Unifying Privacy and Data Security

Chapter 7 of BREACHED! WHY DATA SECURITY LAW FAILS AND HOW TO IMPROVE IT (Oxford University Press 2022)

Boston Univ. School of Law Research Paper No. 4173764

GWU Legal Studies Research Paper No. 2022-54

GWU Law School Public Law Research Paper No. 2022-54

36 Pages Posted: 3 Aug 2022 Last revised: 22 Sep 2022

See all articles by Daniel J. Solove

Daniel J. Solove

George Washington University Law School

Woodrow Hartzog

Boston University School of Law; Stanford Law School Center for Internet and Society

Date Written: July 27, 2022

Abstract

This book chapter discusses the relationship between privacy and data security. Privacy is a key and underappreciated aspect of data security. Right now, there is a schism between privacy and security in companies. Privacy functions are commonly addressed by the compliance and legal departments, while security is handled by the information technology department. The two areas are commonly split apart and rarely speak to each other.

The chapter argues that we should bridge data security and privacy and make them go hand-in-hand in both law and policy. Strong privacy rules help create accountability for the collection, use, and dissemination of personal information and can reduce vulnerabilities and risk by minimizing the use and retention of personal information. Good privacy strengthens security. The chapter specifically focuses on the importance of data minimization and data mapping as privacy practices that have tremendous benefits for data security.

This piece is Chapter 7 of Daniel J. Solove and Woodrow Hartzog's book, BREACHED! WHY DATA SECURITY LAW FAILS AND HOW TO IMPROVE IT (Oxford University Press 2022). In the book, Professors Solove and Hartzog explore the shortcomings of data security law. They argue that the law fails because, ironically, it focuses too much on the breach itself.

Keywords: data security, cybersecurity, data breach, privacy, relationship between privacy and security, data minimization, data mapping

Suggested Citation

Solove, Daniel J. and Hartzog, Woodrow, Unifying Privacy and Data Security (July 27, 2022). Chapter 7 of BREACHED! WHY DATA SECURITY LAW FAILS AND HOW TO IMPROVE IT (Oxford University Press 2022), Boston Univ. School of Law Research Paper No. 4173764, GWU Legal Studies Research Paper No. 2022-54, GWU Law School Public Law Research Paper No. 2022-54, Available at SSRN: https://ssrn.com/abstract=4173764

Daniel J. Solove (Contact Author)

George Washington University Law School ( email )

2000 H Street, N.W.
Washington, DC 20052
United States
202-994-9514 (Phone)

HOME PAGE: http://danielsolove.com

Woodrow Hartzog

Boston University School of Law ( email )

765 Commonwealth Avenue
Boston, MA 02215
United States

HOME PAGE: http://https://www.bu.edu/law/profile/woodrow-hartzog/

Stanford Law School Center for Internet and Society ( email )

Palo Alto, CA
United States

HOME PAGE: http://cyberlaw.stanford.edu/profile/woodrow-hartzog

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Downloads
713
Abstract Views
1,474
rank
52,020
PlumX Metrics