It seems like not a day passes without news of a significant data privacy breach. In 2019, Facebook experienced a data breach affecting 540 million users; it was not their only breach for the year. Facebook is not alone: Adobe, Capital One, Microsoft, and Quest Diagnostics all had data security breaches exposing the personal information of millions of people. These are not small companies with minimal technology staff, rather these are some of the biggest names in technology, finance, and healthcare. Even getting coffee and gas can be a problem — Wawa had a breach that lasted from March to December, 2019 and exposed over 30 million credit and debit card payments! American consumers are concerned.
According to the Pew Research Center more than 80% of adults in the United States feel they have “very little/no control” over the data being collected by companies, and more than 50% say they are “very/somewhat” concerned about how that data is used. Yet despite the widespread problems and growing concerns, there is no single law dealing with data security and privacy issues in the United States. As technology changes at lightning speed, legislators are struggling to keep up with unforeseen changes dealing with data security.
What laws exist today?
At the federal level, there are a number of laws covering specific types of privacy protections. For example, the HIPPA Governs Medical Data, the Financial Modernization Act, the Driver’s Privacy Protection Act, and the Children’s Online Privacy Protection Act also address privacy concerns. The Fair Credit Reporting Act deals with the reporting of data breaches, but not data security and privacy issues.
New Jersey has no comprehensive data privacy laws. New Jersey Statute (N.J.S.A.) 2C:14-9 entitled “Invasion of Privacy” does not address data privacy and security. N.J.S.A. 56:8-163 mandates reporting of data breaches, and N.J.S.A. 56:8-164 focuses on security relating to social security numbers. The New Jersey Legislature is working to keep up with the rapidly changing security environment of the digital world by introducing new bills during each legislative year.
With the exception of California, whose sweeping data privacy legislation became effective on January 2, 2020, most other states are like New Jersey with a mix of older privacy laws, newer laws relating to reporting of breaches, and many pending bills. Illinois has a sweeping privacy law relating to biometric information privacy. Texas, New York, Washington, and Arkansas also have legislation that deals with biometric privacy, but they are much narrower in scope. The creation of new types of technology–facial recognition, biometrics, and blockchain technology–all of which are used to collect and store personal information that were unheard of just a few years ago–present additional challenges to legislation.
How can a consumer stay informed?
The New Jersey State Library can help. We have a number of resources on legal information and technology to help keep you up-to-date and informed. Our print collection has titles that cover the laws, regulations, and issues surrounding digital privacy. For example,
Right to be forgotten: a legal research guide, by Carol A. Fichtelman (K 3264 C65 F53 2018)
Fair Credit Reporting by Chi Chi Wu and Elizabeth De Armond (KF 1040 R63 2017)
Privacy Rights in the Digital Age (R342.73 P9615)
These are topic specific titles. HIPPA: Ignorance is not bliss, what you don’t know can hurt you and your client! by the New Jersey Institute of Continuing Legal Education deals with medical information privacy. Privacy and Confidentiality issues: A guide for libraries and their lawyers discusses privacy in a library setting. Other subjects covered include Biometric Identification, Electronic Discovery, Bitcoin, and New Jersey specific documents such as the Statewide Data Privacy Audit Report. To find these and additional titles, search the catalog using the terms “digital privacy,” privacy, “data protection,” bitcoin and cryptocurrency.
Try our e-books and digital periodicals
Our electronic research databases and digital periodicals contain the most up-to-date information available. Titles such as Surveillance, privacy, and public space; Cybersecurity and privacy law in a nutshell; Blockchain and the Law: the rule of code; and Fintech law in a nutshell discuss data security and privacy in the context of the law, specific technologies or industries, or from a public policy perspective. A number of legal periodicals and law reviews are available electronically with articles talking about the legal and ethical implications of technology and privacy. Publications include the Harvard Law Review, Columbia Law Review, Business Lawyer, Harvard Journal of Law & Technology, Journal of Law, Medicine and Ethics, the ABA Journal, and many more. To find these items use our Discovery Service search tool.
From our homepage find the Catalog Searches and Tools box located at the bottom left of the page. Make sure the “Start Your Research” tab has been selected and type your search terms in the box. This will search our catalog and across our electronic research databases.
Kick off your research using search terms such as “digital security,” “data privacy,” “information discovery,” “privacy rights,” HIPPA, “privacy law,” e-discovery, “digital privacy,” cybersecurity, “online security,” “online privacy,” and “cybersecurity regulation.” Use advance search functions to refine your searches to limit it to the dates, authors, sources, or subjects you are most interested in learning.
When in doubt, give us a call or send an email:
Librarians are always here to help you with your research. The topic of digital security and privacy is relatively new and constantly changing. The laws regulating data privacy will continue to develop and change over time. If you have questions or need assistance with finding articles on data security and the law, give us a call at (609) 278-2640, ext. 102 or send us an email at firstname.lastname@example.org.