This page indexes book reviews, blog posts, rants, and other assorted comments.
• Blog Post: Eight Obserevations on the FTC's GoodRx Case (February 2023). Available here. I offer eight mostly snarky observations on the Federal Trade Commission's case against GoodRx. The FTC's action looks better than it was.
• Blog Post: Defining Health Data: A Major Challenge for any Privacy Law. (June 2022). Available here. The post explores the difficulty of defining health data in a privacy law when there is no context for the data. Anything can be health data under the right circumstances.
• Blog Post: Is There A Role for Consent in Privacy? (June 2021). Available here. The issue posed in this blog post is whether consent can be rehabilitated if an independent third party sets the terms and methodology for consumer choice.
• Blog Post: Protect Consumer Privacy: Repeal GLBA's Privacy Provisions (July 2020). Available here. This
post argues that the privacy provisions of Gramm-Leach-Bliley for
financial institutions are so weak that consumers would actually be
better off if Congress repealed the law.
• Blog Post: A Modest Proposal to Advance Privacy Legislation (April 2020). Available here. This
post tries to draw attention to a proposal I made some years ago for
legislation that would establish a legislative framework for the
sharing of deidentified information. The bill could be passed by a state or by the Congress.
• Blog Post: The health record interoperability dilemma (August 2019). Available here.
The HHS interoperability rule that seeks to make it easier for
electronic health record systems to share records creates a dilemma
because it also runs the risk that patients who access their own health
records will lose control of those records to data brokers, marketers,
• Blog Posts: The long and difficult road to a U.S. privacy law, Parts 1, 2, and 3.
In August 2018, I published three blog posts on the procedure, policy,
and prospects for a broad (i.e., EU-style) U.S. privacy law. The posts
appeared in the IAPP (International Association of Privacy
Professionals) Daily. The original three posts are here, here, and here. You get all three in one click here.
In October 2018, I added a post suggesting that an opt-in privacy bill
for the commercial sector might provide a basis for an ultimate
compromise on a broad privacy bill. The opt-in privacy bill post is here. Bonus: All four posts are in one document here.
• Blog Post: The Trump Federal Trade Commission on Privacy:
A Dirty Dozen Guesses/Predictions/Thoughts (March 29, 2017).
• Blog Post: Can Consumers Trust the FTC to Protect Their Privacy? (October 2016). Available at the ACLU website here.
• Analysis: I wrote a short analysis of the Department of Commerce's discussion draft of the Consumer Privacy Bill of Rights (March 2015). My comments are available here.
• Review: ASIAN DATA PRIVACY LAWS Trade & Human Rights Perspectives by Graham Greenleaf, Oxford University Press (2014). Greenleaf's book offers a detailed and highly useful review of privacy laws in Asia. The review is here.
• Blog Post: Decision in Europe: Controversial Revival of Practical Obscurity: Implications of the Google Spain Case (May 20, 2014) (with Pam Dixon), available here (World Privacy Forum).
• Blog Post: Differential Pricing and Privacy: Good, Bad, or Otherwise? (March 11, 2014), available here.
• Blog Post: Who Is The More Active Privacy Enforcer: FTC or OCR? (August 23, 2013), available here
• Blog Post: Overturning the Third-Party Doctrine by Statute: Hard and Harder (April 29, 2013), available here.
• Blog Post: Death and Privacy, Parts I, II,
and III (March 29, 2013, April 1, 2013, and Feb. 5, 2014), on a website about genealogical privacy. The website
disappeared so I put all three posts in a single document and made them
• Blog Post: Nader, Onassis, and Jones: Privacy in Public and Limits on the Private Sector (February 9, 2012), available here (Commons Lab, Woodrow Wilson International Center for Scholars).
• Blog Post: Legislating Privacy After US v Jones: Can Congress Limit Government Use of New Surveillance Technologies? (January 15. 2012), available here (Commons Lab, Woodrow Wilson International Center for Scholars).
• Blog Post: Location Privacy: Is Privacy in Public a Contradiction in Terms? (February 21, 2011), available here (Geodata Policy).
• Review: The Privacy Advocates: Resisting the Spread of Surveillance by Colin J. Bennett MIT Press (2008). Bennett's book includes some case studies of privacy campaigns. An appendix to the review offers my own account of a case study of a 1998 incident involving the National Committee on Vital and Health Statistics that had a significant effect on the development of a patient identifier in the United States and on privacy activities of the Clinton Administration. I was a member of NCVHS at the time and played a role in the events. This particular case study is not covered in Bennett's book, but I include it here just to make the story available to anyone who may be interested. The review and appendix are both available here. Posted 11/4/08.
• Short Reviews: These are reviews of books relevant to privacy and other information policy issues. The selection is necessarily arbitrary. I may add additional reviews here as the mood strikes.
· Litigation Under the Federal Open Government Laws 2010. (Electronic Privacy Information Center, 2010).
· Who Are You? Identification, Deception, and Surveillance in Early Modern Europe. Valentin Groebner (Zone Books, 2007).
· IN CONFIDENCE: When to Protect Secrecy and When to Require Disclosure. Ronald Goldfarb (Yale University Press 2009).
· SEARCHING EYES: Privacy, The State, and Disease Surveillance in America. Amy L. Fairchild, Ronald Bayer, James Colgrove (University of California Press, 2007).
At present, all of these short reviews are in a single document, available here.