Monthly Archives: November 2013

terry_cutler

Privacy in the age of the hacker: Balancing global privacy and data security law

terry_cutler Privacy in the age of the hacker

Digital Locksmiths CTO Terry Cutler’s work has been featured in Phoenix School of Law 2012 paper called Privacy in the age of the hacker: Balancing global privacy and data security law.

Terry cutler “Was 2011 the Year of the Hacker?, SECURITYWEEK (Jan 2012) https://www.securityweek.com/was-2011-year-hacker

Abstract:
The twin goals of privacy and data security share a fascinating symbiotic relationship: too much of one undermines the other. The international regulatory climate, embodied principally by the European Union’s 1995 Directive, increasingly promotes privacy. In the last two decades, fifty-three countries enacted national legislation largely patterned after the E.U. Directive. These laws, by and large, protect privacy by restricting data processing and data transfers.

At the same time, hacking, malware, and other cyber-threats continue to grow in frequency and sophistication. In 2010, one security firm recorded 286 million variants of malware and reported that 232.4 million identities were exposed. To address these evolving threats, modern security techniques analyze and process massive amounts of data. The Article posits that international law increasingly favors privacy, throwing the symbiotic relationship out of balance. By restricting data processing and by failing to exempt data processing for security purposes, global privacy laws undermine private data by increasing its vulnerability.

Be sure to read

PRIVACY IN THE AGE OF THE HACKER: BALANCING
GLOBAL PRIVACY AND DATA SECURITY LAW by MCKAY CUNNINGHAM

http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2138307

TABLE OF CONTENTS

I. INTRODUCTION
II. THE PRIVACY SIDE
A. The Information Age
B. Protecting Private Information
1. Data Privacy Regulation in the European Union
a. Initial Attempts to Protect Private Information
b. The E.U. Directive
i. The Directive’s Requirements
ii. The Directive’s Reach
iii. The Directive’s Reproach
iv. The Directive’s Repercussions
2. Data Privacy Regulation in the United States
a. The Sectoral Approach
b. The Safe Harbor
3. U.S. Resistance to E.U. Privacy Regulation
III. THE SECURITY SIDE
A. The Threat Landscape
1. Cyberwar
2. Consumer Vulnerability
B. U.S. Response to the Threat Landscape
C. Exceptions for National Security
IV. PRIVACY RULES THAT UNDERMINE PRIVACY RIGHTS
A. Too Much Privacy is No Privacy At All
1. Protecting Private Data: Evolving Threats
2. Protecting Private Data: Evolving Methods
B. An Open Window: The European Union’s Proposed Regulation