[Ad] New Publication Announcement: Data Protection Law Reporter

Data Protection Law Reporter cover[Eric’s introductory note: I’m running this post as a paid ad for a new publication called the Data Protection Law Reporter. This is the first time I’ve run a paid post like this. Why have I made this special accommodation?

First, “data protection” law is exploding. As you may have seen, at Santa Clara Law we’re launching a new certificate in privacy law, and Cardozo Law’s new “Data Law Initiative” addresses a similar topic. These completely independent law school efforts, launched within days of each other this May, highlight the growing importance of data protection law as a business phenomenon and a legal career option. Second, the publication is produced by the same people who publish the Internet Law & Business monthly newsletter, and I’ve been on the (titular) board of editors since 1999. For the past several years, that newsletter has cherry-picked and republished some of our blog posts. I read each newsletter monthly as one of the many sources I peruse to make sure I’ve seen everything. Third, the first issue of the new publication looks promising; it includes a “symposium on Target breach, FTC v. Wyndham and Heartbleed bug” that’s described below.

The publisher is offering the PDF-downloadable symposium issue for $250 to test the market for a monthly publication. You’ll get a chance to sign up for one or both at the publisher’s website. To increase your confidence of getting a good deal, if you’re not happy with the symposium issue, you can simply mark the invoice “unsatisfied” and the symposium PDF you downloaded will be yours gratis.

Here’s the publisher’s introduction to the publication:]


“The general belief that any type of security defense can be 100% effective has come to an end. The new reality is that at least one or more systems within a given environment are most likely already compromised, and the job of IT Security is to minimize damage by discovering and neutralizing intruders after they have infiltrated the environment.”
Philip Lieberman, Lieberman Software Company

“What happens to these [data breach] lawsuits will be important to any company that collects, stores, uses, and disposes of sensitive consumer information, which is almost every company doing business in this modern economy.”
Al Saikali, Partner, Shook Hardy and Bacon


To: Privacy and Cybersecurity Practitioners

Re: Symposium on the Target Breach, FTC v. Wyndham and the Heartbleed Bug

From: Neil Cohen, Publisher

Dear Practitioner,

Since mass data breaches are the new normal and the FTC, SEC, Attorney Generals, class action lawyers and credit card companies are poised to pounce, we expect data breaches and privacy to be the new centerpieces of federal and state regulation and litigation. To help you understand developments and fit them together we have created the Data Protection Law Reporter. The Editor-in-Chief of this publication is Northwestern Professor of Law David Dana, who will select the most important regulations, pleadings and decisions, summarize them, and, analyze where the law stands and where it is headed. No other reporting service regularly compares and contrasts the decisions interpreting the law.

The premiere issue features a Symposium on the Target breach, FTC v. Wyndham, and the Heartbleed bug. The expert participants reveal the interconnections between these events. For example,

• Security expert James Huguelet explains how the Target breach could have been prevented by “application level end-to-end encryption”, criticizes the credit card industry for not requiring merchants to adopt it, and explains why the Heartbleed bug complicates plaintiff’s’ proof of the proximate cause of data breaches.

• Jay Westermeier of Finnegan Henderson analyzes the data breach consent decrees entered into by the FTC to indicate how the agency is likely to exercise its authority under FTC v. Wyndham.

• Various commentators explain the pervasive effects of the Heartbleed bug and whether there are regulatory or common law obligations for every company to detect and remedy it on their networks.

• Professor David Dana provides an overview of twelve recent decisions, all summarized in the edition.

• Diane Kaplan’s article summarizes the important briefs in LabMd v. FTC arguing whether a company can challenge an FTC enforcement action in court before the agency’s administrative procedures are exhausted. The forthcoming decision will set a precedent for new FTC enforcement actions.

• The publisher provides an overview of the Symposium and discusses why the Federal Trade Commission should consider rules requiring patches of Heartbleed bug and adoption of application-level end-to-encryption to thwart identity thieves.

To buy the premiere issue, simply fill out the form at www.dataprotectionlawreporter.com. Upon receipt of your order we will email you the report in PDF, bill you $250, and send you information on how to subscribe to future issues. If for any reason you are dissatisfied with the first issue simply mark our invoice “unsatisfied” and return it to us.