In the United States, identity theft resulted in corporate and consumer losses of $56 billion dollars in 2005, with up to 35 percent of known identity thefts caused by corporate data breaches. Many states have responded by adopting “data breach disclosure laws” that require firms to notify...

Legitimate as well as illegitimate organizations and entities are gaining access to information about social media (SM) users through illegal, extralegal, and quasi-legal means. Worse still, many organizations and individuals using SM have become targets and victims of cybercrimes. SM have also...

Privacy and security tools can help users protect themselves online. Unfortunately, people are often unaware of such tools, and have potentially harmful misconceptions about the protections provided by the tools they know about. Effectively encouraging the adoption of privacy tools requires...

Blockchains and the GDPR pursue similar objectives where they seek to grant users greater control over their personal data. While the latter pursues this goal by imposing duties of care to centralised controllers and collectors of data, blockchains go a step beyond by trying to eliminate these...

Economics offer different but complementary approaches to understanding privacy and security. For this inaugural contribution to the new In Our Orbit department, I was asked to explain briefly their methodological differences and similarities, and why they matter in our thinking about security...