TrustArc Blog

Meet the Leading Players in the Privacy Ecosystem: Daniel J. Solove, Founder, TeachPrivacy

August 12, 2015

Over a hundred organizations are responsible for shaping the future of data privacy. In this new series we’ll profile some of the organizations that are helping to shape the massive privacy ecosystem through the eyes of the professionals that work there and learn more about their perspectives on privacy.

What is your organization’s role in the privacy ecosystem?

TeachPrivacy provides computer-based privacy training and information security awareness training to organizations in a wide array of industries. TeachPrivacy has FERPA training for schools, HIPAA training for healthcare providers and business associates, PCI training for merchants and others handling payment card data, and much more.

What key goals/issues is your organization focused on tackling?

Our goal is to provide training that really makes a difference. Training is one of the most important things an organization can do to mitigate the risk of having a data breach or a privacy incident. I founded TeachPrivacy because I thought that there was a better way to train employees about these issues – to really educate them, to show them why they should care.

My goal is to apply good teaching techniques to training. I learned a lot in teaching as a professor and in speaking to audiences of all types. I aim to create training that is engaging, concrete, vivid, and memorable.

How have your organization’s goals/focus changed over the years to address evolving technologies or challenges?

Our goals have remained stable – we are an education company. Our primary goal is to help organizations educate their workforce about privacy and data security. We want to make the best training we can create.
In the training I develop, I strive to use the techniques that work the best – using stories, interactivity, vivid imagery, varied styles and approaches, immersive experiences, activities, genuine passion, and memorable explanations. There is a timeless quality to these techniques. They have worked for thousands of years.

Looking ahead – what are the most important data privacy issues/concerns you think need to be addressed by the industry and/or government legislation?

It would take many books to answer this question. But one overarching point that I think is essential: The best legislation includes governance provisions – it requires a privacy and security officer, privacy and security programs, routine risk assessments, training, policies and procedures, etc. And there must be good enforcement. Laws without such provisions are often poorly followed.

Read more “Meet the Leading Players in the Privacy Ecosystem: Daniel J. Solove, Founder, TeachPrivacy”

Latest Privacy Insight Series Webinar Addresses FTC Stance on Privacy, Security

July 24, 2015

FTC’s Policies on Privacy and Security

FTC’s Policies on Privacy and Security

The FTC is the leading privacy and security regulator in the U.S. says Daniel J. Solove, a professor at George Washington University Law School who runs a privacy and security training company called TeachPrivacy and organizes the The Privacy + Security Forum conference. Although there is hardly any case law, Solove noted in presenting this webinar, the FTC looms large in practice.

In 1998, only about 2% of websites had some form of privacy policy, now nearly every website has one.

“We’ve seen a huge rise in privacy policies,” Solove says.

In the late 1990s and early 2000s, a debate was raging about how personal information would be protected online. It was argued that self-regulation would work. As a result, companies began to self-regulate their privacy practices by creating their own policies.

Read more “Latest Privacy Insight Series Webinar Addresses FTC Stance on Privacy, Security”