Cybersecurity 2019: Data Privacy Trends

April 25, 2019


In 2018, privacy and data security crossed a number of thresholds. In the public mind, through high-profile data breaches and revelations about unexpected uses of personal information, questions of privacy became much more salient. In the legal and regulatory arena, both the GDPR and the California Consumer Privacy Act became clear catalysts for a global transformation in the coming years of privacy practices. Finally, new technologies suggest that flux and complexity we are currently experiencing will continue, as we face new challenges and new threats to privacy.

This collection of essays addresses each of these issues. The essays collected here were each originally published as a series of posts on Foley Hoag’s Security, Privacy, and the Law as part of the blog’s 2019 “Year in Preview” series. Collected here together, they provide a holistic overview of trends affecting organizations managing personal information (and the regulations surrounding them) in 2019 and beyond.

On the enforcement side, Colin Zick, who leads the firm’s Privacy and Data Security practice, provides an overview of the trends in the Health Insurance Portability and Accountability Act (HIPAA), including increased use and exchange of health data, increased sophisticated use of such data, and increased enforcement when health data is mismanaged. Michael Licker gives an overview of the enforcement trends in the hot cryptocurrency and blockchain space, noting that enforcement trends are beginning to create discernable rules of the road in the absence of clearly applicable regulations. Jeremy Meisinger takes a close look at how children’s online privacy is protected, comparing and contrasting the Children’s Online Privacy Protection Act (COPPA) with the GDPR’s protection of minors. And Stephen Bartlett examines trends among state attorney general enforcement, where much of the governmental action has been and continues to be.

Looking at the impact of new technologies and threats, Scott Bloomberg tackles elections and political advertising, noting especially how social media companies are responding to the continuing fallout of the 2016 election. Vivek Krishnamurthy examines artificial intelligence and emerging threats, demonstrating that there are significant privacy questions yet unanswered at the same time that AI is becoming ubiquitous. And Carol Holahan analyzes security threats to the U.S. energy grid, specifically digging into the Federal Energy Regulatory Commission’s issuance of a final rule to modify the North American Electric Reliability Corporation’s Reliability Standards to cyber security incidents.

It is not an overstatement to say that we seem to be entering a new era in privacy and data security, where we think of privacy and security differently and where potentially revolutionary new technologies force us to engage in increasingly more difficult questions. Our hope is that this collection helps you navigate this continuously evolving area.

Download the ebook here.