logo, a group of very high teenagers. Read More

GDPR Countdown – Six Weeks to Go

It’s easy to think about data as a depersonalized set of information that we can use for whatever purpose we want. But complying with GDPR will require a change of mind and a change of approach to data, and especially data subjects. Businesses that cannot navigate between unrestrained use of information and the lofty — and potentially unachievable — goals of the GDPR will struggle after May 25. How will you chart your course? Read More