Author |
Solove, Daniel J., 1972- author.
|
Title |
Breached! : why data security law fails and how to improve it / by Daniel J. Solove & Woodrow Hartzog. |
OCLC |
1275432826 |
ISBN |
9780190940553 (hardback) |
|
0190940557 (hardback) |
|
(electronic book) |
Publisher |
New York, NY : Oxford University Press, [2022] |
|
©2022. |
Description |
243 pages : illustrations ; 25 cm |
LC Subject heading/s |
Data protection -- Law and legislation -- United States.
|
|
Computer security -- Law and legislation -- United States.
|
|
Computer networks -- Security measures -- United States.
|
Other Subject heading/s |
Computer networks -- Security measures.
(OCoLC)fst00872341
|
|
Computer security -- Law and legislation. (OCoLC)fst00872492
|
|
Data protection -- Law and legislation. (OCoLC)fst00887963
|
|
United States. (OCoLC)fst01204155
|
Bibliography |
Includes bibliographical references and index. |
Contents |
Chronicle of a breach foretold -- The data breach epidemic -- The failure of data security law -- The big picture : system and structure -- Responsibility across the whole data ecosystem -- Reducing harm from data breaches -- Unifying privacy and data security -- Designing security for humans, the weakest link -- The holistic approach. |
Summary |
"Drawing insights from many stories about data breaches, Solove and Hartzog show how major breaches could have been prevented or mitigated through a different approach to data security rules. Current law is counterproductive. It pummels organizations that have suffered a breach but doesn't address the many other actors that contribute to the problem: software companies that create vulnerable software, device companies that make insecure devices, government policymakers who write regulations that increase security risks, organizations that train people to engage in risky behaviors, and more. Although humans are the weakest link for data security, policies and technologies are often designed with a poor understanding of human behavior. This book corrects this course by focusing on the human side of security. Incorporating public health theory and an understanding of risk, the authors set out a vision for data security law, one that holds all actors accountable, understands security broadly and in relationship to privacy, looks to prevention and mitigation rather than reaction, and works by accepting human limitations rather than being in denial of them"-- Provided by the publisher. |
|