The newest edition of the Privacy Law Fundamentals by Dan Solove and Paul Schwartz, published in 2017, has a lot to offer and is indeed a great reference book for every privacy professional to have in their library. The book is organized in 13 chapters, covering each sector, including privacy and the media; privacy and law enforcement; national security and foreign intelligence; health privacy; government records; financial data; consumer data; data security; education privacy; employment privacy, and international privacy law.
The book starts with new and leading developments in privacy since its last edition in 2015, covering updates in each of the above-mentioned sectors, and “only the most important of these developments – those that served as turning points or milestones in the law,” such as the well-known case of government’s requesting apple to unlock the iPhone, the Spokeo, Inc. v. Robins case, and the Federal Communications Commission and Federal Trade Commission’s settlement with AT&T over data breaches. In addition, one nice feature of the book is the reference at the end of each chapter of related treaties, books and articles.
For anyone new to privacy law, the book also served as a quick introduction on the background and types of privacy law. Charts and tables are helpful tools to keep you focused from getting lost in the river of privacy legislation. The brief historical timelines of privacy law gives you the holistic view and the reason for where we stand today.
For privacy professionals interested in specific areas can easily find what they’re looking for, as each sector’s chapter began with the essential points. For example, in the health privacy section, it clearly points out one character of HIPAA is that “HIPAA lacks a private right of action.” Followed by detailed laws and rules, the book walks you through each of the key points to get a complete aspect of the sector. Highlighted areas provided handy reference point, such as the FTC’s requirements for companies’ compliance with COPPA. Under the consumer data section, you can also find the details of the federal statues and criminal penalties, federal statues enforcements, etc. The federal statues and preemption table was especially helpful t me. Not only you can easily check by the name of federal statues and the detailed text of preemption clause, you can find the related information at the end of each sector. Furthermore, for security-focused readers, the data-security chapter also offered a complete list of state breach-notification laws, including the state statutes, trigger for notice, exceptions to notice, party to whom notice is required, and whether there is a private right of action.
Besides its rich material for privacy law in U.S. sectors, the book also provides summaries of international privacy laws, especially on the history of European data protection to the latest General Data Protection Regulation (GDPR) and the EU-U.S. Privacy Shield. In addition, privacy law and development from other parts of the world are also included, such as South America, the Middle East, Asia, Australia etc.
Over all, compared to the last edition in 2015, the book improved on its indexing by adding the chapter information on each page’s right panel, assisting the quick navigation of the book. Information is very up to date and clearly stated. This is a guidebook you would want to keep on your desk where it’s easy to reach.
If you want to comment on this post, you need to login.