FPF’s John Verdi on Privacy Papers for Policymakers


In recognition of the Future of Privacy Forum’s 10th anniversary, FPF policy experts are sharing their thoughts on FPF’s work over the past decade, the current privacy landscape, and their vision of the future of privacy. This week, FPF Vice President for Policy John Verdi discusses the Privacy Papers for Policymakers project, which began in 2010. To read previous installments in this series, click here.

What do you expect the next 10 years of privacy to look like? Share your thoughts by clicking here.

Q&A: John Verdi on Privacy Papers for Policymakers

John VerdiFPF’s Privacy Papers for Policymakers program brings expertise from academic, tech and policy circles to Members of Congress, leaders from executive agencies, and their staffs to better inform policy approaches to thorny data protection issues. The event highlights the year’s most influential, practical academic work and connects academics with thought leaders from government, industry, and the advocacy community. Awarded articles are chosen both for their scholarly value and because they offer policymakers concrete solutions and practical insights into real-world challenges. Winners are selected by a diverse team of academics, advocates, and industry privacy professionals from FPF’s Advisory Board. Honorary Co-Hosts Senator Edward J. Markey and Congresswoman Diana DeGette will host FPF and this year’s winning authors as they present their work in the Russell Senate Office Building at 5:30pm on February 06, 2019. The event is free, open to the general public, and widely attended. A reception will follow. To RSVP, please visit privacypapersforpolicymakers.eventbrite.com.

How have the award-winning privacy papers changed over the last nine years?

The first award winners tended to deal with what we now consider broad topics in corporate privacy practices – the role of Chief Privacy Officers and federal law enforcers, how to value privacy, regulatory innovation, and so on. While those issues are still quite pertinent, recent award winners have been likely to examine more precise aspects of privacy, specific technical advances, or policies at the local, national, or international levels. A few examples from this year’s winners:

  • Danielle Keats Citron (Morton & Sophia Macht Professor of Law, University of Maryland Carey School of Law) considered several aspects of Sexual Privacy, a distinct privacy interest that warrants recognition and protection. The paper recommends an approach to sexual privacy based on both on new legal protections and market forces.
  • Slave to the Algorithm? Why a ‘Right to an Explanation’ is Probably not the Remedy you are Looking for by Lilian Edwards (Professor of Law, Innovation and Society, Newcastle Law School) and Michael Veale (Researcher, Department of Science, Technology, Engineering & Public Policy at University College London) covers a hot topic in emerging tech. Their research indicates that the “right to an explanation” for machine learning decisions created by the EU General Data Protection Regulation may be counterproductive, but that other approaches can be used to make algorithms more responsible, explicable, and human centered.
  • Ira Rubinstein (Senior Fellow, Information Law Institute of the New York University School of Law) wrote about Privacy Localism, based on the recent trend of local laws to control government surveillance and use of personal data. The paper zeroes in on laws in New York and Seattle, finding that those cities have filled significant gaps in federal and state privacy laws.

What’s been consistent from the beginning?

For nine years, the research and analysis into consumer beliefs, corporate practices, technological solutions and legal theory compiled in FPF’s Privacy Papers for Policymakers has informed the policy debate in Congress, in the states, and around the world. They are a valuable tool for legislators and staff considering the structure and elements of a national privacy framework.

Many of the papers have dealt with calls for an effective national privacy law in the US. In fact, here is the first line of the first Privacy Paper for Policymakers recognized in 2010 by the Future of Privacy Forum. “Privacy on the Books and on the Ground,” by Kenneth Bamberger and Deirdre Mulligan:

U.S. privacy law is under attack. Scholars and advocates criticize it as weak, incomplete and confusing, and argue that it fails to empower individuals to control the use of their personal information…”

They continued, “as Congress and the Obama Administration consider privacy reform, they encounter a drumbeat of arguments favoring the elimination of legal ambiguity by adoption of omnibus privacy statutes, the EU’s approach.” If you substitute “Trump” for “Obama” you could write the same words today; you would also find experts making many of the same arguments against imposing the top-down, prescriptive aspects of the EU’s approach in the US.

What are some of the research techniques authors use?

We’ve honored papers from academics, practitioners, technologists and lawyers, which means we’ve seen a wide range of approaches to research and analysis.

Some survey the privacy landscape and make recommendations based on the real-world practices they discover. For Shattering One-Way Mirrors. Data Subject Access Rights in Practice, Jef Ausloos (Postdoctoral Researcher, University of Amsterdam’s Institute for Information Law) and Pierre Dewitte (Researcher, KU Leuven Centre for IT & IP Law) contacted sixty information service providers and requested access to data. They concluded that data access rights in the EU are largely underused and not properly accommodated. Their research not only uncovered what they called an “often-flagrant lack of awareness, organization, motivation, and harmonization,” but also identified concrete suggestions aimed at data controllers, such as relatively easy fixes in privacy policies and access rights templates.

For Designing Without Privacy, Ari Ezra Waldman (Professor of Law and Founding Director, Innovation Center for Law and Technology at New York Law School) conducted an ethnographic study of how, if at all, people designing technology products think about privacy, integrate privacy into their work, and consider user needs in the design process. His paper references and expands upon the work of Kenneth Bamberger and Deirdre Mulligan – work that FPF recognized as one of our first award winners in 2010. Professor Waldman looks at how CPOs’ robust privacy norms can best be diffused throughout tech companies and the industry as a whole.

What’s next for Privacy Papers for Policymakers?

The Privacy Papers for Policymakers program will continue to highlight top scholarship, promote pragmatic solutions to privacy challenges, and generate thoughtful dialogue in Washington DC. We look forward to promoting constructive approaches to data protection around legislative drafting tables and in corporate boardrooms.

Most immediately, we are looking forward to a fantastic event honoring his year’s winning authors. On February 6, 2019, FPF and Honorary Co-Hosts Senator Edward J. Markey and Congresswoman Diana DeGette will host FPF and this year’s winning authors as they present their work in the Russell Senate Office Building at 5:30pm on February 06, 2019. The event is free, open to the general public, and widely attended. To RSVP, please visit privacypapersforpolicymakers.eventbrite.com.