Future of Privacy Forum Launches the FPF Center for Artificial Intelligence

The FPF Center for Artificial Intelligence will serve as a catalyst for AI policy and compliance leadership globally, advancing responsible data and AI practices for public and private stakeholders

Today, the Future of Privacy Forum (FPF) launched the FPF Center for Artificial Intelligence, established to better serve policymakers, companies, non-profit organizations, civil society, and academics as they navigate the challenges of AI policy and governance. The Center will expand FPF’s long-standing AI work, introduce large-scale novel research projects, and serve as a source for trusted, nuanced, nonpartisan, and practical expertise. 

FPF’s Center work will be international as AI continues to deploy globally and rapidly. Cities, states, countries, and international bodies are already grappling with implementing laws and policies to manage the risks.“Data, privacy, and AI are intrinsically interconnected issues that we have been working on at FPF for more than 15 years, and we remain dedicated to collaborating across the public and private sectors to promote their ethical, responsible, and human-centered use,” said Jules Polonetsky, FPF’s Chief Executive Officer. “But we have reached a tipping point in the development of the technology that will affect future generations for decades to come. At FPF, the word Forum is a core part of our identity. We are a trusted convener positioned to build bridges between stakeholders globally, and we will continue to do so under the new Center for AI, which will sit within FPF.”

The Center will help the organization’s 220+ members navigate AI through the development of best practices, research, legislative tracking, thought leadership, and public-facing resources. It will be a trusted evidence-based source of information for policymakers, and it will collaborate with academia and civil society to amplify relevant research and resources. 

“Although AI is not new, we have reached an unprecedented moment in the development of the technology that marks a true inflection point. The complexity, speed and scale of data processing that we are seeing in AI systems can be used to improve people’s lives and spur a potential leapfrogging of societal development, but with that increased capability comes associated risks to individuals and to institutions,” said Anne J. Flanagan, Vice President for Artificial Intelligence at FPF. “The FPF Center for AI will act as a collaborative force for shared knowledge between stakeholders to support the responsible development of AI, including its fair, safe, and equitable use.”

The Center will officially launch at FPF’s inaugural summit DC Privacy Forum: AI Forward. The in-person and public-facing summit will feature high-profile representatives from the public and private sectors in the world of privacy, data and AI. 

FPF’s new Center for Artificial Intelligence will be supported by a Leadership Council of leading experts from around the globe. The Council will consist of members from industry, academia, civil society, and current and former policymakers. 

See the full list of founding FPF Center for AI Leadership Council members here.

I am excited about the launch of the Future of Privacy Forum’s new Center for Artificial Intelligence and honored to be part of its leadership council. This announcement builds on many years of partnership and collaboration between Workday and FPF to develop privacy best practices and advance responsible AI, which has already generated meaningful outcomes, including last year’s launch of best practices to foster trust in this technology in the workplace.  I look forward to working alongside fellow members of the Council to support the Center’s mission to build trust in AI and am hopeful that together we can map a path forward to fully harness the power of this technology to unlock human potential.

Barbara Cosgrove, Vice President, Chief Privacy Officer, Workday

I’m honored to be a founding member of the Leadership Council of the Future of Privacy Forum’s new Center for Artificial Intelligence. AI’s impact transcends borders, and I’m excited to collaborate with a diverse group of experts around the world to inform companies, civil society, policymakers, and academics as they navigate the challenges and opportunities of AI governance, policy, and existing data protection regulations.

Dr. Gianclaudio Malgieri, Associate Professor of Law & Technology at eLaw, University of Leiden

“As we enter this era of AI, we must require the right balance between allowing innovation to flourish and keeping enterprises accountable for the technologies they create and put on the market. IBM believes it will be crucial that organizations such as the Future of Privacy Forum help advance responsible data and AI policies, and we are proud to join others in industry and academia as part of the Leadership Council.”

• Christina Montgomery, Chief Privacy & Trust Officer, AI Ethics Board Chair, IBM

Learn more about the FPF Center for AI here.

About Future of Privacy Forum (FPF)

The Future of Privacy Forum (FPF) is a global non-profit organization that brings together academics, civil society, government officials, and industry to evaluate the societal, policy, and legal implications of data use, identify the risks, and develop appropriate protections. 

FPF believes technology and data can benefit society and improve lives if the right laws, policies, and rules are in place. FPF has offices in Washington D.C., Brussels, Singapore, and Tel Aviv. Learn more at fpf.org.

FPF Develops Checklist & Guide to Help Schools Vet AI Tools for Legal Compliance

FPF’s Youth and Education team has developed a checklist and accompanying policy brief to help schools vet generative AI tools for compliance with student privacy laws. Vetting Generative AI Tools for Use in Schools is a crucial resource as the use of generative AI tools continues to increase in educational settings. It’s critical for school leaders to understand how existing federal and state student privacy laws, such as the Family Educational Rights and Privacy Act (FERPA) apply to the complexities of machine learning systems to protect student privacy. With these resources, FPF aims to provide much-needed clarity and guidance to educational institutions grappling with these issues.

Click here to access the checklist and policy brief.

“AI technology holds immense promise in enhancing educational experiences for students, but it must be implemented responsibly and ethically,” said David Sallay, the Director for Youth & Education Privacy at the Future of Privacy Forum. “With our new checklist, we aim to empower educators and administrators with the knowledge and tools necessary to make informed decisions when selecting generative AI tools for classroom use while safeguarding student privacy.”

The checklist, designed specifically for K -12 schools, outlines key considerations when incorporating generative AI into a school or district’s edtech vetting checklist. 

These include: 

• assessing the requirements for vetting all edtech;
• describing the specific use cases;
• preparing to address transparency and explainability; and 
• determining if student PII will be used to train the large language model (LLM). 
  

By prioritizing these steps, educational institutions can promote transparency and protect student privacy while maximizing the benefits of technology-driven learning experiences for students. 

The in-depth policy brief outlines the relevant laws and policies a school should consider, the unique compliance considerations of generative AI tools (including data collection, transparency and explainability, product improvement, and high-risk decision-making), and their most likely use cases (student, teacher, and institution-focused).

The brief also encourages schools and districts to update their existing edtech vetting policies to address the unique considerations of AI technologies (or to create a comprehensive policy if one does not already exist) instead of creating a separate vetting process for AI. It also highlights the role that state legislatures can play in ensuring the efficiency of school edtech vetting and oversight and calls on vendors to be proactively transparent with schools about their use of AI.

Check out the LinkedIn Live with CEO Jules Polonetsky and Youth & Education Director David Sallay about the Checklist and Policy Brief.

To read more of the Future of Privacy Forum’s youth and student privacy resources, visit www.StudentPrivacyCompass.org. 

FPF Releases “The Playbook: Data Sharing for Research” Report and Infographic

Today, the Future of Privacy Forum (FPF) published “The Playbook: Data Sharing for Research,” a report on best practices for instituting research data-sharing programs between corporations and research institutions. FPF also developed a summary of recommendations from the full report.

Facilitating data sharing for research purposes between corporate data holders and academia can unlock new scientific insights and drive progress in public health, education, social science, and a myriad of other fields for the betterment of the broader society. Academic researchers use this data to consider consumer, commercial, and scientific questions at a scale they cannot reach using conventional research data-gathering techniques alone. This data also helped researchers answer questions on topics ranging from bias in targeted advertising and the influence of misinformation on election outcomes to early diagnosis of diseases through data collected by fitness and health apps.

The playbook addresses vital steps for data management, sharing, and program execution between companies and researchers. Creating a data-sharing ecosystem that positively advances scientific research requires a better understanding of the established risks, opportunities to address challenges, and the diverse stakeholders involved in data-sharing decisions. This report aims to encourage safe, responsible data-sharing between industries and researchers.

“Corporate data sharing connects companies with research institutions, by extension increasing the quantity and quality of research for social good,” said Shea Swauger, Senior Researcher for Data Sharing and Ethics. “This Playbook showcases the importance, and advantages, of having appropriate protocols in place to create safe and simple data sharing processes.”

In addition to the Playbook, FPF created a companion infographic summarizing the benefits, challenges, and opportunities of data sharing for research outlined in the larger report.

As a longtime advocate for facilitating the privacy-protective sharing of data by industry to the research community, FPF is proud to have created this set of best practices for researchers, institutions, policymakers, and data-holding companies. In addition to the Playbook, the Future of Privacy Forum has also opened nominations for its annual Award for Research Data Stewardship.

“Our goal with these initiatives is to celebrate the successful research partnerships transforming how corporations and researchers interact with each other,” Swauger said. “Hopefully, we can continue to engage more audiences and encourage others to model their own programs with solid privacy safeguards.”

Shea Swauger, Senior Researcher for Data Sharing and Ethics, Future of privacy Forum

Established by FPF in 2020 with support from The Alfred P. Sloan Foundation, the Award for Research Data Stewardship recognizes excellence in the privacy-protective stewardship of corporate data shared with academic researchers. The call for nominations is open and closes on Tuesday, January 17, 2023. To submit a nomination, visit the FPF site.

FPF has also launched a newly formed Ethics and Data in Research Working Group; this group receives late-breaking analyses of emerging US legislation affecting research and data, meets to discuss the ethical and technological challenges of conducting research, and collaborates to create best practices to protect privacy, decrease risk, and increase data sharing for research, partnerships, and infrastructure. Learn more and join here. 

FPF Testifies Before House Subcommittee on Energy and Commerce, Supporting Congress’s Efforts on the “American Data Privacy and Protection Act” 

This week, FPF’s Senior Policy Counsel Bertram Lee testified before the U.S. House Energy and Commerce Subcommittee on Consumer Protection and Commerce hearing, “Protecting America’s Consumers: Bipartisan Legislation to Strengthen Data Privacy and Security” regarding the bipartisan, bicameral privacy discussion draft bill, “American Data Privacy and Protection Act” (ADPPA). FPF has a history of supporting the passage of a comprehensive federal consumer privacy law, which would provide businesses and consumers alike with the benefit of clear national standards and protections.

Lee’s testimony opened by applauding the Committee on its efforts towards comprehensive federal privacy legislation and emphasized the “time is now” for its passage. As it is written, the ADPPA would address gaps in the sectoral approach to consumer privacy, establish strong national civil rights protections, and establish new rights and safeguards for the protection of sensitive personal information. 

“The ADPPA is more comprehensive in scope, inclusive of civil rights protections, and provides individuals with more varied enforcement mechanisms in comparison to some states’ current privacy regimes,” Lee said in his testimony. “It also includes corporate accountability mechanisms, such as the requiring privacy designations, data security offices, and executive certifications showing compliance, which is missing from current states’ laws. Notably, the ADPPA also requires ‘short-form’ privacy notices to aid consumers of how their data will be used by companies and their rights — a provision that is not found in any state law.” 

Lee’s testimony also provided four recommendations to strengthen the bill, which include: 

• Additional funding and resources for the FTC; 
• Developing a more iterative process to ensure that the bill can keep up with evolving technologies; 
• Clarifying the intersection of ADPPA with other federal privacy laws (COPPA, FERPA, HIPAA, etc.); and 
• Establishing clear definitions and distinctions between different types of covered entities, including service providers.

Many of the recommendations would ensure that the legislation gives individuals meaningful privacy rights and places clear obligations on businesses and other organizations that collect, use and share personal data. The legislation would expand civil rights protections for individuals and communities harmed by algorithmic discrimination as well as require algorithmic assessments and evaluations to better understand how these technologies can impact communities. 

The submitted testimony and a video of the hearing can be found on the House Committee on Energy & Commerce site.

Reading the Signs: the Political Agreement on the New Transatlantic Data Privacy Framework

The President of the United States, Joe Biden, and the President of the European Commission, Ursula von der Leyen, announced last Friday, in Brussels, a political agreement on a new Transatlantic framework to replace the Privacy Shield. 

This is a significant escalation of the topic within Transatlantic affairs, compared to the 2016 announcement of a new deal to replace the Safe Harbor framework. Back then, it was Commission Vice-President Andrus Ansip and Commissioner Vera Jourova who announced at the beginning of February 2016 that a deal had been reached. 

The draft adequacy decision was only published a month after the announcement, and the adequacy decision was adopted 6 months later, in July 2016. Therefore, it should not be at all surprising if another 6 months (or more!) pass before the adequacy decision for the new Framework will produce legal effects and actually be able to support transfers from the EU to the US. Especially since the US side still has to pass at least one Executive Order to provide for the agreed-upon new safeguards.

This means that transfers of personal data from the EU to the US may still be blocked in the following months – possibly without a lawful alternative to continue them – as a consequence of Data Protection Authorities (DPAs) enforcing Chapter V of the General Data Protection Regulation in the light of the Schrems II judgment of the Court of Justice of the EU, either as part of the 101 noyb complaints submitted in August 2020 and slowly starting to be solved, or as part of other individual complaints/court cases. 

• If you are curious about what the legal process will look like both on the US and EU sides after the agreement “in principle”, check out this blog post by Laila Abdelaziz of the “Privacy across borders project” at American University. 

After the agreement “in principle” was announced at the highest possible political level, EU Justice Commissioner Didier Reynders doubled down on the point that this agreement is reached “on the principles” for a new framework, rather than on the details of it. Later on he also gave credit to Commerce Secretary Gina Raimondo and US Attorney General Merrick Garland for their hands-on involvement in working towards this agreement. 

In fact, “in principle” became the leitmotif of the announcement, as the first EU Data Protection Authority to react to the announcement was the European Data Protection Supervisor, who wrote that he “Welcomes, in principle”, the announcement of a new EU-US transfers deal – “The details of the new agreement remain to be seen. However, EDPS stresses that a new framework for transatlantic data flows must be sustainable in light of requirements identified by the Court of Justice of the EU”.

Of note, there is no catchy name for the new transfers agreement, which was referred to as the “Trans-Atlantic Data Privacy Framework”. Nonetheless, FPF’s CEO Jules Polonetsky submits the “TA DA!” Agreement, and he has my vote. For his full statement on the political agreement being reached, see our release here.

Some details of the “principles” agreed on were published hours after the announcement, both by the White House and by the European Commission. Below are a couple of things that caught my attention from the two brief Factsheets.

The US has committed to “implement new safeguards” to ensure that SIGINT activities are “necessary and proportionate” (an EU law legal measure – see Article 52 of the EU Charter on how the exercise of fundamental rights can be limited) in the pursuit of defined national security objectives. Therefore, the new agreement is expected to address the lack of safeguards for government access to personal data as specifically outlined by the CJEU in the Schrems II judgment.

The US also committed to creating a “new mechanism for the EU individuals to seek redress if they believe they are unlawfully targeted by signals intelligence activities”. This new mechanism was characterized by the White House as having “independent and binding authority”. Per the White House, this redress mechanism includes “a new multi-layer redress mechanism that includes an independent Data Protection Review Court that would consist of individuals chosen from outside the US Government who would have full authority to adjudicate claims and direct remedial measures as needed”. The EU Commission mentioned in its own Factsheet that this would be a “two-tier redress system”. 

Importantly, the White House mentioned in the Factsheet that oversight of intelligence activities will also be boosted – “intelligence agencies will adopt procedures to ensure effective oversight of new privacy and civil liberties standards”. Oversight and redress are different issues and are both equally important – for details, see this piece by Christopher Docksey. However, they tend to be thought of as being one and the same. Being addressed separately in this announcement is significant.

One of the remarkable things about the White House announcement is that it includes several EU law-specific concepts: “necessary and proportionate”, “privacy, data protection” mentioned separately, “legal basis” for data flows. In another nod to the European approach to data protection, the entire issue of ensuring safeguards for data flows is framed as more than a trade or commerce issue – with references to a “shared commitment to privacy, data protection, the rule of law, and our collective security as well as our mutual recognition of the importance of trans-Atlantic data flows to our respective citizens, economies, and societies”.

Last, but not least, Europeans have always framed their concerns related to surveillance and data protection as being fundamental rights concerns. The US also gives a nod to this approach, by referring a couple of times to “privacy and civil liberties” safeguards (adding thus the “civil liberties” dimension) that will be “strengthened”. All of these are positive signs for a “rapprochement” of the two legal systems and are certainly an improvement to the “commerce” focused approach of the past on the US side. 

Lastly, it should also be noted that the new framework will continue to be a self-certification scheme managed by the US Department of Commerce.  

What does all of this mean in practice? As the White House details, this means that the Biden Administration will have to adopt (at least) an Executive Order (EO) that includes all these commitments and on the basis of which the European Commission will draft an adequacy decision.

Thus, there are great expectations in sight following the White House and European Commission Factsheets, and the entire privacy and data protection community is waiting to see further details.

In the meantime, I’ll leave you with an observation made by my colleague, Amie Stepanovich, VP for US Policy at FPF, who highlighted that Section 702 of the FISA Act is set to expire on December 31, 2023. This presents Congress with an opportunity to act, building on such an extensive amount of work done by the US Government in the context of the Transatlantic Data Transfers debate.

Privacy Best Practices for Rideshare Drivers Using Dashcams

FPF & Uber Publish Guide Highlighting Privacy Best Practices for Drivers who Record Video and Audio on Rideshare Journeys

FPF and Uber have created a guide for US-based rideshare drivers who install “dashcams” – video cameras mounted on a vehicle’s dashboard or windshield. Many drivers install dashcams to improve safety, security, and accountability; the cameras can capture crashes or other safety-related incidents outside and inside cars. Dashcam footage can be helpful to drivers, passengers, insurance companies, and others when adjudicating legal claims. At the same time, dashcams can pose substantial privacy risks if appropriate safeguards are not in place to limit the collection, use, and disclosure of personal data. 

Dashcams typically record video outside a vehicle. Many dashcams also record in-vehicle audio and some record in-vehicle video. Regardless of the particular device used, ride-hail drivers who use dashcams must comply with applicable audio and video recording laws.

The guide explains relevant laws and provides practical tips to help drivers be transparent, limit data use and sharing, retain video and audio-only for practical purposes, and use strict security controls. The guide highlights ways that drivers can employ physical signs, in-app notices, and other means to ensure passengers are informed about dashcam use and can make meaningful choices about whether to travel in a dashcam-equipped vehicle. Drivers seeking advice concerning specific legal obligations or incidents should consult legal counsel.

Privacy best practices for dashcams include: 

1. Give individuals notice that they are being recorded
   • Place recording notices inside and on the vehicle.
   • Mount the dashcam in a visible location.
   • Consider, in some situations, giving an oral notification that recording is taking place.
   • Determine whether the ride sharing service provides recording notifications in the app, and utilize those in-app notices.
     
2. Only record audio and video for defined, reasonable purposes
   • Only keep recordings for as long as needed for the original purpose.
   • Inform passengers as to why video and/or audio is being recorded.
     
3. Limit sharing and use of recorded footage
   • Only share video and audio with third parties for relevant reasons that align with the original reason for recording.
   • Thoroughly review the rideshare service’s privacy policy and community guidelines if using an app-based rideshare service, and be aware that many rideshare companies maintain policies against widely disseminating recordings.
     
4. Safeguard and encrypt recordings and delete unused footage
   • Identify dashcam vendors that provide the highest privacy and security safeguards.
   • Carefully read the terms and conditions when buying dashcams to understand the data flows.

Uber will be making these best practices available to drivers in their app and website. 

Many ride-hail drivers use dashcams in their cars, and the guidance and best practices published today provide practical guidance to help drivers implement privacy protections. But driver guidance is only one aspect of ensuring individuals’ privacy and security when traveling. Dashcam manufacturers must implement privacy-protective practices by default and provide easy-to-use privacy options. At the same time, ride-hail platforms must provide drivers with the appropriate tools to notify riders, and carmakers must safeguard drivers’ and passengers’ data collected by OEM devices.

In addition, dashcams are only one example of increasingly sophisticated sensors appearing in passenger vehicles as part of driver monitoring systems and related technologies. Further work is needed to apply comprehensive privacy safeguards to emerging technologies across the connected vehicle sector, from carmakers and rideshare services to mobility services providers and platforms. Comprehensive federal privacy legislation would be a good start. And in the absence of Congressional action, FPF is doing further work to identify key privacy risks and mitigation strategies for the broader class of driver monitoring systems that raise questions about technologies beyond the scope of this dashcam guide.

12th Annual Privacy Papers for Policymakers Awardees Explore the Nature of Privacy Rights & Harms

The winners of the 12^th annual Future of Privacy (FPF) Privacy Papers for Policymakers Award ask big questions about what should be the foundational elements of data privacy and protection and who will make key decisions about the application of privacy rights. Their scholarship will inform policy discussions around the world about privacy harms, corporate responsibilities, oversight of algorithms, and biometric data, among other topics.

“Policymakers and regulators in many countries are working to advance data protection laws, often seeking in particular to combat discrimination and unfairness,” said FPF CEO Jules Polonetsky. “FPF is proud to highlight independent researchers tackling big questions about how individuals and society relate to technology and data.”

This year’s papers also explore smartphone platforms as privacy regulators, the concept of data loyalty, and global privacy regulation. The award recognizes leading privacy scholarship that is relevant to policymakers in the U.S. Congress, at U.S. federal agencies, and among international data protection authorities. The winning papers will be presented at a virtual event on February 10, 2022. 

The winners of the 2022 Privacy Papers for Policymakers Award are:

• Privacy Harms, by Danielle Keats Citron, University of Virginia School of Law; and Daniel J. Solove, George Washington University Law School
  • This paper looks at how courts define harm in cases involving privacy violations and how the requirement of proof of harm impedes the enforcement of privacy law due to the dispersed and minor effects that most privacy violations have on individuals. However, when these minor effects are suffered at a vast scale, individuals, groups, and society can feel significant harm. This paper offers language for courts to refer to when litigating privacy cases and provides advice as to when privacy harm should be considered in a lawsuit.

• The Flaws of Policies Requiring Human Oversight of Government Algorithms, by Ben Green, University of Michigan at Ann Arbor, Gerald Ford School of Public Policy, Harvard University, Berkman Klein Center for Internet & Society
  • In this paper, Green analyzes the use of human oversight of government algorithmic decisions. From this analysis, he concludes that humans are unable to perform the desired oversight responsibilities, and that by continuing to use human oversight as a check on these algorithms, the government legitimizes the use of these faulty algorithms without addressing the associated issues. The paper offers a more stringent approach to determining whether an algorithm should be incorporated into a certain government decision, which includes critically considering the need for the algorithm and evaluating whether people are capable of effectively overseeing the algorithm.

• The Surprising Virtues of Data Loyalty, by Woodrow Hartzog, Northeastern University School of Law and Khoury College of Computer Sciences, Stanford Law School Center for Internet and Society; and Neil M. Richards, Washington University School of Law, Yale Information Society Project, Stanford Center for Internet and Society
  • The data loyalty responsibilities for companies that process human information are now being seriously considered in both the U.S. and Europe. This paper analyzes criticisms of data loyalty that argue that such duties are unnecessary, concluding that data loyalty represents a relational approach to data that allows us to deal substantively with the problem of platforms and human information at both systemic and individual levels. The paper argues that the concept of data loyalty has some surprising virtues, including checking power and limiting systemic abuse by data collectors.

• Smartphone Platforms as Privacy Regulators, by Joris van Hoboken, Vrije Universiteit Brussels, Institute for Information Law, University of Amsterdam; and Ronan Ó Fathaigh, Institute for Information Law, University of Amsterdam
  • In this paper, the authors look at the role of online platforms and their impact on data privacy in today’s digital economy. The paper first distinguishes the different roles that platforms can have in protecting privacy in online ecosystems, including governing access to data, design of relevant interfaces, and policing the behavior of the platform’s users. The authors then provide an argument as to what platforms’ role should be in legal frameworks. They advocate for a compromise between direct regulation of platforms and mere self-regulation, arguing that platforms should be required to make official disclosures about their privacy-related policies and practices for their respective ecosystems.

• Comparison of Various Compliance Points of Data Protection Laws in Ten Countries/Regions, by Jie Wang, W&W International Legal Team, Kinding Partners
  • China enacted the first codified personal information protection law in China in late 2021, the Personal Information Protection Law (PIPL). In this paper, Wang compares China’s PIPL with data protection laws in nine regions to assist overseas Internet companies and personnel who deal with personal information in better understanding the similarities and differences in data protection and compliance between each country and region.

• “Did you know this camera tracks your mood?”: Understanding Privacy Expectations and Preferences in the Age of Video Analytics, by Shikun Zhang, Carnegie Mellon University; Yuanyuan Feng, University of Vermont; Lujo Bauer, Carnegie Mellon University; Lorrie Faith Cranor, Carnegie Mellon University; Anupam Das, North Carolina State University; and Norman Sadeh, Carnegie Mellon University
  • Cameras are everywhere, and with the innovation of video analytics, there are questions being raised about how individuals should be notified that they are being recorded. This paper studied 123 individuals’ sentiments across 2,328 video analytics deployments scenarios to inform their conclusion. In their conclusion, the researchers advocate for the development of interfaces that simplify the task of managing notices and configuring controls, which would allow individuals to communicate their opt-in/opt-out preference to video analytics operators.

From the record number of nominated papers submitted this year, these six papers were selected by a diverse team of academics, advocates, and industry privacy professionals from FPF’s Advisory Board. The winning papers were selected based on the research and solutions that are relevant for policymakers and regulators in the U.S. and abroad.

In addition to the winning papers, FPF has selected two papers for Honorable Mention: Verification Dilemmas and the Promise of Zero-Knowledge Proofs by Kenneth Bamberger, University of California, Berkeley – School of Law; Ran Canetti, Boston University, Department of Computer Science, Boston University, Faculty of Computing and Data Science, Boston University, Center for Reliable Information Systems and Cybersecurity; Shafi Goldwasser, University of California, Berkeley – Simons Institute for the Theory of Computing; Rebecca Wexler, University of California, Berkeley – School of Law; and Evan Zimmerman, University of California, Berkeley – School of Law; and A Taxonomy of Police Technology’s Racial Inequity Problems by Laura Moy, Georgetown University Law Center.

FPF also selected a paper for the Student Paper Award, A Fait Accompli? An Empirical Study into the Absence of Consent to Third Party Tracking in Android Apps by Konrad Kollnig and Reuben Binns, University of Oxford; Pierre Dewitte, KU Leuven; Max van Kleek, Ge Wang, Daniel Omeiza, Helena Webb, and Nigel Shadbolt, University of Oxford. The Student Paper Award Honorable Mention was awarded to Yeji Kim, University of California, Berkeley – School of Law, for her paper, Virtual Reality Data and Its Privacy Regulatory Challenges: A Call to Move Beyond Text-Based Informed Consent.

The winning authors will join FPF staff to present their work at a virtual event with policymakers from around the world, academics, and industry privacy professionals. The event will be held on February 10, 2022, from 1:00 – 3:00 PM EST. The event is free and open to the general public. To register for the event, visit https://bit.ly/3qmJdL2.

Organizations must lead with privacy and ethics when researching and implementing neurotechnology: FPF and IBM Live event and report release

A New FPF and IBM Report and Live Event Explores Questions About Transparency, Consent, Security, and Accuracy of Data

The Future of Privacy Forum (FPF) and the IBM Policy Lab released recommendations for promoting privacy and mitigating risks associated with neurotechnology, specifically with brain-computer interface (BCI). The new report provides developers and policymakers with actionable ways this technology can be implemented while protecting the privacy and rights of its users.

“We have a prime opportunity now to implement strong privacy and human rights protections as brain-computer interfaces become more widely used,” said Jeremy Greenberg, Policy Counsel at the Future of Privacy Forum. “Among other uses, these technologies have tremendous potential to treat people with diseases and conditions like epilepsy or paralysis and make it easier for people with disabilities to communicate, but these benefits can only be fully realized if meaningful privacy and ethical safeguards are in place.”

Brain-computer interfaces are computer-based systems that are capable of directly recording, processing, analyzing, or modulating human brain activity. The sensitivity of data that BCIs collect and the capabilities of the technology raise concerns over consent, as well as the transparency, security, and accuracy of the data. The report offers a number of policy and technical solutions to mitigate the risks of BCIs and highlights their positive uses.

“Emerging innovations like neurotechnology hold great promise to transform healthcare, education, transportation, and more, but they need the right guardrails in place to protect individuals’ privacy,” said IBM Chief Privacy Officer Christina Montgomery. “Working together with the Future of Privacy Forum, the IBM Policy Lab is pleased to release a new framework to help policymakers and businesses navigate the future of neurotechnology while safeguarding human rights.”

FPF and IBM have outlined several key policy recommendations to mitigate the privacy risks associated with BCIs, including:

• Rethinking transparency, notice, terms of use, and consent frameworks to empower people around uses of their neurodata;
• Ensuring that BCI devices are not allowed for uses to influence decisions about individuals that have legal effects, livelihood effects, or similar significant impacts—such as assessing the truthfulness of statements in legal proceedings; inferring thoughts, emotions or psychological state, or personality attributes as part of hiring or school admissions decisions; or assessing individuals’ eligibility for legal benefits;
• Promoting an open and inclusive research ecosystem by encouraging the adoption of open standards for the collection and analysis of neurodata and the sharing of research data with appropriate safeguards in place.
• Policymakers and other BCI stakeholders should carefully evaluate how existing policy frameworks apply to neurotechnologies and identify potential areas where existing laws and regulations may be insufficient for the unique risks of neurotechnologies.

FPF and IBM have also included several technical recommendations for BCI devices, including:

• Providing hard on/off controls for users;
• Allowing users to manage the collection, use, and sharing of personal neurodata on devices and in companion apps;
• Offering heightened transparency and control for BCIs that send signals to the brain, rather than merely receive neurodata;
• Utilizing best practices for privacy and security to store and process neurodata and use privacy enhancing technologies where appropriate; and
• Encrypting sensitive personal neurodata in transit and at rest.

FPF-curated educational resources, policy & regulatory documents, academic papers, thought pieces, and technical analyses regarding brain-computer interfaces are available here.

Read FPF’s four-part series on Brain-Computer Interfaces (BCIs), providing an overview of the technology, use cases, privacy risks, and proposed recommendations for promoting privacy and mitigating risks associated with BCIs.

FPF Launches Asia-Pacific Region Office, Global Data Protection Expert Clarisse Girot Leads Team

The Future of Privacy Forum (FPF) has appointed Clarisse Girot, PhD, LLM, an expert on Asian and European privacy legislation, to lead its new FPF Asia-Pacific office based in Singapore as Director. This new office expands FPF’s international reach in Asia and complements FPF’s offices in the U.S., Europe, and Israel, as well as partnerships around the globe.
 
Dr. Clarisse Girot is a privacy professional with over twenty years of experience in the privacy and data protection fields. Since 2017, Clarisse has been leading the Asian Business Law Institute’s (ABLI) Data Privacy Project, focusing on the regulations on cross-border data transfers in 14 Asian jurisdictions. Prior to her time at ABLI, Clarisse served as the Counsellor to the President of the French Data Protection Authority (CNIL) and Chair of the Article 29 Working Party. She previously served as head of CNIL’s Department of European and International Affairs, where she sat on the Article 29 Working Party, the group of EU Data Protection Authorities, and was involved in major international cases in data protection and privacy.
 
“Clarisse is joining FPF at an important time for data protection in the Asia-Pacific region. The two most populous countries in the world, India, and China, are introducing general privacy laws, and established data protection jurisdictions, like Singapore, Japan, South Korea, and New Zealand, have recently updated their laws,” said FPF CEO Jules Polonetsky. “Her extensive knowledge of privacy law will provide vital insights for those interested in compliance with regional privacy frameworks and their evolution over time.”
 
FPF Asia-Pacific will focus on several priorities by the end of the year including hosting an event at this year’s Singapore Data Protection Week. The office will provide expertise in digital data flows and discuss emerging data protection issues in a way that is useful for regulators, policymakers, and legal professionals. Rajah & Tann Singapore LLP is supporting the work of the FPF Asia-Pacific office.
 
“The FPF global team will greatly benefit from the addition of Clarisse. She will advise FPF staff, advisory board members, and the public on the most significant privacy developments in the Asia-Pacific region, including data protection bills and cross-border data flows,” said Gabriela Zanfir-Fortuna, Director for Global Privacy at FPF. “Her past experience in both Asia and Europe gives her a unique ability to confront the most complex issues dealing with cross-border data protection.”
 
As over 140 countries have now enacted a privacy or data protection law, FPF continues to expand its international presence to help data protection experts grapple with the challenges of ensuring responsible uses of data. Following the appointment of Malavika Raghavan as Senior Fellow for India in 2020, the launch of the FPF Asia-Pacific office further expands FPF’s international reach.
 
Dr. Gabriela Zanfir-Fortuna leads FPF’s international efforts and works on global privacy developments and European data protection law and policy. The FPF Europe office is led by Dr. Rob van Eijk, who prior to joining FPF worked at the Dutch Data Protection Authority as Senior Supervision Officer and Technologist for nearly ten years. FPF has created thriving partnerships with leading privacy research organizations in the European Union, such as Dublin City University and the Brussels Privacy Hub of the Vrije Universiteit Brussel (VUB). FPF continues to serve as a leading voice in Europe on issues of international data flows, the ethics of AI, and emerging privacy issues. FPF Europe recently published a report comparing the regulatory strategy for 2021-2022 of 15 Data Protection Authorities to provide insights into the future of enforcement and regulatory action in the EU.
 
Outside of Europe, FPF has launched a variety of projects to advance tech policy leadership and scholarship in regions around the world, including Israel and Latin America. The work of the Israel Tech Policy Institute (ITPI), led by Managing Director Limor Shmerling Magazanik, includes publishing a report on AI Ethics in Government Services and organizing an OECD workshop with the Israeli Ministry of Health on access to health data for research.
 
In Latin America, FPF has partnered with the leading research association Data Privacy Brasil, provided in-depth analysis on Brazil’s LGPD privacy legislation and various data privacy cases decided in the Brazilian Supreme Court. FPF recently organized a panel during the CPDP LatAm Conference which explored the state of Latin American data protection laws alongside experts from Uber, the University of Brasilia, and the Interamerican Institute of Human Rights.
 

Read Dr. Girot’s Q&A on the FPF blog. Stay updated: Sign up for FPF Asia-Pacific email alerts.
 

FPF and Leading Health & Equity Organizations Issue Principles for Privacy & Equity in Digital Contact Tracing Technologies

With support from the Robert Wood Johnson Foundation, FPF engaged leaders within the privacy and equity communities to develop actionable guiding principles and a framework to help bolster the responsible implementation of digital contact tracing technologies (DCTT). Today, seven privacy, civil rights, and health equity organizations signed on to these guiding principles for organizations implementing DCTT.

“We learned early in our Privacy and Pandemics initiative that unresolved ethical, legal, social, and equity issues may challenge the responsible implementation of digital contact tracing technologies,” said Jules Polonetsky, CEO of the Future of Privacy Forum. “So we engaged leaders within the civil rights, health equity, and privacy communities to create a set of actionable principles to help guide organizations implementing digital contact tracing that respects individual rights.”

Contact tracing has long been used to monitor the spread of various infectious diseases. In light of COVID-19, governments and companies began deploying digital exposure notification using Bluetooth and geolocation data on mobile devices to boost contact tracing efforts and quickly identify individuals who may have been exposed to the virus. However, as DCTT begins to play an important role in public health, it is important to take necessary steps to ensure equity in access to DCTT and understand the societal risks and tradeoffs that might accompany its implementation today and in the future. Governance efforts that seek to better understand these risks will be better able to bolster public trust in DCTT technologies. 

“LGBT Tech is proud to have participated in the development of the Principles and Framework alongside FPF and other organizations. We are heartened to see that the focus of these principles is on historically underserved and under-resourced communities everywhere, like the LGBTQ+ community. We believe the Principles and Framework will help ensure that the needs and vulnerabilities of these populations are at the forefront during today’s pandemic and future pandemics.”

Carlos Gutierrez, Deputy Director, and General Counsel, LGBT Tech

“If we establish practices that protect individual privacy and equity, digital contact tracing technologies could play a pivotal role in tracking infectious diseases,” said Dr. Rachele Hendricks-Sturrup, Research Director at the Duke-Margolis Center for Health Policy. “These principles allow organizations implementing digital contact tracing to take ethical and responsible approaches to how their technology collects, tracks, and shares personal information.”

FPF, together with Dialogue on Diversity, the National Alliance Against Disparities in Patient Health (NADPH), BrightHive, and LGBT Tech, developed the principles, which advise organizations implementing DCTT to commit to the following actions:

Additional supporters of these principles include the Center for Democracy and Technology and Human Rights First.

To learn more and sign on to the DCTT Principles visit fpf.org/DCTT.

Support for this program was provided by the Robert Wood Johnson Foundation. The views expressed here do not necessarily reflect the views of the Foundation.

Navigating Preemption through the Lens of Existing State Privacy Laws

This post is the second of two posts on federal preemption and enforcement in United States federal privacy legislation. See Preemption in US Privacy Laws (June 14, 2021).

In drafting a federal baseline privacy law in the United States, lawmakers must decide to what extent the law will override state and local privacy laws. In a previous post, we discussed a survey of 12 existing federal privacy laws passed between 1968-2003, and the extent to which they are preemptive of similar state laws. 

Another way to approach the same question, however, is to examine the hundreds of existing state privacy laws currently on the books in the United States. Conversations around federal preemption inevitably focus on comprehensive laws like the California Consumer Privacy Act, or the Virginia Consumer Data Protection Act — but there are hundreds of other state privacy laws on the books that regulate commercial and government uses of data. 

In reviewing existing state laws, we find that they can be categorized usefully into: laws that complement heavily regulated sectors (such as health and finance); laws of general applicability; common law; laws governing state government activities (such as schools and law enforcement); comprehensive laws; longstanding or narrowly applicable privacy laws; and emerging sectoral laws (such as biometrics or drones regulations). As a resource, we recommend: Robert Ellis Smith, Compilation of State and Federal Privacy Laws (last supplemented in 2018). 

1. Heavily Regulated Sectoral Silos. Most federal proposals for a comprehensive privacy law would not supersede other existing federal laws that contain privacy requirements for businesses, such as the Health Insurance Portability and Accountability Act (HIPAA) or the Gramm-Leach-Bliley Act (GLBA). As a result, a new privacy law should probably not preempt state sectoral laws that: (1) supplement their federal counterparts and (2) were intentionally not preempted by those federal regimes. In many cases, robust compliance regimes have been built around federal and state parallel requirements, creating entrenched privacy expectations, privacy tools, and compliance practices for organizations (“lock in”).

2. Laws of General Applicability. All 50 states have laws barring unfair and deceptive commercial and trade practices (UDAP), as well as generally applicable laws against fraud, unconscionable contracts, and other consumer protections. In cases where violations involve the mis-use of personal information, such claims could be inadvertently preempted by a national privacy law.

3. State Common Law. Privacy claims have been evolving in US common law over the last hundred years, and claims vary from state to state. A federal privacy law might preempt (or not preempt) claims brought under theories of negligence, breach of contract, product liability, invasions of privacy, or other “privacy torts.”
4. State Laws Governing State Government Activities. In general, states retain the right to regulate their own government entities, and a commercial baseline privacy law is unlikely to affect such state privacy laws. These include, for example, state “mini Privacy Acts” applying to state government agencies’ collection of records, state privacy laws applicable to public schools and school districts, and state regulations involving law enforcement — such as government facial recognition bans.

5. Comprehensive or Non-Sectoral State Laws. Lawmakers considering the extent of federal preemption should take extra care to consider the effect on different aspects of omnibus or comprehensive consumer privacy laws, such as the California Consumer Privacy Act (CCPA), the Colorado Privacy Act, and the Virginia Consumer Data Protection Act. In addition, however, there are a number of other state privacy laws that can be considered “non-sectoral” because they apply broadly to businesses that collect or use personal information. These include, for example, CalOPPA (requiring commercial privacy policies), the California “Shine the Light” law (requiring disclosures from companies that share personal information for direct marketing), data breach notification laws, and data disposal laws.

6. Longstanding, Narrowly Applicable State Privacy Laws. Many states have relatively long-standing privacy statutes on the books that govern narrow use cases, such as: state laws governing library records, social media password laws, mugshot laws, anti-paparazzi laws, state laws governing audio surveillance between private parties, and laws governing digital assets of decedents. In many cases, such laws could be expressly preserved or incorporated into a federal law. 

7. Emerging Sectoral and Future-Looking Privacy Laws. New state laws have emerged in recent years in response to novel concerns, including for: biometric data; drones; connected and autonomous vehicles; the Internet of Things; data broker registration; and disclosure of intimate images. This trend is likely to continue, particularly in the absence of a federal law.

Congressional intent is the “ultimate touchstone” of preemption. Lawmakers should consider long-term effects on current and future state laws, including how they will be impacted by a preemption provision, as well as how they might be expressly preserved through a Savings Clause. In order to help build consensus, lawmakers should work with stakeholders and experts in the numerous categories of laws discussed above, to consider how they might be impacted by federal preemption.

ICYMI: Read the first blog in this series PREEMPTION IN US PRIVACY LAWS.

Manipulative Design: Defining Areas of Focus for Consumer Privacy

In consumer privacy, the phrase “dark patterns” is everywhere. Emerging from a wide range of technical and academic literature, it now appears in at least two US privacy laws: the California Privacy Rights Act and the Colorado Privacy Act (which, if signed by the Governor, will come into effect in 2025).

Under both laws, companies will be prohibited from using “dark patterns,” or “user interface[s] designed or manipulated with the substantial effect of subverting or impairing user autonomy, decision‐making, or choice,” to obtain user consent in certain situations–for example, for the collection of sensitive data.

When organizations give individuals choices, some forms of manipulation have long been barred by consumer protection laws, with the Federal Trade Commission and state Attorneys General prohibiting companies from deceiving or coercing consumers into taking actions they did not intend or striking bargains they did not want. But consumer protection law does not typically prohibit organizations from persuading consumers to make a particular choice. And it is often unclear where the lines fall between cajoling, persuading, pressuring, nagging, annoying, or bullying consumers. The California and Colorado laws seek to do more than merely bar deceptive practices; they prohibit design that “subverts or impairs user autonomy.”

What does it mean to subvert user autonomy, if a design does not already run afoul of traditional consumer protections law? Just as in the physical world, the design of digital platforms and services always influences behavior — what to pay attention to, what to read and in what order, how much time to spend, what to buy, and so on. To paraphrase Harry Brignull (credited with coining the term), not everything “annoying” can be a dark pattern. Some examples of dark patterns are both clear and harmful, such as a design that tricks users into making recurring payments, or a service that offers a “free trial” and then makes it difficult or impossible to cancel. In other cases, the presence of “nudging” may be clear, but harms may be less clear, such as in beta-testing what color shades are most effective at encouraging sales. Still others fall in a legal grey area: for example, is it ever appropriate for a company to repeatedly “nag” users to make a choice that benefits the company, with little or no accompanying benefit to the user?

In Fall 2021, Future of Privacy Forum will host a series of workshops with technical, academic, and legal experts to help define clear areas of focus for consumer privacy, and guidance for policymakers and legislators. These workshops will feature experts on manipulative design in at least three contexts of consumer privacy: (1) Youth & Education; (2) Online Advertising and US Law; and (3) GDPR and European Law. 

As lawmakers address this issue, we identify at least four distinct areas of concern:

• Designs that cause concrete physical or financial harms to individuals. In some cases, design choices are implicated in concrete physical or financial harms. This might include, for example, a design that tricks users into making recurring payments, or makes unsubscribing from a free trial or other paid service difficult or impossible, leading to unwanted charges.

• Designs that impact individual autonomy or dignity (but do not necessarily cause concrete physical or financial harm). In many cases, we observe concerns over autonomy and dignity, even where the use of data would not necessarily cause harm. For the same reasons that there is wide agreement that so-called subliminal messaging in advertising is wrong (as well as illegal), there is a growing awareness that disrespect for user autonomy in consumer privacy is objectionable on its face. As a result, in cases where the law requires consent, such as in the European Union for placement of information onto a user’s device, the law ought to provide a remedy for individuals who have been subject to a violation of that consent.

• Designs that persuade, nag, or strongly push users towards a particular outcome, even where it may be possible for users to decline. In many cases, the design of a digital platform or service clearly pushes users towards a particular outcome, even if it is possible (if burdensome) for users to make a different choice. In such cases, we observe a wide spectrum of tactics that may be evaluated differently depending on the viewer and the context. Repeated requests may be considered “nagging” or “persuasion”; one person’s “clever marketing,” taken too far, becomes another person’s “guilt-shaming” or “confirm-shaming.” Ultimately, our preference for defaults (“opt in” versus “opt out”), and within those defaults, our level of tolerance for “nudging,” may be driven by the social benefits or values attached to the choice itself.

• Designs that exploit biases, vulnerabilities, or heuristics in ways that implicate broader societal harms or values. Finally, we observe that the collection and use of personal information does not always solely impact individual decision-making. Often, the design of online platforms can influence groups in ways that impact societal values, such as the values of privacy, avoidance of “tech addiction,” free speech, the availability of data from or about marginalized groups, or the proliferation of unfair price discrimination or other market manipulation. Understanding how design choices may influence society, even if individuals are minimally impacted, may require examining the issues differently.

This week at the first edition of the annual Dublin Privacy Symposium, FPF will join other experts to discuss principles for transparency and trust. The design of user interfaces for digital products and services pervades modern life and directly impacts the choices people make with respect to sharing their personal information. 

India’s new Intermediary & Digital Media Rules: Expanding the Boundaries of Executive Power in Digital Regulation

Author: Malavika Raghavan

India’s new rules on intermediary liability and regulation of publishers of digital content have generated significant debate since their release in February 2021. The Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (the Rules) have:

• recast the conditions to obtain ‘safe harbour’ from liability for online intermediaries, and 
• unveiled an extensive regulatory regime for a newly defined category of online ‘publishers’, which includes digital news media and Over-The-Top (OTT) services.

The majority of these provisions were unanticipated, resulting in a raft of petitions filed in High Courts across the country challenging the validity of the various aspects of the Rules, including with regard to their constitutionality. On 25 May 2021, the three month compliance period on some new requirements for significant social media intermediaries (so designated by the Rules) expired, without many intermediaries being in compliance opening them up to liability under the Information Technology Act as well as wider civil and criminal laws. This has reignited debates about the impact of the Rules on business continuity and liability, citizens’ access to online services, privacy and security. 

Following on FPF’s previous blog highlighting some aspects of these Rules, this article presents an overview of the Rules before deep-diving into critical issues regarding their interpretation and application in India. It concludes by taking stock of some of the emerging effects of these new regulations, which have major implications for millions of Indian users, as well as digital services providers serving the Indian market. 

1. Brief overview of the Rules: Two new regimes for ‘intermediaries’ and ‘publishers’ 

The new Rules create two regimes for two different categories of entities: ‘intermediaries’ and ‘publishers’.  Intermediaries have been the subject of prior regulations – the Information Technology (Intermediaries guidelines) Rules, 2011 (the 2011 Rules), now superseded by these Rules. However, the category of “publishers” and related regime created by these Rules did not previously exist. 

The Rules begin with commencement provisions and definitions in Part I. Part II of the Rules apply to intermediaries (as defined in the Information Technology Act 2000 (IT Act)) who transmit electronic records on behalf of others, and includes online intermediary platforms (like Youtube, Whatsapp, Facebook). The rules in this part primarily flesh out the protections offered in Section 79 of India’s Information Technology Act 2000 (IT Act), which give passive intermediaries the benefit of a ‘safe harbour’ from liability for objectionable information shared by third parties using their services — somewhat akin to protections under section 230 of the US Communications Decency Act.  To claim this protection from liability, intermediaries need to undertake certain ‘due diligence’ measures, including informing users of the types of content that could not be shared, and content take-down procedures (for which safeguards evolved overtime through important case law). The new Rules supersede the 2011 Rules and also significantly expand on them, introducing new provisions and additional due diligence requirements that are detailed further in this blog. 

Part III of the Rules apply to a new previously non-existent category of entities designated to be ‘publishers‘. This is further classified into subcategories of ‘publishers of news and current affairs content’ and ‘publishers of online curated content’. Part III then sets up extensive requirements for publishers to adhere to specific codes of ethics, onerous content take-down requirements and three-tier grievance process with appeals lying to an Executive Inter-Departmental Committee of Central Government bureaucrats. 

Finally, the Rules contain two provisions that apply to all entities (i.e. intermediaries and publishers) relating to content-blocking orders. They lay out a new process by which Central Government officials can issue directions to delete, modify or block content to intermediaries and publishers, either following a grievance process (Rule 15) or including procedures of “emergency” blocking orders which may be passed ex-parte. These Rules stem from powers to issue directions to intermediaries to block public access of any information through any computer resource (Section 69A of the IT Act). Interestingly, these provisions have been introduced separately from the existing rules for blocking purposes called the Information Technology (Procedure and Safeguards for Blocking for Access of Information by Public) Rules, 2009. 

2. Key issues for intermediaries under the Rules

2.1 A new class of ‘social media intermediaries‘

The term ‘intermediary’ is a broadly defined term in the IT Act covering a range of entities involved in the transmission of electronic records. The Rules introduce two new sub-categories, being:

• “social media intermediary” defined (in Rule 2(w)) as one who “primarily or solely enables online interaction between two or more users and allows them” to exchange information; and
• “significant social media intermediary” (SSMI) comprising social media intermediaries with more than five million registered users in India (following this Government notification of the threshold). 

Given that a popular messaging app like Whatsapp has over 400 million users in India, the threshold appears to be fairly conservative. The Government may order any intermediary to comply with the same obligations as SSMIs (under Rule 6) if their services are adjudged to pose a risk of harm to national security, the sovereignty and integrity of India, India’s foreign relations or to public order.  

SSMIs have to follow substantially more onerous “additional due diligence” requirements to claim the intermediary safe harbour (including mandatory traceability of message originators, and proactive automated screening as discussed below). These new requirements raise privacy concerns and data security concerns, as they extend beyond the traditional ideas of platform  “due diligence”, they potentially expose content of private communications and in doing so create new privacy risks for users in India.    

2.2 Additional requirements for SSMIS: resident employees, mandated message traceability, automated content screening 

Extensive new requirements are set out in the new Rule 4 for SSMIs. 

• In-country employees: SSMIs must appoint in-country employees as (1) Chief Compliance Officer, (2) a nodal contact person for 24×7 coordination with law enforcement agencies and (3) a Resident Grievance Officer specifically responsible for overseeing the internal grievance redress mechanism. Monthly reporting of complaints management is also mandated. 

• Traceability requirements for SSMIs providing messaging services: Among the most controversial requirements is Rule 4(2) which requires SSMIs providing messaging services to enable the identification of the “first originator” of information on their platforms as required by Government or court orders. This tracing and identification of users is considered incompatible with end-to-end encryption technology employed by messaging applications like Whatsapp and Signal. In their legal challenge to this Rule, Whatsapp has noted that end-to-end encrypted platforms would need to be re-engineered to identify all users since there is no way to predict which user will be the subject of an order seeking first originator information. 

Provisions to mandate modifications to the technical design of encrypted platforms to enable traceability seem to go beyond merely requiring intermediary due diligence. Instead they appear to draw on separate Government powers relating to interception and decryption of information (under Section 69 of the IT Act). In addition, separate stand-alone rules laying out procedures and safeguards for such interception and decryption orders already exist in the Information Technology (Procedure and Safeguards for Interception, Monitoring and Decryption of Information) Rules, 2009. Rule 4(2) even acknowledges these provisions–raising the question of whether these Rules (relating to intermediaries and their safe harbours) can be used to expand the scope of section 69 or rules thereunder. 

Proceedings initiated by Whatsapp LLC in the Delhi High Court, and Free and Open Source Software (FOSS) developer Praveen Arimbrathodiyil in the Kerala High Court have both challenged the legality and validity of Rule 4(2) on grounds including that they are ultra vires and go beyond the scope of their parent statutory provisions (s. 79 and 69A) and the intent of the IT Act itself. Substantively, the provision is also challenged on the basis that it would violate users’ fundamental rights including the right to privacy, and the right to free speech and expression due to the chilling effect that the stripping back of encryption will have.

• Automated content screening: Rule 4(4) mandates that SSMIs must employ technology-based measures including automated tools to proactively identify information depicting (i) rape, child sexual abuse or conduct, or (ii) any information previousy removed following a Government or court order. The latter category is very expansive and allows content take-downs for a broad range of reasons including defamatory or pornographic content, to IP infringements, to content threatening national security or public order (as set out in Rule 3(1)(d)).  

Though the objective of the provision is laudable (i.e. to limit the circulation of violent or previously removed content), the move towards proactive automated monitoring has raised serious concerns regarding censorship on social media platforms. Rule 4(4) appears to acknowledge the deep tensions that this requirement raises with privacy and free speech concerns, as seen by the provisions that require these screening measures to be proportionate to the free speech and privacy of users, to be subject to human oversight, and reviews of automated tools to assess fairness, accuracy, propensity for bias or discrimination, and impact on privacy and security. However, given the vagueness of this wording compared to the trade-off of losing intermediary immunity, scholars and commentators are noting the obvious potential for ‘over-compliance’ and excessive screening out of content. Many (including the petitioner in the Praveen Arimbrathodiyil matter) have also noted that automated filters are not sophisticated enough to differentiate between violent unlawful images and legitimate journalistic material. The concern is that such measures could create a large-scale screening out of ‘valid’ speech and expression, with serious consequences for constitutional rights to free speech and expression which also protect ‘the rights of individuals to listen, read and receive the said speech‘ (Tata Press Ltd v. Mahanagar Telephone Nigam Ltd, (1995) 5 SCC 139). 

• Tighter timelines for grievance redress, content take down and information sharing with law enforcement: Rule 3 includes enhanced requirements to serve privacy policies and user agreements outlining the terms of use, including annual reminders of these terms and any modifications and of the intermediaries’ right to terminate the user’s access for using the service in contravention of these terms. The Rule also has enhanced grievance redress processes for intermediaries, by expanding these requirements to mandate that the complaints system acknowledge complaints within 24 hours, and dispose of them in 15 days. In the case of certain categories of complaints (where a person complains of inappropriate images or impersonations of them being circulated), the removal of access to the material is mandated within 24 hours based on a prima facie assessment. 

Such requirements appear to be aimed at creating more user-friendly networks of intermediaries. However, the imposition of a single set of requirements is especially onerous for smaller or volunteer-run intermediary platforms which may not have income streams or staff to provide for such a mechanism. Indeed, the petition in the Praveen Arimbrathodiyil matter has challenged certain of these requirements as being a threat to the future of the volunteer-led Free and Open Source Software (FOSS) movement in India, by placing similar requirements on small FOSS initiatives as on large proprietary Big Tech intermediaries.  

Other obligations that stipulate turn-around times for intermediaries include (i) a requirement to remove or disable access to content within 36 hours of receipt of a Government or court order relating the unlawful information on the intermediary’s computer resources (under Rule 3(1)(d)) and (ii) to provide information within 72 hours of receiving an order from a authorised Government agency undertaking investigative activity (under Rule 3(1)(j). 

Similar to the concerns with automated screening, there are concerns that the new grievance process could lead to private entities becoming the arbiters of appropriate content/ free speech — a position that was specifically reversed in a seminal 2015 Supreme Court decision that clarified that a Government or Court order was needed for content-takedowns.  

3. Key issues for the new ‘publishers’ subject to the Rules, including OTT players

3.1 New Codes of Ethics and three-tier redress and oversight system for digital news media and OTT players 

Digital news media and OTT players have been designated as ‘publishers of news and current affairs content’ and ‘publishers of online curated content’ respectively in Part III of the Rules. Each category has been then subjected to separate Codes of Ethics. In the case of digital news media, the Codes applicable to the newspapers and cable television have been applied. For OTT players, the Appendix sets out principles regarding content that can be created and display classifications. To enforce these codes and to address grievances from the public on their content, publishers are now mandated to set up a grievance system which will be the first tier of a three-tier “appellate” system culminating in an oversight mechanism by the Central Government with extensive powers of sanction.  

At least five legal challenges have been filed in various High Courts challenging the competence and authority of the Ministry of Electronics & Information Technology (MeitY) to pass the Rules and their validity namely (i) in the Kerala High Court, LiveLaw Media Private Limited vs Union of India WP(C) 6272/2021; in the Delhi High Court, three petitions tagged together being (ii) Foundation for Independent Journalism vs Union of India WP(C) 3125/2021, (iii) Quint Digital Media Limited vs Union of India WP(C)11097/2021, and (iv) Sanjay Kumar Singh vs Union of India and others WP(C) 3483/2021, and (v) in the Karnataka High Court, Truth Pro Foundation of India vs Union of India and others, W.P. 6491/2021. This is in addition to a fresh petition filed on 10 June 2021, in TM Krishna vs Union of India that is challenging the entirety of the Rules (both Part II and III) on the basis that they violate rights of free speech (in Article 19 of the Constitution), privacy (including in Article 21 of the Constitution) and that it fails the test of arbitrariness (under Article 14) as it is manifestly arbitrary and falls foul of principles of delegation of powers. 

Some of the key issues emerging from these Rules in Part III and the challenges to them are highlighted below. 

3.2 Lack of legal authority and competence to create these Rules

There has been substantial debate on the lack of clarity regarding the legal authority of the Ministry of Electronics & Information Technology (MeitY) under the IT Act. These concerns arise at various levels. 

• Authority and competence to regulate ‘publishers’ of original content is unclear: The definition of ‘intermediary’ in the IT Act does not extend to cover types of entities defined to be publishers. The Rules themselves acknowledge that ‘publishers’ are a new category of regulated entity created by the Rules, as opposed to a sub-category of intermediaries. Further, the commencement of the Rules also confirm that they are passed under statutory provisions in the IT Act related to intermediary regulation.  It is a well established principle that subordinate rules cannot go beyond the object and scope of parent statutory provisions (Ajoy Kumar Banerjee v Union of India (1984) 3 SCC 127). Consequently, the authority of MeitY to regulate entities that create original content – like online news sources and OTT platforms – remains unclear at best.

• Ability to extend substantive provisions in other statutes through the Rules: The Rules apply two codes of conduct to digital publishers of news and current affairs content, namely (i) the Norms of Journalistic Conduct of the Press Council of India under the Press Council Act, 1978; (ii) Programme Code under section 5 of the Cable Television Networks Regulation) Act, 1995. Many, including petitioners in the LiveLaw matter have noted that the power to make Rules under the IT Act’s s 87 cannot be used to extend or expand requirements under other statutes and their subordinate rules. To bring digital news media or OTT players into existing regulatory regimes for the Press and television broadcasting, amendments to those regimes will be required led by the Ministry of Information and Broadcasting. 

• Validity of three-tier ‘quasi-judicial’ adjudicatory mechanism, with final appeal to Committee of solely executive functionaries: Rules 11 – 14 create a three-tier grievance and oversight system which can be used by any person with a grievance against content published by any publisher. Under this model, any person having a grievance with any material published by a publisher can complain through the publisher’s redress process. If any grievance is not satisfactorily dealt with by the publisher entity (Level I) in 15 days, it will be escalated to the self regulatory body of which the publisher is a member (Level II) which must also provide a decision to the complainant within 15 days. If the complainant is unsatisfied, they may appeal to the Oversight Mechanism (in Level III). This can be appreciated as an attempt to create feedback loops that can minimise the spread of misleading or incendiary media, disinformation etc through a more effective grievance mechanism. The structure and design of the three-tier structure have however raised specific concerns. 

First, there is a concern that Level I & II result in a privatisation of adjudications relating to free speech and expression of creative content producers – which would otherwise be litigated in Courts and Tribunals as matters of free speech. As noted by many (including the LiveLaw petition at page 33), this could have the effect of overturning judicial precedent in Shreya Singhal v. Union of India ((2013) 12 S.C.C. 73) that specifically read down s 79 of the IT Act  to avoid a situation where private entities were the arbiters determining the legitimacy of takedown orders.  Second, despite referring to “self-regulation” this system is subject to executive oversight (unlike the existing models for offline newspapers and broadcasting).

The Inter-Departmental Committee is entirely composed of Central Government bureaucrats, and it may review complaints through the three-tier system or referred directly by the Ministry following which it can deploy a range of sanctions from warnings, to mandating apologies, to deleting, modifying or blocking content. This also raises the question of whether this Committee meets the legal requirements for any administrative body undertaking a ‘quasi-judicial’ function, especially one that may adjudicate on matters of rights relating to free speech and privacy. Finally, while the objective of creating some standards and codes for such content creators may be laudable it is unclear whether such an extensive oversight mechanism with powers of sanction on online publishers can be validly created under the rubric of intermediary liability provisions.  

4. New powers to delete, modify or block information for public access 

As described at the start of this blog, the Rules add new powers for the deletion, modification and blocking of content from intermediaries and publishers. While section 69A of the IT Act (and Rules thereunder) do include blocking powers for Government, they only exist vis a vis intermediaries. Rule 15 also expands this power to ‘publishers’. It also provides a new avenue for such orders to intermediaries, outside of the existing rules for blocking information under the Information Technology (Procedure and Safeguards for Blocking for Access of Information by Public) Rules, 2009. 

More grave concerns arise from Rule 16 which allows for the passing of emergency orders for blocking information, including without giving an opportunity of hearing for publishers or intermediaries. There is a provision for such an order to be reviewed by the Inter-Departmental Committee within 2 days of its issue. 

Both Rule 15 and 16 apply to all entities contemplated in the Rules. Accordingly, they greatly expand executive power and oversight over digital media services in India, including social media, digital news media and OTT on-demand services. 

5. Conclusions and future implications

The new Rules in India have opened up deep questions for online intermediaries and providers of digital media services serving the Indian market. 

For intermediaries, this creates a difficult and even existential choice: the requirements, (especially relating to traceability and automated screening) appear to set an improbably high bar given the reality of their technical systems. However, failure to comply will result in not only the loss of a safe harbour from liability — but as seen in new Rule 7, also opens them up to punishment under the IT Act and criminal law in India. 

For digital news and OTT players, the consequences of non-compliance and the level of enforcement remain to be understood, especially given open questions regarding the validity of legal basis to create these rules. Given the numerous petitions filed against these Rules, there is also substantial uncertainty now regarding the future although the Rules themselves have the full force of law at present. 

Overall, it does appear that attempts to create a ‘digital media’ watchdog would be better dealt with in a standalone legislation, potentially sponsored by the Ministry of Information and Broadcasting (MIB) which has the traditional remit over such areas. Indeed, the administration of Part III of the Rules has been delegated by MeitY to MIB pointing to the genuine split in competence between these Ministries.  

Finally, the potential overlaps with India’s proposed Personal Data Protection Bill (if passed) also create tensions in the future. It remains to be seen if the provisions on traceability will survive the test of constitutional validity set out in India’s privacy judgement (Justice K.S. Puttaswamy v. Union of India, (2017) 10 SCC 1). Irrespective of this determination, the Rules appear to have some dissonance with the data retention and data minimisation requirements seen in the last draft of the Personal Data Protection Bill, not to mention other obligations relating to Privacy by Design and data security safeguards. Interestingly, despite the Bill’s release in December 2019, a definition for ‘social media intermediary’ that it included in an explanatory clause to its section 26(4) closely track the definition in Rule 2(w), but also departs from it by carving out certain intermediaries from the definition. This is already resulting in moves such as Google’s plea on 2 June 2021 in the Delhi High Court asking for protection from being declared a social media intermediary. 

These new Rules have exhumed the inherent tensions that exist within the realm of digital regulation between goals of the freedom of speech and expression, and the right to privacy and competing governance objectives of law enforcement (such as limiting the circulation of violent, harmful or criminal content online) and national security. The ultimate legal effect of these Rules will be determined as much by the outcome of the various petitions challenging their validity, as by the enforcement challenges raised by casting such a wide net that covers millions of users and thousands of entities, who are all engaged in creating India’s growing digital public sphere.

Photo credit: Gerd Altmann from Pixabay

Read more Global Privacy thought leadership:

South Korea: The First Case where the Personal Information Protection Act was Applied to an AI System

China: New Draft Car Privacy and Security Regulation is Open for Public Consultation

A New Era for Japanese Data Protection: 2020 Amendments to the APPI

New FPF Report Highlights Privacy Tech Sector Evolving from Compliance Tools to Platforms for Risk Management and Data Utilization

As we enter the third phase of development of the privacy tech market, purchasers are demanding more integrated solutions, product offerings are more comprehensive, and startup valuations are higher than ever, according to a new report from the Future of Privacy Forum and Privacy Tech Alliance. These factors are leading to companies providing a wider range of services, acting as risk management platforms, and focusing on support of business outcomes.

“The privacy tech sector is at an inflection point, as its offerings have expanded beyond assisting with regulatory compliance,” said FPF CEO Jules Polonetsky. “Increasingly, companies want privacy tech to help businesses maximize the utility of data while managing ethics and data protection compliance.”

According to the report, “Privacy Tech’s Third Generation: A Review of the Emerging Privacy Tech Sector,” regulations are often the biggest driver for buyers’ initial privacy tech purchases. Organizations also are deploying tools to mitigate potential harms from the use of data. However, buyers serving global markets increasingly need privacy tech that offers data availability and control and supports its utility, in addition to regulatory compliance. 

The report finds the COVID-19 pandemic has accelerated global marketplace adoption of privacy tech as dependence on digital technologies grows. Privacy is becoming a competitive differentiator in some sectors, and TechCrunch reports that 200+ privacy startups have together raised more than $3.5 billion over hundreds of individual rounds of funding. 

“The customers buying privacy-enhancing tech used to be primarily Chief Privacy Officers,” said report lead author Tim Sparapani. “Now it’s also Chief Marketing Officers, Chief Data Scientists, and Strategy Officers who value the insights they can glean from de-identified customer data.”

The report highlights five trends in the privacy enhancing tech market:

• Buyers desire “enterprise-wide solutions.”
• Buyers favor integrated technologies.
• Some vendors are moving to either collaborate and integrate or provide fully integrated solutions themselves.
• Data is the enterprise asset.
• Jurisdiction impacts a shared vernacular problem.

The report also draws seven implications for competition in the market:

• Buyers favor integrated solutions over one-off solutions.
• Collaborations, partners, cross-selling, and joint ventures between privacy tech vendors are increasing to provide buyers integrated suites of services and to attract additional market share.
• Private equity and private equity-backed companies will continue their “roll-up” strategies of buying niche providers to build a package of companies to provide the integrated solutions buyers favor.
• Venture capital will continue funding the privacy tech sector, though not every seller has the same level of success fundraising.
• Big companies may acquire strategically valuable, niche players.
• Small startups may struggle to gain market traction absent a truly novel or superb solution.
• Buyers will face challenges in future-proofing their privacy strategies.

The report makes a series of recommendations, including that the industry define as a priority a common vernacular for privacy tech; set standards for technologies in the “privacy stack” such as differential privacy, homomorphic encryption, and federated learning; and explore the needs of companies for privacy tech based upon their size, sector, and structure. It calls on vendors to recognize the need to provide adequate support to customers to increase uptake and speed time from contract signing to successful integration.

The Future of Privacy Forum launched the Privacy Tech Alliance (PTA) as a global initiative with a mission to define, enhance and promote the market for privacy technologies. The PTA brings together innovators in privacy tech with customers and key stakeholders.

Members of the PTA Advisory Board, which includes Anonos, BigID, D-ID, Duality, Ethyca, Immuta, OneTrust, Privacy Analytics, Privitar, SAP, Truata, TrustArc, Wirewheel, and ZL Tech, have formed a working group to address impediments to growth identified in the report. The PTA working group will define a common vernacular and typology for privacy tech as a priority project with chief privacy officers and other industry leaders who are members of FPF. Other work will seek to develop common definitions and standards for privacy-enhancing technologies such as differential privacy, homomorphic encryption, and federated learning and identify emerging trends for venture capitalists and other equity investors in this space. Privacy Tech companies can apply to join the PTA by emailing [email protected].

---

Perspectives on the Privacy Tech Market

Quotes from Members of the Privacy Tech Alliance Advisory Board on the Release of the “Privacy Tech’s Third Generation” Report

The right to be forgotten is not compatible with the Brazilian Constitution. Or is it?

Author: Dr. Luca Belli

Dr. Luca Belli is Professor at FGV Law School, Rio de Janeiro, where he leads the CyberBRICS Project and the Latin American edition of the Computers, Privacy and Data Protection (CPDP) conference. The opinions expressed in his articles are strictly personal. The author can be contacted at [email protected].

The Brazilian Supreme Federal Court, or “STF” in its Brazilian acronym, recently took a landmark decision concerning the right to be forgotten (RTBF), finding that it is incompatible with the Brazilian Constitution. This attracted international attention to Brazil for a topic quite distant than the sadly frequent environmental, health, and political crises.

Readers should be warned that while reading this piece they might experience disappointment, perhaps even frustration, then renewed interest and curiosity and finally – and hopefully – an increased open-mindedness, understanding a new facet of the RTBF debate, and how this is playing out at constitutional level in Brazil.

This might happen because although the STF relies on the “RTBF” label, the content behind such label is quite different from what one might expect after following the same debate in Europe. From a comparative law perspective, this landmark judgment tellingly shows how similar constitutional rights play out in different legal cultures and may lead to heterogeneous outcomes based on the constitutional frameworks of reference.   

How it started: insolvency seasoned with personal data

As it is well-known, the first global debate on what it means to be “forgotten” in the digital environment arose in Europe, thanks to Mario Costeja Gonzalez, a Spaniard who, paradoxically, will never be forgotten by anyone due to his key role in the construction of the RTBF.

Costeja famously requested to deindex from Google Search information about himself that he considered to be no longer relevant. Indeed, when anyone “googled” his name, the search engine provided as the top results some link to articles reporting Costeja’s past insolvency as a debtor. Costeja argued that, despite having been convicted for insolvency, he had already paid his debt with Justice and society many years before and it was therefore unfair that his name would continue to be associated ad aeternum with a mistake he made in the past.

The follow up is well known in data protection circles. The case reached the Court of Justice of the European Union (CJEU), which, in its landmark Google Spain Judgment (C-131/12), established that search engines shall be considered as data controllers and, therefore, they have an obligation to de-index information that is inappropriate, excessive, not relevant, or no longer relevant, when a data subject to whom such data refer requests it. Such an obligation was a consequence of Article 12.b of Directive 95/46 on the protection of personal data, a pre-GDPR provision that set the basis for the European conception of the RTBF, providing for the “rectification, erasure or blocking of data the processing of which does not comply with the provisions of [the] Directive, in particular because of the incomplete or inaccurate nature of the data.”

The indirect consequence of this historic decision, and the debate it generated, is that we have all come to consider the RTBF in the terms set by the CJEU. However, what is essential to emphasize is that the CJEU approach is only one possible conception and, importantly, it was possible because of the specific characteristics of the EU legal and institutional framework. We have come to think that RTBF means the establishment of a mechanism like the one resulting from the Google Spain case, but this is the result of a particular conception of the RTBF and of how this particular conception should – or could – be implemented.

The fact that the RTBF has been predominantly analyzed and discussed through the European lenses does not mean that this is the only possible perspective, nor that this approach is necessary the best. In fact, the Brazilian conception of the RTBF is remarkably different from a conceptual, constitutional, and institutional standpoint. The main concern of the Brazilian RTBF is not how a data controller might process personal data (this is the part where frustration and disappointment might likely arise in the reader) but the STF itself leaves the door open to such possibility (this is the point where renewed interest and curiosity may arise).

The Brazilian conception of the right to be forgotten

Although the RTBF has acquired a fundamental relevance in digital policy circles, it is important to emphasize that, until recently, Brazilian jurisprudence had mainly focused on the juridical need for “forgetting” only in the analogue sphere. Indeed, before the CJEU Google Spain decision, the Brazilian Supreme Court of Justice or “STJ” – the other Brazilian Supreme Court that deals with the interpretation of the Law, differently from the previously mentioned STF, which deals with the interpretation of constitutional matters – had already considered the RTBF as a right not to be remembered, affirmed by the individual vis-à-vis traditional media outlets.

This interpretation first emerged in the “Candelaria massacre” case, a gloomy page of Brazilian history, featuring a multiple homicide perpetrated in 1993 in front of the Candelaria Church, a beautiful colonial Baroque building in Rio de Janeiro’s downtown. The gravity and the particularly picturesque stage of the massacre led Globo TV, a leading Brazilian broadcaster, to feature the massacre in a TV show called Linha Direta. Importantly, the show included in the narration some details about a man suspected of being one of the perpetrators of the massacre but later discharged.

Understandably, the man filed a complaint arguing that the inclusion of his personal information in the TV show was causing him severe emotional distress, while also reviving suspects against him, for a crime he had already been discharged of many years before. In September 2013, further to Special Appeal No. 1,334,097, the STJ agreed with the plaintiff establishing the man’s “right not to be remembered against his will, specifically with regard to discrediting facts.” This is how the RTBF was born in Brazil.

Importantly for our present discussion, this interpretation is not born out of digital technology and does not impinge upon the delisting of specific type of information as results of search engine queries. In Brazilian jurisprudence the RTBF has been conceived as a general right to effectively limit the publication of certain information. The man included in the Globo reportage had been discharged many years before, hence he had a right to be “let alone,” as Warren and Brandeis would argue, and not to be remembered for something he had not even committed. The STJ, therefore, constructed its vision of the RTBF, based on article 5.X of the Brazilian Constitution, enshrining the fundamental right to intimacy and preservation of image, two fundamental features of privacy. 

Hence, although they utilize the same label, the STJ and CJEU conceptualize two remarkably different rights, when they refer to the RTBF. While both conceptions aim at limiting access to specific types of personal information, the Brazilian conception differs from the EU one on at least three different levels.

First, their constitutional foundations. While both conceptions are intimately intertwined with individuals’ informational self-determination, the STJ built the RTBF based on the protection of privacy, honour and image, whereas the CJEU built it upon the fundamental right to data protection, which in the EU framework is a standalone fundamental right. Conspicuously, in the Brazilian constitutional framework an explicit right to data protection did not exist at the time of the Candelaria case and only since 2020 it has been in the process of being recognized. 

Secondly, and consequently, the original goal of the Brazilian conception of the RTBF was not to regulate how a controller should process personal data but rather to protect the private sphere of the individual. In this perspective, the goal of STJ was not – and could not have been – to regulate the deindexation of specific incorrect or outdated information, but rather to regulate the deletion of “discrediting facts” so that the private life, honour and image of any individual might be illegitimately violated.

Finally, yet extremely importantly, the fact that, at the time of the decision, an institutional framework dedicated to data protection was simply absent in Brazil did not allow the STJ to have the same leeway of the CJEU. The EU Justices enjoyed the privilege of delegating to search engine the implementation of the RTBF because, such implementation would have received guidance and would have been subject to the review of a well-consolidated system of European Data Protection Authorities. At the EU level, DPAs are expected to guarantee a harmonious and consistent interpretation and application of data protection law. At the Brazilian level, a DPA has just been established in late 2020 and announced its first regulatory agenda only in late January 2021.

This latter point is far from trivial and, in the opinion of this author, an essential preoccupation that might have driven the subsequent RTBF conceptualization of the STJ.

The stress-test

The soundness of the Brazilian definition of the RTBF, however, was going to be tested again by the STJ, in the context of another grim and unfortunate page of Brazilian story, the Aida Curi case. This case originated with the sexual assault and subsequent homicide of the young Aida Curi, in Copacabana, Rio de Janeiro, on the evening of 14 July 1958. At the time the case crystallized considerable media attention, not only because of its mysterious circumstances and the young age of the victim, but also because the sexual assault perpetrators tried to dissimulate it by throwing the body of the victim from the rooftop of a very high building on the Avenida Atlantica, the fancy avenue right in front of the Copacabana beach.

Needless to say, Globo TV considered the case as a perfect story for yet another Linha Direta episode. Aida Curi’s relatives, far from enjoying the TV show, sued the broadcaster for moral damages and demanded the full enjoyment of their RTBF – in the Brazilian conception, of course. According to the plaintiffs, it was indeed not conceivable that, almost 50 years after the murder, Globo TV could publicly broadcast personal information about the victim – and her family – including the victim’s name and address, in addition to unauthorized images, thus bringing back a long-closed and extremely traumatic set of events.

The brothers of Aida Curi claimed reparation against Rede Globo, but the STJ, decided that the time passed was enough to mitigate the effects of anguish and pain on the dignity of Aida Curi’s relatives, while arguing that it was impossible to report the events without mentioning the victim. This decision was appealed by Ms Curi’s family members, who demanded by means of Extraordinary Appeal No. 1,010,606, that STF recognized “their right to forget the tragedy.” It is interesting to note that the way the demand is constructed in this Appeal exemplifies tellingly the Brazilian conception of “forgetting” as erasure and prohibition from divulgation.

At this point, the STF identified in the Appeal the interest of debating the issue “with general repercussion” which is a peculiar judicial process that the Court can utilize when recognizes that a given case has particular relevance and transcendence for the Brazilian legal and judicial system. Indeed, the decision of a case with general repercussion does not only bind the parties but rather establishes a jurisprudence that must be replicated by all lower-level courts.

In February 2021, the STF finally deliberated on the Aida Curi case, establishing that “the idea of ​​a right to be forgotten is incompatible with the Constitution, thus understood as the power to prevent, due to the passage of time, the disclosure of facts or data that are true and lawfully obtained and published in analogue or digital media” and that “any excesses or abuses in the exercise of freedom of expression and information must be analyzed on a case-by-case basis, based on constitutional parameters – especially those relating to the protection of honor, image, privacy and personality in general – and the explicit and specific legal provisions existing in the criminal and civil spheres.”

In other words, what the STF has deemed as incompatible with the Federal Constitution is a specific interpretation of the Brazilian version of the RTBF. What is not compatible with the Constitution is to argue that the RTBF allows to prohibit publishing true facts, lawfully obtained. At the same time, however, the STF clearly states that it remains possible for any Court of law to evaluate, on a case-by-case basis and according to constitutional parameters and existing legal provisions, if a specific episode can allow the use of the RTBF to prohibit the divulgation of information that undermine the dignity, honour, privacy, or other fundamental interests of the individual.

Hence, while explicitly prohibiting the use of the RTBF as a general right to censorship, the STF leaves room for the use of the RTBF for delisting specific personal data in an EU-like fashion, while specifying that this must be done finding guidance in the Constitution and the Law.

What next?

Given the core differences between the Brazilian and EU conception of the RTBF, as highlighted above, it is understandable in the opinion of this author that the STF adopted a less proactive and more conservative approach. This must be especially considered in light of the very recent establishment of a data protection institutional system in Brazil.

It is understandable that the STF might have preferred to de facto delegate the interpretation of when and how the RTBF could be rightfully invoked before Courts, according to constitutional and legal parameters. First, in the Brazilian interpretation of the RTBF, this right fundamentally insist on the protection of privacy – i.e. the private sphere of an individual – and, while admitting the existence of data protection concerns, these are not the main ground on which the Brazilian RTBF conception relays.

It is understandable that in a country and a region where the social need to remember and shed light on what happened in a recent history, marked by dictatorships, well-hidden atrocities, and opacity, outweighs the legitimate individual interest to prohibit the circulation of truthful and legally obtained information. In the digital sphere, however, the RTBF quintessentially translates into an extension of informational self-determination, which the Brazilian General Data Protection Law, better known as “LGPD” (Law No. 13.709 / 2018), enshrines in its article 2 as one of the “foundations” of data protection in the country and that whose fundamental character was recently recognized by the STF itself.

In this perspective, it is useful to remind the dissenting opinion of Justice Luiz Edson Fachin, in the Aida Curi case, stressing that “although it does not expressly name it, the Constitution of the Republic, in its text, contains the pillars of the right to be forgotten, as it celebrates the dignity of the human person (article 1, III), the right to privacy (article 5, X) and the right to informational self-determination – which was recognized, for example, in the disposal of the precautionary measures of the Direct Unconstitutionality Actions No. 6,387, 6,388, 6,389, 6,390 and 6,393, under the rapporteurship of Justice Rosa Weber (article 5, XII).”

It is the opinion of this author that the Brazilian debate on the RTBF in the digital sphere would be clearer if it its dimension as a right to deindexation of search engines results were to be clearly regulated. It is understandable that the STF did not dare regulating this, given its interpretation of the RTBF and the very embryonic data protection institutional framework in Brazil. However, given the increasing datafication we are currently witnessing, it would be naïve not to expect that further RTBF claims concerning the digital environment and, specifically, the way search engines process personal data will keep emerging.

The fact that the STF has left the door open to apply the RTBF in the case-by-case analysis of individual claims may reassure the reader regarding the primacy of constitutional and legal arguments in such case-by-case analysis. It may also lead the reader to – very legitimately – wonder whether such a choice is the facto the most efficient to deal with the potentially enormous number of claims and in the most coherent way, given the margin of appreciation and interpretation that each different Court may have.  

An informed debate able to clearly highlight what are the existing options and what might be the most efficient and just ways to implement them, considering the Brazilian context, would be beneficial. This will likely be one of the goals of the upcoming Latin American edition of the Computers, Privacy and Data Protection conference (CPDP LatAm) that will take place in July, entirely online, and will aim at exploring the most pressing issues for Latin American countries regarding privacy and data protection.

Photo Credit: “Brasilia – The Supreme Court” by Christoph Diewald is licensed under CC BY-NC-ND 2.0

If you have any questions about engaging with The Future of Privacy Forum on Global Privacy and Digital Policymaking contact Dr. Gabriela Zanfir-Fortuna, Senior Counsel, at [email protected].

FPF announces appointment of Malavika Raghavan as Senior Fellow for India

The Future of Privacy Forum announces the appointment of Malavika Raghavan as Senior Fellow for India, expanding our Global Privacy team to one of the key jurisdictions for the future of privacy and data protection law. 

Malavika is a thought leader and a lawyer working on interdisciplinary research, focusing on the impacts of digitisation on the lives of lower-income individuals. Her work since 2016 has focused on the regulation and use of personal data in service delivery by the Indian State and private sector actors. She has founded and led the Future of Finance Initiative for Dvara Research (an Indian think tank) in partnership with the Gates Foundation from 2016 until 2020, anchoring its research agenda and policy advocacy on emerging issues at the intersection of technology, finance and inclusion. Research that she led at Dvara Research was cited by the India’s Data Protection Committee in its White Paper as well as its final report with proposals for India’s draft Personal Data Protection Bill, with specific reliance placed on such research on aspects of regulatory design and enforcement. See Malavika’s full bio here.

“We are delighted to welcome Malavika to our Global Privacy team. For the following year, she will be our adviser to understand the most significant developments in privacy and data protection in India, from following the debate and legislative process of the Data Protection Bill and the processing of non-personal data initiatives, to understanding the consequences of the publication of the new IT Guidelines. India is one of the most interesting jurisdictions to follow in the world, for many reasons: the innovative thinking on data protection regulation, the potentially groundbreaking regulation of non-personal data and the outstanding number of individuals whose privacy and data protection rights will be envisaged by these developments, which will test the power structures of digital regulation and safeguarding fundamental rights in this new era”, said Dr. Gabriela Zanfir-Fortuna, Global Privacy lead at FPF. 

We have asked Malavika to share her thoughts for FPF’s blog on what are the most significant developments in privacy and digital regulation in India and about India’s role in the global privacy and digital regulation debate.

FPF: What are some of the most significant developments in the past couple of years in India in terms of data protection, privacy, digital regulation?

Malavika Raghavan: “Undoubtedly, the turning point for the privacy debate India was the 2017 judgement of the Indian Supreme Court in Justice KS Puttaswamy v Union of India. The judgment affirmed the right to privacy as a constitutional guarantee, protected by Part III (Fundamental Rights) of the Indian Constitution. It was also regenerative, bringing our constitutional jurisprudence into the 21st century by re-interpreting timeless principles for the digital age, and casting privacy as a prerequisite for accessing other rights—including the right to life and liberty, to freedom of expression and to equality—given the ubiquitous digitisation of human experience we are witnessing today. 

Overnight, Puttaswamy also re-balanced conversations in favour of privacy safeguards to make these equal priorities for builders of digital systems, rather than framing these issues as obstacles to innovation and efficiency. In addition, it challenged the narrative that privacy is an elite construct that only wealthy or privileged people deserve— since many litigants in the original case that had created the Puttaswamy reference were from marginalised groups. Since then, a string of interesting developments have arisen as new cases are reassessing the impact of digital technology on individuals in India, for e.g. the boundaries case of private sector data sharing (such as between Whatsapp and Facebook), or the State’s use of personal data (as in the case concerning Aadhaar, our national identification system) among others. 

Puttaswamy also provided fillip for a big legislative development, which is the creation of an omnibus data protection law in India. A bill to create this framework was proposed by a Committee of Experts under the chairmanship of Justice Srikrishna (an ex-Supreme Court judge), which has been making its way through ministerial and Parliamentary processes. There’s a large possibility that this law will be passed by the Indian parliament in 2021! Definitely a big development to watch.

FPF: How do you see India’s role in the global privacy and digital regulation debate?

Malavika Raghavan: “India’s strategy on privacy and digital regulation will undoubtedly have global impact, given that India is home to 1/7th of the world’s population! The mobile internet revolution has created a huge impact on our society with millions getting access to digital services in the last couple of decades. This has created nuanced mental models and social norms around digital technologies that are slowly being documented through research and analysis. 

The challenge for policy makers is to create regulations that match these expectations and the realities of Indian users to achieve reasonable, fair regulations. As we have already seen from sectoral regulations (such as those from our Central Bank around cross border payments data flows) such regulations also have huge consequences for global firms interacting with Indian users and their personal data.  

In this context, I think India can have the late-mover advantage in some ways when it comes to digital regulation. If we play our cards right, we can take the best lessons from the experience of other countries in the last few decades and eschew the missteps. More pragmatically, it seems inevitable that India’s approach to privacy and digital regulation will also be strongly influenced by the Government’s economic, geopolitical and national security agenda (both internationally and domestically). 

One thing is for certain: there is no path-dependence. Our legislators and courts are thinking in unique and unexpected ways that are indeed likely to result in a fourth way (as described by the Srikrishna Data Protection Committee’s final report), compared to the approach in the US, EU and China.”

If you have any questions about engaging with The Future of Privacy Forum on Global Privacy and Digital Policymaking contact Dr. Gabriela Zanfir-Fortuna, Senior Counsel, at [email protected].

India: Massive overhaul of digital regulation, with strict rules for take-down of illegal content and Automated scanning of online content

On February 25, the Indian Government notified and published Information Technology (Guidelines for Intermediaries and Digital media Ethics Code) Rules 2021. These rules mirror the Digital Services Act (DSA) proposal of the EU to some extent, since they propose a tiered approach based on the scale of the platform, they touch on intermediary liability, content moderation, take-down of illegal content from online platforms, as well as internal accountability and oversight mechanisms, but they go beyond such rules by adding a Code of Ethics for digital media, similar to the Code of Ethics classic journalistic outlets must follow, and by proposing an “online content” labelling scheme for content that is safe for children.

The Code of Ethics applies to online news publishers, as well as intermediaries that “enable the transmission of news and current affairs”. This part of the Guidelines (the Code of Ethics) has already been challenged in the Delhi High Court by news publishers this week. 

The Guidelines have raised several types of concerns in India, from their impact on freedom of expression, impact on the right to privacy through the automated scanning of content and the imposed traceability of even end-to-end encrypted messages so that the originator can be identified, to the choice of the Government to use executive action for such profound changes. The Government, through the two Ministries involved in the process, is scheduled to testify in the Standing Committee of Information Technology of the Parliament on March 15.

New obligations for intermediaries

“Intermediaries” include “websites, apps and portals of social media networks, media sharing websites, blogs, online discussion forums, and other such functionally similar intermediaries” (as defined in rule 2(1)(m)).

Here are some of the most important rules laid out in Part II of the Guidelines, dedicated to Due Diligence by Intermediaries:

• All intermediaries, regardless of size or nature, will be under an obligation to “remove or disable access” as early as possible and no later than 36 hours of content subject to a Court order or an order of a Government agency (see rule 4(1)(d)).
• All intermediaries will be under an obligation to inform users at least once per year about their content policies, which must at a minimum include rules such as not uploading, storing or sharing information that “belongs to another person and to which the user does not have any right”, “deceives or misleads the addressee about the origin of the message”, “is patently false and untrue” or “is harmful to minors” (see rules 4(1)(b) and (f)). 
• All intermediaries will have to provide information to authorities for the purpose of identity verification and for investigating and prosecuting offenses, within 72 hours of receiving an order from an authorised government agency (see rule 4(1)(j)).
• All intermediaries will have to take all measures to remove or limit access within 24 hours of receiving a complaint from a user, to any content that reveals nudity, amounts to sexual harassment, or represents a deep fake, and the content is transmitted with the intent to harass, intimidate, threaten or abuse an individual (see rule 4(1)(p)).

“Significant social media intermediaries” have enhanced obligations

“Significant social media intermediaries” are social media services with a number of users above a threshold which will be defined and notified by the Central Government. This concept is similar to the the DSA’s “Very Large Online Platform”, however the DSA includes clear criteria in the proposed act itself on how to identify a VLOP.

As for Significant Social Media Intermediaries” in India, they will have additional obligations (similar to how the DSA proposal in the EU scales obligations): 

• “Significant social media intermediaries” that provide messaging services will be under an obligation to identify the “first originator” of a message following a Court order or an order from a Competent Authority (see rule 5(2)). This provision raises significant concerns over end-to-end encryption and encryption backdoors.
• They will have to appoint a Chief Compliance Officer for the purposes of complying with these rules and who will be liable for failing to ensure that the intermediary observes due diligence obligations; the CCO will have to hold an Indian passport and will have to be based in India;
• They will have to appoint a Chief Grievance Officer, who also must be based in India.
• Publish compliance reports every 6 months.
• Deploy automated scanning to proactively identify all identical information to content removed following an order (under the 36 hours rule), as well as child sexual abuse and related content (see rule 5(4)).
• Set up an internal mechanism for receiving complaints.

These “Guidelines” seem to have the legal effect of a statute, and they are being adopted through executive action to replace Guidelines adopted in 2011 by the Government, under powers conferred to it in the Information Technology Act 2000. The new Guidelines would enter into force immediately after publication in the Official Gazette (no information as to when publication is scheduled). The Code of Ethics would enter into force three months after the publication in the Official Gazette. As mentioned above, there are already some challenges in Court against part of these rules.

Get smart on these issues and their impact

Check out these resources: 

• This article by Malavika Raghavan in The Indian Express, “For more online civility, we will need deeper engagement, careful legislation”, where she raises concerns of having such profound changes brought by executive action rather than a broader public engagement and legislative action.  
• This analysis by Rahul Matthan, who raises questions with regard to “identifying the first originator” rule, arguing that it is likely the Indian Supreme Court would declare such a measure unconstitutional: “Traceability is Antithetical to Liberty”.

Another jurisdiction to keep your eyes on: Australia

Also note that, while the European Union is starting its heavy and slow legislative machine, by appointing Rapporteurs in the European Parliament and having first discussions on the DSA proposal in the relevant working group of the Council, another country is set to soon adopt digital content rules: Australia. The Government is currently considering an Online Safety Bill, which was open to public consultation until mid February and which would also include a “modernised online content scheme”, creating new classes of harmful online content, as well as take-down requirements for image-based abuse, cyber abuse and harmful content online, requiring removal within 24 hours of receiving a notice from the eSafety Commissioner.

If you have any questions about engaging with The Future of Privacy Forum on Global Privacy and Digital Policymaking contact Dr. Gabriela Zanfir-Fortuna, Senior Counsel, at [email protected].

Russia: New Law Requires Express Consent for Making Personal Data Available to the Public and for Any Subsequent Dissemination

Authors: Gabriela Zanfir-Fortuna and Regina Iminova

Amendments to the Russian general data protection law (Federal Law No. 152-FZ on Personal Data) adopted at the end of 2020 enter into force today (Monday, March 1st), with some of them having the effective date postponed until July 1st. The changes are part of a legislative package that is also seeing the Criminal Code being amended to criminalize disclosure of personal data about “protected persons” (several categories of government officials). The amendments to the data protection law envision the introduction of consent based restrictions for any organization or individual that publishes personal data initially, as well as for those that collect and further disseminate personal data that has been distributed on the basis of consent in the public sphere, such as on social media, blogs or any other sources. 

The amendments:

• introduce a new category of personal data, defined as “personal data allowed by the data subject to be disseminated” (hereinafter PDD – personal data allowed for dissemination);
• include strict rules for initially making personal data available to an unlimited number of persons, but also for further processing PDD by other organizations or individuals, including for further disseminating this type of data – all of this must be done on the basis of specific, affirmative and separately collected consent from the data subject, the existence of which must be proved at any point of the use and further use;
• introduce the possibility of the Russian regulator enforcing this law (“Roskomnadzor”) to record in a centralized information system the consent obtained for dissemination of personal data to an unlimited number of persons;
• introduce an absolute right to opt out of the dissemination of personal data, “at any time”.

The potential impact of the amendments is broad. The new law prima facie affects social media services, online publishers, streaming services, bloggers, or any other entity who might be considered as making personal data available to “an indefinite number of persons.” They now have to collect and prove they have separate consent for making personal data publicly available, as well as for further publishing or disseminating PDD which has been lawfully published by other parties originally.

Importantly, the new provisions in the Personal Data Law dedicated to PDD do not include any specific exception for processing PDD for journalistic purposes. The only exception recognized is processing PDD “in the state and public interests defined by the legislation of the Russian Federation”. The Explanatory Note accompanying the amendments confirms that consent is the exclusive lawful ground that can justify dissemination and further processing of PDD and that the only exception to this rule is the one mentioned above, for state or public interests as defined by law. It is thus expected that the amendments might create a chilling effect on freedom of expression, especially when also taking into account the corresponding changes to the Criminal Code.

The new rules seem to be part of a broader effort in Russia to regulate information shared online and available to the public. In this context, it is noteworthy that other amendments to Law 149-FZ on Information, IT and Protection of Information solely impacting social media services were also passed into law in December 2020, and already entered into force on February 1^st, 2021. Social networks are now required to monitor content and “restrict access immediately” of users that post information about state secrets, justification of terrorism or calls to terrorism, pornography, promoting violence and cruelty, or obscene language, manufacturing of drugs, information on methods to commit suicide, as well as calls for mass riots. 

Below we provide a closer look at the amendments to the Personal Data Law that entered into force on March 1st, 2021. 

A new category of personal data is defined

The new law defines a category of “personal data allowed by the data subject to be disseminated” (PDD), the definition being added as paragraph 1.1 to Article 3 of the Law. This new category of personal data is defined as “personal data to which an unlimited number of persons have access to, and which is provided by the data subject by giving specific consent for the dissemination of such data, in accordance with the conditions in the Personal Data Law” (unofficial translation). 

The old law had a dedicated provision that referred to how this type of personal data could be lawfully processed, but it was vague and offered almost no details. In particular, Article 6(10) of the Personal Data Law (the provision corresponding to Article 6 GDPR on lawful grounds for processing) provided that processing of personal data is lawful when the data subject gives access to their personal data to an unlimited number of persons. The amendments abrogate this paragraph, before introducing an entirely new article containing a detailed list of conditions for processing PDD only on the basis of consent (the new Article 10.1).

Perhaps in order to avoid misunderstanding on how the new rules for processing PDD fit with the general conditions on lawful grounds for processing personal data, a new paragraph 2 is introduced in Article 10 of the law, which details conditions for processing special categories of personal data, to clarify that processing of PDD “shall be carried out in compliance with the prohibitions and conditions provided for in Article 10.1 of this Federal Law”.

Specific, express, unambiguous and separate consent is required

Under the new law, “data operators” that process PDD must obtain specific and express consent from data subjects to process personal data, which includes any use, dissemination of the data. Notably, under the Russian law, “data operators” designate both controllers and processors in the sense of the General Data Protection Regulation (GDPR), or businesses and service providers in the sense of the California Consumer Privacy Act (CCPA).

Specifically, under Article 10.1(1), the data operator must ensure that it obtains a separate consent dedicated to dissemination, other than the general consent for processing personal data or other type of consent. Importantly, “under no circumstances” may individuals’ silence or inaction be taken to indicate their consent to the processing of their personal data for dissemination, under Article 10.1(8).

In addition, the data subject must be provided with the possibility to select the categories of personal data which they permit for dissemination. Moreover, the data subject also must be provided with the possibility to establish “prohibitions on the transfer (except for granting access) of [PDD] by the operator to an unlimited number of persons, as well as prohibitions on processing or conditions of processing (except for access) of these personal data by an unlimited number of persons”, per Article 10.1(9). It seems that these prohibitions refer to specific categories of personal data provided by the data subject to the operator (out of a set of personal data, some categories may be authorized for dissemination, while others may be prohibited from dissemination).

If the data subject discloses personal data to an unlimited number of persons without providing to the operator the specific consent required by the new law, not only the original operator, but all subsequent persons or operators that processed or further disseminated the PDD have the burden of proof to “provide evidence of the legality of subsequent dissemination or other processing”, under Article 10.1(2), which seems to imply that they must prove consent was obtained for dissemination (probatio diabolica in this case). According to the Explanatory Note to the amendments, it seems that the intention was indeed to turn the burden of proof of legality of processing PDD from data subjects to the data operators, since the Note makes a specific reference to the fact that before the amendments the burden of proof rested with data subjects.

If the separate consent for dissemination of personal data is not obtained by the operator, but other conditions for lawfulness of processing are met, the personal data can be processed by the operator, but without the right to distribute or disseminate them – Article 10.1.(4). 

A Consent Management Platform for PDD, managed by the Roskomnadzor

The express consent to process PDD can be given directly to the operator or through a special “information system” (which seems to be a consent management platform) of the Roskomnadzor, according to Article 10.1(6). The provisions related to setting up this consent platform for PDD will enter into force on July 1st, 2021. The Roskomnadzor is expected to provide technical details about the functioning of this consent management platform and guidelines on how it is supposed to be used in the following months. 

Absolute right to opt-out of dissemination of PDD

Notably, the dissemination of PDD can be halted at any time, on request of the individual, regardless of whether the dissemination is lawful or not, according to Article 12.1(12). This type of request is akin to a withdrawal of consent. The provision includes some requirements for the content of such a request. For instance, it requires writing contact information and listing the personal data that should be terminated. Consent to the processing of the provided personal data is terminated once the operator receives the opt-out request – Article 10.1(13).

A request to opt-out of having personal data disseminated to the public when this is done unlawfully (without the data subject’s specific, affirmative consent) can also be made through a Court, as an alternative to submitting it directly to the data operator. In this case, the operator must terminate the transmission of or access to personal data within three business days from when such demand was received or within the timeframe set in the decision of the court which has come into effect – Article 10.1(14).

A new criminal offense: The prohibition on disclosure of personal data about protected persons

Sharing personal data or information about intelligence officers and their personal property is now a criminal offense under the new rules, which amended the Criminal Code. The law obliges any operators of personal data, including government departments and mobile operators, to ensure the confidentiality of personal information concerning protected persons, their relatives, and their property. Under the new law, “protected persons” include employees of the Investigative Committee, FSB, Federal Protective Service, National Guard, Ministry of Internal Affairs, and Ministry of Defense judges, prosecutors, investigators, law enforcement officers and their relatives. Moreover, the list of protected persons can be further detailed by the head of the relevant state body in which the specified persons work.

Previously, the law allowed for the temporary prohibition of the dissemination of personal data of protected persons only in the event of imminent danger in connection with official duties and activities. The new amendments make it possible to take protective measures in the absence of a threat of encroachment on their life, health and property.

What to watch next: New amendments to the general Personal Data Law are on their way in 2021

There are several developments to follow in this fast changing environment. First, at the end of January, the Russian President gave the government until August 1 to create a set of rules for foreign tech companies operating in Russia, including a requirement to open branch offices in the country.

Second, a bill (No. 992331-7) proposing new amendments to the overall framework of the Personal Data Law (No. 152-FZ) was introduced in July 2020 and was the subject of a Resolution that passed in the State Duma on February 16, allowing for a period for amendments to be submitted, until March 16. The bill is on the agenda for a potential vote in May. The changes would entail expanding the possibility to obtain valid consent through other unique identifiers which are currently not accepted by the law, such as unique online IDs, changes to purpose limitation, a possible certification scheme for effective methods to erase personal data and new competences for the Roskomnadzor to establish requirements for deidentification of personal data and specific methods for effective deidentification.

If you have any questions on Global Privacy and Data Protection developments, contact Gabriela Zanfir-Fortuna at [email protected]

Understanding Data Embassies and Corridors

The following is a guest post to the FPF blog authored by Yeong Zee Kin, Chief Executive of the Singapore Academy of Law and FPF Senior Fellow. The guest post reflects the opinion of the author only and does not necessarily reflect the position or views of FPF and our stakeholder communities. FPF provides this platform to foster diverse perspectives and informed discussion.

Over the past few years, geopolitical contestations have increased the rhetoric over data sovereignty. Data sovereignty views data as another dimension of the state’s sovereignty that needs to be safeguarded from exploitation against the interests of the state. One natural response is to mandate the localization of data. 

The intensification of geopolitical tensions has also changed the tone of trade discussions. Countries that were once strident advocates of free trade have, to varying degrees, introduced some form of data localization policies. One example of recent regulatory developments that limit transfers of personal data to specific countries is from the US. The White House Executive Order 14117 has now been implemented into final rules by the Department of Justice¹; and the US Congress has also passed the Protecting Americans’ Data from Foreign Adversaries Act of 2024². These laws prohibit the transfer of personal data to certain countries that are deemed to be adversaries of the US in the interest of safeguarding US national security. At the same time, the US remains a strong advocate for cross-border transfer mechanisms such as the Global Cross Border Privacy Rules (CBPR) and Privacy Recognition for Processors (PRP). 

With the increase in the number of data localization measures globally³, the concept of data embassy has been put forward as a solution by both governments and businesses. But are data embassies an appropriate solution? This paper examines the origin and varieties of data embassies, discusses the concept’s limitations to address data localization challenges, and proffers an alternative modelled after special economic zones.

Data localization 

Data localization is no longer associated only with trade protectionism but has taken on a security complexion. Data localization policies can be mapped on two dimensions — they may either prohibit the export of data, mandate local storage and processing of data, or both. It is possible to construct a two-dimensional matrix. 

The earliest implementations of data localization regulations were largely motivated by economic policies. For example, the belief that requirements for local storage and processing of data will spur investments in data centres and digital communications infrastructure; or the creation of data analytics and processing jobs that allow the domestic workforce to upskill and help develop its digital economy. However, research shows that data localization may have the countervailing effect of increasing data management costs by 15 – 55%⁴, thereby subtracting from the perceived industry development benefits by decreasing trade output, increasing costs for downstream industries, and decreasing productivity⁵.

Another reason that has been given for requiring local storage of data is to enable (easier) access by law enforcement and judicial authorities. In more recent years, security concerns have also given rise to localization policies that prohibit the export of data that can be potentially exploited to effect socio-economic harm or enable attacks on critical information infrastructure or foundational digital infrastructure. 

Efforts to preserve the free flow of data may be found in trade agreements, particularly digital trade agreements, and global norm-setting initiatives such as the G7’s efforts to ensure data free flow with trust. In gist, these policies seek to reduce hurdles to cross-border data transfers as indirect trade barriers by prohibiting signatories from imposing requirements of local processing or storage of data as a condition of doing business. Within these frameworks, restrictions to data transfers may only be imposed if they are necessary for achieving legitimate public policy objectives and even then, their scope must be proportionate to the identified harm.

Data embassy as a potential solution to data localization

Private international law supports the choice of law that governs private rights between commercial entities, the form of dispute resolution (e.g. litigation or arbitration), and choice of forum (and hence, the governing procedural rules). However, data localization requirements are in the realm of public law that cannot be contracted out of. The data embassy was initially developed as a government-to-government (G2G) arrangement. It has since seized the attention of businesses as a solution to circumvent data localization requirements. The primary motivation is to extend domestic laws and standards of protection to data that has been exported. What if data that has been exported is somehow still subject to the laws of the jurisdiction they originated from? If domestic laws and standards of protection follow the exported data, these overseas repositories of data will be like embassies in foreign countries that, despite their location overseas, are still treated as part of the home jurisdiction. 

This is attractive to businesses for a number of reasons. In one scenario, data centres or data processors hoping to win contracts may wish to assure their overseas customers that their data will be managed according to their laws. This typically plays out in scenarios where the data centre or processor is located in a lower cost jurisdiction that is perceived to have lower standards of data protection. From the perspective of the host state (i.e., where the data centre is built), data embassies have industry development potential by attracting foreign direct investments for the development of communications and digital infrastructure. In another scenario, corporations in a country with data localization requirements seeking to conduct business overseas may proffer the data embassy as a way of assuring domestic regulators that exported data will remain subject to their regulatory requirements and within their reach, while concomitantly inaccessible by the government of the host state. From the exporting state’s perspective, this solution could work if it is assured of cooperation from the host state when access is required; while from the host state’s perspective, it must be prepared to permit intrusion into its sovereignty. 

The origins of the concept and limitations of data embassies⁶

The concept of “data embassy”, while intellectually appealing, is based on a flawed understanding of how embassies function. A misapprehension that belies the issues associated with data embassies as a solution to data localization policies. Contrary to common misconception, embassies are not pockets of foreign sovereignty. While the sending state may own the land upon which the embassy stands, it is nevertheless subject to the laws of the receiving state. 

By international law and custom documented in the Vienna Convention on Diplomatic Relations (1961), the receiving state extends certain privileges to the embassy. First, diplomatic premises are inviolable in that the receiving state will refrain from exercising powers of search unless there is consent. Concomitantly, the receiving state has positive duties to protect the mission⁷. Second, the receiving state likewise refrains from exercising criminal jurisdiction or powers of arrest and detention over diplomatic agents⁸. Third, official communications from the mission are also protected⁹. Subject to these privileges, the law of the land applies. The mission is liable for injuries and harms that befall guests; and administrative, technical and service staff of the mission may not undertake unlawful activities within the embassy with impunity. Diplomatic agents who commit crimes will face prosecution in their home country even while they are not subject to criminal jurisdiction in the receiving country. 

Hence, the assumption that data stored in a data embassy is governed by the laws of the sending state (i.e., the state where the data originates) is deeply flawed. If we are to faithfully apply what we may legitimately glean from the way real-world embassies operate to data hosted in a data embassy, we may only arrive at the position that the receiving state (i.e., the state where the data has been exported to) accepts that it cannot access the data, must protect data-at-rest and ensure the security of data-in-transit. The quid pro quo is that the sending state must investigate data incidents and take appropriate enforcement action – not something that can be easily accomplished remotely. To be clear, these are public law obligations and not obligations that can be negotiated in the realm of private law.

Presently, there are two primary data embassy models: the security model and the developmental model. While they share a common name, they are very different creatures. 

Data embassy as a concept started with the Estonian implementation of the security model, which is perhaps the closest implementation to a real-world embassy. As a neighbor to a much larger and aggressive country, Estonia had its fair share of experiences with cyberattacks that have been linked to state-sponsored groups. After a particularly invidious incident¹⁰, it struck an arrangement with Luxembourg to host a copy of its public sector data in the latter. As part of the arrangement, Luxembourg undertook to preserve the inviolability of this data center from searches and entry, its protection from intrusion and the confidentiality of communications¹¹. In addition to Estonia, Luxembourg has also entered into a similar arrangement with Monaco¹². These are, in essence, G2G arrangements for off-site backup of government data. They are not particularly helpful for solving the commercial and regulatory compliance concerns of businesses.

The developmental model of data embassies attempts to extend the data embassy concept to attract foreign direct investments. Bahrain’s implementation exemplifies this model. It aims to attract investments in cloud infrastructure and support the development of cloud services. Bahrain passed Decree 56 of 2018 that allows the disapplication of domestic law to content hosted in designated data centers while concomitantly designating the foreign law, competent courts and public authorities that will have exclusive jurisdiction instead¹³. Such a designated data center (i.e., the data embassy) is designed to allow cloud service providers operating there to choose the law that will be applied to customer data stored on their cloud platforms. However, there are a number of challenges with this approach. 

While private international law allows contracting parties freedom of choice over governing law, dispute resolution mechanism and forum, data incidents have both private and public law consequences. Thus, the aftermath of a cybersecurity incident or data breach follows two tracks. First, breaches of contractual data protection and cybersecurity obligations between data center and customer can be enforced through private law. Second, the cybersecurity incident or data breach will also be investigated and enforced by the relevant data protection authority, and cybersecurity and law enforcement agencies of the jurisdiction where this incident occurred. 

It is troubling to conceive of a situation where the receiving state has disapplied its public laws and declines to investigate and take enforcement action. While at the same time, the foreign state whose cybersecurity and data protection laws were chosen to apply does not enforce them because it is ignorant of this choice, has not agreed to take on this role, or cannot practically do so. Offshore enforcement requires the foreign state to extend its investigatory and enforcement powers into the receiving state, which raises additional issues of sovereignty. It also requires the relevant data protection authorities, and cybersecurity and law enforcement agencies of the foreign state to have the capability of conducting investigations and collecting evidence remotely since the data repository is situated in another country. 

This data embassy design also fails to solve data localization issues. The localization requirements operate on the customers of the data center in the country where they are situated. Until and unless the state exempts these customers from localization requirements, they are not able to circumvent such requirements by selecting an overseas data centre that allows them to select their choice of law, even if they choose their own laws, both private and public. Unilateral action by the destination state for exported data does not provide a complete solution.

In an April 2025 public consultation, Saudi Arabia put forward another variation of the developmental model for data embassies under its draft Global AI Hub Law that seeks to support the Kingdom’s ambitions to develop into a global AI hub¹⁴. The building block appears to be a security-styled data embassy for public sector data (referred to as a private hub in the draft law). This may be extended to allow a foreign third-party operator to offer its services to other commercial customers (referred to as an extended hub in the draft law). The third variation allows service providers based in Saudi Arabia to offer hosting services to commercial customers in foreign states under the laws of those foreign states (referred to as a virtual hub in the draft law). G2G agreements are contemplated for both private and extended hubs. It appears that service providers are also required to enter into agreements with the competent authority (for extended hubs) or obtain ex ante ministerial approval (for virtual hubs). It remains to be seen whether the regulatory lacuna that had been discussed in relation to the Bahraini implementation are addressed when the Global AI Hub Law is finalized.

Corridors of trust to facilitate bidirectional data flows¹⁵

If data embassies are intended to provide a solution to data localization requirements, the solution must be bidirectional. It must be emphasized that private international law already permits data centers and customers to select their choice of law and jurisdiction to govern their contractual relationship. But data localization requirements are a matter of public law. Hence, a public law solution is required. The public law solution can take a leaf from arrangements that exist for special economic zones. 

For expediency, let us discard analogies with embassies. This public law solution must recognize that bidirectional data flow is a key design consideration and business requirement. (If all that is required is a secondary site for storing data with occasional repatriation, then perhaps the security model for data embassies is well-suited.) For data centers and their customers, data not only needs to flow between them inter se; data also needs to be transmitted to the end customers of the data center’s customers. For example, an e-commerce marketplace hosts its platform with a cloud service provider, but data also must flow from the marketplace to its end users. 

The public law solution needs to check a number of boxes. First, it needs to support a choice of law. Next, it needs to enable access by data protection authorities, cybersecurity and law enforcement agencies to support investigations and enforcement. Additionally, it should also clarify the rights of access by data subjects and data owners. The solution should be capable of functioning as a free-standing data transfer mechanism that can be deployed to support cross-border trade, such as between special economic zones. In such cases, it lowers compliance costs and promotes trade. Additionally, it can also support limited exemptions to data localization requirements in one or both of the participating states. In this case, it also supports trade by removing non-tariff barriers in the form of data localization requirements.

The first point to be clear about is that although the solution is a public law one, it can operate hand-in-glove with private law solutions. The participating states – figuratively, the two terminal points of this data corridor – must first calibrate their applicable laws and regulations. For example, the corridor can operate between two special economic zones. A feature of the special economic zones is that some laws, particularly those relating to customs and tariffs, are specially designed to promote trade. In like manner, the relevant laws for calibration to facilitate bidirectional data flows in a data corridor are likely to be cybersecurity and data protection laws (including any data localization requirements). One way of achieving this is to reference a neutral international data protection standard for both participating states to calibrate their data protection laws to conform with this standard. This is preferable to bilateral mapping as referencing an independent standard makes it easier to scale, such as when other states seek to join this corridor. It also avoids any uncomfortable qualitative assessments when differences are identified when two laws are compared directly.

If special rules are required after benchmarking against that international standard, they may be especially enacted and limited in application to the participating special economic zones. For example, special rules to recognize industry certifications for data protection or cybersecurity (e.g., ISO 27000 series) or cross-border transfers (e.g., Global CBPR and/or PRP) as meeting the requisite regulatory standards and requirements. In this context, special rules that soften data localization requirements may also be possible (e.g., permitting data export if the designated technical standards are met). Once this is achieved, the data center and its customers may then choose which of the participating state’s laws to apply.

Take the Johore-Singapore special economic zone as an example. Both Malaysia and Singapore are part of ASEAN. ASEAN member states have adopted a set of data protection principles – the ASEAN data protection framework – that can serve as the neutral mapping standard. In addition to the principles, ASEAN has also adopted a digital data governance framework and an AI governance framework. These provide a rich source of standards and practices that support implementation. For cybersecurity standards, there are ample technical industry standards that can be referenced. For cross-border transfers, ASEAN has also endorsed the Global CBPR and PRP certification standard.

The choice of law will govern both the private and public dimensions of the commercial relationship between a data center and a customer. In the event of a private dispute, private international law principles will be applied to respect the choice of law and jurisdiction in the resolution of the dispute by the court of the chosen jurisdiction. Should there be a cybersecurity incident or data breach, there needs to be an effective enforcement cooperation agreement between the two participating states. An enforcement cooperation agreement will deal with issues such as a protocol for mutual assistance in acquiring evidence and witness statements. Truth be told, the choice of law is limited to the participating states.

Picking a law of a different state will not work for the public law dimension of this solution for obvious reasons. (To be clear, the data centre’s customers and their end users are not thus restricted.) 

Access to data by regulatory, law enforcement and judicial authorities is another area of concern. There are multiple stakeholders with different interests. The state wants access when it needs to, in order to enforce its laws effectively. Data subjects and data owners want the assurance that access by the government is lawful and subject to independent oversight. Data center operators and cloud service providers want clarity of their roles and responsibilities so that they are not laden with unreasonable or numerous requests. In this space, there are also international and industry standards that can provide an independent and neutral standard that participating states in the data corridor may use as a mapping standard¹⁶. The OECD declaration on government access to data is an example of an international standard, whilst the Trusted Cloud Principles by the Trusted Cloud Initiative is an example of an industry standard¹⁷.

Conclusion

As data emerges as a pivotal factor of production in the 4th industrial revolution—mirroring the regulatory trajectories once charted for land, labor, and capital—it is inevitable that regulatory frameworks around data will intensify. This paper has explored how increasing data localization requirements, fuelled by shifting geopolitical landscapes and heightened security concerns, present significant challenges to the seamless flow of information essential for the digital economy. In response, policy innovations such as data embassies and data corridors offer promising, albeit nascent, pathways to reconcile the imperatives of cross-border data transfers with legitimate governmental interests. These concepts demand rigorous debate, targeted pilot initiatives, and continual refinement to ensure they effectively address both commercial needs and regulatory oversight. Ultimately, striking a careful balance between enabling global data flows and safeguarding national interests will be crucial to harnessing the full potential of the digital economy in this new era.

Yeong Zee Kin¹⁸

1. 28 C.F.R. Part 202. ↩︎
2. 15 U.S. Code Chapter 123. ↩︎
3. The nature, evolution and potential implications of data localisation measures (10 November 2023) OECD, pp 12 – 15. ↩︎
4. The nature, evolution and potential implications of data localisation measures (10 November 2023) OECD, p 3. ↩︎
5. Nigel Cory & Luke Dascoli, “How Barriers to Cross-Border Data Flows Are Spreading Globally, What They Cost, and How to Address Them” (19 July 2021) Information Technology & Innovation Foundation, available at https://itif.org/publications/2021/07/19/how-barriers-cross-border-data-flows-are-spreading-globally-what-they-cost. ↩︎
6. For further reading, see Data Embassies Issues Paper (January 2024) and Data Embassies: Purposes, Features and Limitations (February 2024), Asian Business Law Institute, available at https://abli.asia/abli-publications/abli-data-embassy-issues-paper/ and https://abli.asia/abli-publications/data-embassies-purposes-features-limitations. ↩︎
7. Vienna Convention on Diplomatic Relations (1961), Art 22. ↩︎
8. Vienna Convention on Diplomatic Relations (1961), Arts 29 & 31. ↩︎
9. Vienna Convention on Diplomatic Relations (1961), Art 27.
   ↩︎
10. Emma Savouroux, “A World First: Estonia Opens a ‘Data Embassy’ in Luxembourg” (25 July 2025), available at https://www.blue-europe.eu/analysis-en/short-analysis/a-world-first-estonia-opens-a-data-embassy-in-luxembourg/. ↩︎
11. Agreement between the Republic of Estonia and the Grand Duchy of Luxembourg on the hosting of data and information systems, available at https://www.riigiteataja.ee/aktilisa/2280/3201/8002/Lux_Info_Agreement.pdf.
    ↩︎
12. E-embassies in Luxembourg available at https://luxembourg.public.lu/en/invest/innovation/e-embassies-in-luxembourg.html. ↩︎
13. Legislative Decree No. 56 of 2018 in respect of Providing Cloud Computing Services to Foreign Parties, available at https://www.lloc.gov.bh/FullEn/L5618.docx.
    ↩︎
14. Brian Meenagh, Ksenia Koroleva, and Faisal Imam, Saudi Arabia Pioneers Data Embassies With Publication of Draft Global AI Hub Law, Global Privacy & Security Compliance Blog (18 April 2025), available at https://www.globalprivacyblog.com/2025/04/saudi-arabia-pioneers-data-embassies-with-publication-of-draft-global-ai-hub-law/. 
    ↩︎
15. For a specific design of such a corridor of trust, see https://abli.asia/abli-publications/principles-of-asean-framework-on-crossb-border-cloud-computing/; see also, “ASEAN endorses Malaysia-led Regional Framework on Cross-Border Cloud Computing” (26 February 2026) MDEC https://www.mdec.my/media-release/news-press-release/415/asean-endorses-malaysia-led-regional-framework-on-cross%02border-cloud-computing.
    ↩︎
16. Declaration on Government Access to Personal Data held by Private Sector Entities (14 December 2022) OECD/Legal/0487.
    ↩︎
17.  https://trustedcloudprinciples.com/.
    ↩︎
18. I wish to thank Ms. Catherine Shen for her assistance in reviewing an earlier draft of this paper. ↩︎

Perseverance Pays Off for Vermont Privacy Efforts

Vermont has become the 23rd U.S. state to enact a comprehensive consumer privacy law after Governor Scott signed S.71, the Vermont Data Privacy and Online Surveillance Act (VDPOSA), on June 16. This new law is amongst the broadest in the country, closely resembling the 2025 version of the Connecticut Data Privacy Act (CTDPA). For example, the VDPOSA includes low applicability thresholds, a broad definition of sensitive data, heightened protections for consumer health data, consumer rights to know third parties to whom your personal data is sold and to contest certain profiling decisions, and impact assessments for certain uses of profiling. The law will take effect on January 1, 2028 and be enforced exclusively by the attorney general.

In addition to enacting the VDPOSA, Vermont also passed bills updating the state’s data broker registry (H.211), establishing a direct-to-consumer genetic testing law (H.639), and recognizing a right to neural privacy (H.814). This blog post provides background on Vermont’s privacy legislative efforts in recent years, then covers the law’s scope and key definitions, consumer rights, business obligations, and enforcement provisions. The blog post concludes with a brief overview of other privacy legislation enacted in Vermont this year.

Background

Privacy has been a long time coming in the Green Mountain State. Two years ago, Governor Scott became the first governor to veto a comprehensive consumer privacy bill. That bill, H.121, was an omnibus privacy bill with comprehensive protections and an age-appropriate design code. Had that bill been enacted, the comprehensive privacy provisions would have been amongst some of the broadest and most stringent in the country. In particular, the bill included Maryland-style substantive data minimization requirements, a ban on selling sensitive data, and a limited private right of action (PRA). The legislature tried, but failed, to overturn the veto. 

The legislature continued working on privacy issues in the intervening years. Last year, they enacted the Vermont Age-Appropriate Design Code Act. This year, they finally reached consensus on a comprehensive consumer privacy law as well as an update to the state’s data broker registry, regulation of direct-to-consumer genetic testing companies, and a “right” to “mental and neural data privacy.” Although the law enacted this year diverges from the 2024 effort in notable ways, this law nevertheless incorporates many elements from the broadest and most privacy protective iterations of the Washington Privacy Act framework in the country. 

Scope and Key Definitions

Covered Entities: The law applies to persons who conduct business in Vermont or produce a product or service targeted to Vermont residents and, excluding payment transaction data, annually either (1) control or process the personal data of at least 35,000 consumers, (2) control or process the sensitive data of at least 3,000 consumers, or (3) offer for sale the personal data of at least 3,000 consumers. These thresholds are low compared to those in other states, and it is uncommon to include a threshold tied to processing sensitive data. Like Connecticut’s and Maryland’s laws, the VDPOSA has requirements for consumer health data and consumer health data controllers that are not subject to the same applicability thresholds, instead applying broadly to “a person that conducts business in [Vermont] or a person that produces products or services that are targeted to residents of [Vermont.” This law also addresses any potential conflicts with the Vermont Age-Appropriate Design Code Act (AADCA), providing that the most protective law should control in any situation where that law conflicts with the requirements of this law. (Section 1, § 2415b.)

Definitions: The law’s definitions are generally consistent with the Connecticut model, including aspects of Connecticut’s 2023, 2025, and 2026 amendments. Two definitions worth noting: 

• “Publicly available information” is defined narrowly, excluding information collated and combined to create a consumer profile that is made available via a publicly available website and inferences generated from such profiles. For the consumer rights to access, correction, and portability (see below), publicly available information does not include “information made available for sale,” meaning such data is subject to those rights. This narrow definition of publicly available information—which conversely expands the scope of personal data—is similar to Connecticut’s updated definition from this year’s CTDPA amendments. 
• “Sensitive data” is defined broadly, including less common categories such as data revealing status as nonbinary or transgender, consumer health data, neural data, information derived from genetic or biometric data, certain financial account numbers or login information, or government-issued identification numbers. (Section 1, § 2415a.)

Entity and Data-Level Exemptions: The law includes many of the common entity-level exemptions, including for: certain government entities acting “in the ordinary course of its operation”; a covered entity or business associate under HIPAA (although a “hybrid entity” is not fully subject to the exemption); state or federally chartered banks or credit unions or affiliates or subsidiaries principally engaged in financial activities; certain health care providers and health care facilities under Vermont law; nonprofits established to detect and prevent insurance fraud; and more. Continuing a trend in recent years, the VDPOSA opts for more targeted entity-level exemptions for specific types of financial entities and nonprofits rather than broader exemptions for all GLBA-regulated entities and all nonprofits. 

The law also includes many of the common data-level exemptions, including for: certain health records, patient identifying information, and research data; activities using information for the purpose of evaluating creditworthiness, credit standing, credit capacity, character, general reputation, personal characteristics, or mode of living if “done strictly in accordance with” the FCRA by a consumer reporting agency, furnisher, or person using a consumer report; information collected, processed, or disclosed in accordance with the DPPA or FERPA; data subject to GLBA; protected health information under HIPAA; personal data of a victim or witness of certain crimes (e.g., child abuse, human trafficking) maintained by a victim services organization; and more. (Section 1, § 2415c.)

Exceptions for Common Business Activities: The law includes many exceptions which are consistent with existing state comprehensive privacy laws, including: compliance with federal, state, or municipal laws or regulations; compliance with investigations, subpoenas, or summons; compliance with law enforcement agencies; preventing or detecting security incidents, fraud, or illegal activity; engaging in public or peer-reviewed scientific or statistical research in the public interest that meets required safeguards; internal use of data for product improvement or for internal operations reasonably aligned with the expectations of the consumer; and more. (Section 1, § 2415i.)

Consumer Rights

Consumers have the standard rights to confirm whether a controller is processing their personal data and access that data, correct inaccuracies in their personal data, delete their personal data, obtain a copy of their personal data in a portable format (if technically feasible), and to opt-out of the processing of their personal data for targeted advertising, the sale of personal data, or profiling in furtherance of a decision that produces a legal or similarly significant effect concerning the consumer. These rights contain a few unique or uncommon provisions:

• The right to access extends to inferences about the consumer derived from personal data and the right to know whether a controller or processor is processing the consumer’s personal data for profiling to make a decision that produces legal or similarly significant effects; 
• Consistent with states like Minnesota and Montana, a controller is prohibited from disclosing certain categories of personal data in response to a consumer access request. These include social security numbers, government-issued ID numbers, financial account numbers, health or medical identification numbers, account passwords, security questions or answers thereto, or biometric data. If a controller has collected any of these categories of personal data, it must inform the consumer “with sufficient particularity” that it has done so. 
• If a consumer’s personal data was processed for profiling in furtherance of an automated decision that produced any legal or similarly significant effect, the consumer has the right to, “if feasible,”  question the profiling result, be informed of the reason the profiling resulted in the decision, and review the personal data processed for the profiling. If the decision concerned housing, the consumer can also correct any inaccurate personal data that was processed and have the decision reevaluated based on the corrected data. This right to contest adverse profiling decisions matches that in Connecticut’s law, which was added last year and modeled on Minnesota’s broader right. 
• Consumers have an additional right to obtain a list of the third parties to whom their personal data was sold, or, if the controller does not maintain such a consumer-specific list, then a list of all third parties to whom personal data is sold. 

This law allows consumers to designate an authorized agent to opt out of processing on the consumer’s behalf (including for profiling) and to use an opt-out preference signal to opt out of the sale of personal data or targeted advertising. (Section 1, § 2415d.) 

Business Obligations

Controllers and processors have enumerated responsibilities under the law, including transparency, data minimization, data security, oversight of processors, antidiscrimination, heightened protections for minors, and conducting both data protection assessments and impact assessments. 

Transparency: Controllers must provide consumers with a “reasonably accessible, clear, and meaningful” privacy notice that includes required information under the law, such as categories of data processed, processing purposes, how to exercise rights and appeal decisions, the categories of personal data sold to third parties, and the categories of third parties to whom personal data is sold. (Section 1, § 2415e(c).)

Data Minimization: The law includes procedural data minimization requirements. A controller must: 

• limit the collection of personal data to what is “reasonably necessary and proportionate” in relation to the purposes for which the data are processed, as disclosed to the consumer; 
• obtain consent to process personal data for any “material new” purpose that is “neither reasonably necessary to, nor compatible with,” the disclosed purposes for which the personal data is processed; and 
• not process a consumer’s sensitive data without the consumer’s consent and “unless the processing is reasonably necessary in relation to the purposes for which the sensitive data are collected.” 

Although these provisions are not “substantive data minimization” requirements in the same way that Maryland’s or California’s are, they are slightly unusual. In particular, the “necessary and proportionate” language is a departure from the usual “adequate, relevant, and reasonably necessary” language used in most state laws based on the WPA framework. Only Connecticut uses this same language, and those requirements were added in last year’s CTDPA amendments. Nevertheless, this is still a procedural requirement that ties data collection to the purposes disclosed to the consumer. Also similar to Connecticut, this law explicitly states that a controller cannot sell a consumer’s sensitive data without consent. (Section 1, § 2415e(a).)

Data Security: Controllers are required to “establish, implement, and maintain reasonable administrative, technical, and physical data security practices to protect the confidentiality, integrity, and accessibility of personal data.” (Section 1, § 2415e(a)(2).)

Processors: Controllers must engage in oversight of processors by entering into a contract that meets statutory criteria (e.g., providing instructions for processing data, describing the nature and purpose of the processing, imposing confidentiality). (Section 1, § 2415f.)

Antidiscrimination: Controllers are prohibited from processing personal data in violation of a federal or state law that prohibits unlawful discrimination against consumers. Similar to Connecticut’s 2025 amendment, this law further provides that, for state laws only, any evidence (or lack thereof) of proactive anti-bias testing or similar efforts to avoid processing data in violation of any anti-discrimination law will be relevant to any claim for a violation of such a state law. The law also includes a narrow exception for internal data use in profiling to correct bias. (Section 1, § 2415e(a)(5).)

Consumer Health Protections: Similar to Connecticut’s and Maryland’s law, this law includes heightened protections for consumer health data, such as confidentiality requirements for employee access to consumer health data, a prohibition on geofencing health care facilities for certain purposes (within 1,850 feet), and a prohibition on selling consumer health data without the consumer’s consent. Consumer health data is defined broadly as “any personal data that a controller uses to identify a consumer’s physical or mental health condition, diagnosis, or status,” and it includes reproductive or sexual health data and gender-affirming health data. These protections apply more broadly than the rest of the law to “persons,” notwithstanding the law’s other applicability thresholds. (Section 1, § 2415k.)

Assessments: Like most comprehensive privacy laws, this law requires controllers to conduct and document a data protection assessment for certain processing activities that present a heightened risk of harm to consumers, including: processing personal data for targeted advertising; selling personal data; processing personal data for profiling that presents a reasonably foreseeable risk of substantial injury to consumers, or processing sensitive data. Once again taking inspiration from Connecticut’s 2025 amendment, this law will additionally require a controller to conduct an impact assessment for any profiling conducted for making a decision that produces legal or similarly significant effect. These impact assessments must include information such as: the purpose, intended use, and deployment context of the profiling; analysis on whether the profiling presents a reasonably foreseeable risk of harm; descriptions of inputs and outputs; post-deployment monitoring and user safeguards; and more. The Vermont Attorney General (AG) may request a completed data protection or impact assessment as part of an investigation. (Section 1, § 2415g.)

Enforcement

The VDPOSA will be enforced exclusively by the attorney general. The law includes a permissive cure period of 60 days, allowing the attorney general to issue a cure notice to an alleged violator if the attorney general “determines that a cure is possible.” This cure period will expire on June 30, 2029. Although this law does not include a private right of action (PRA), the legislature added a statement of intent declaring that the attorney general will bear the burden of enforcing the law and, if sufficient appropriations and resources are not provided, the legislature will consider adding a PRA. (Section 1, § 2415j; Section 2; Section 3.)

Updates to Data Broker Registry Headline Other Privacy Efforts

The VDPOSA may be the most notable privacy bill enacted in Vermont this year, but it is not the only one. Vermont also updated the state’s data broker registry (H.211), enacted a direct-to-consumer genetic testing law (H.639), and established a right to neural privacy (H.814).  

Data Brokers: Vermont is one of several states to create a data broker registry, alongside California, Connecticut (enacted this year), Oregon, and Texas. Effective January 1, 2027, H.211 significantly amends Vermont’s law. Key changes include—

• Re-defining “brokered personal information” (“BPI”) as “any information, including derived data and unique identifiers, that is linked or reasonably linkable, alone or in combination with other information, to an identified or identifiable individual or to a device that identifies, is linked to, or is reasonably linkable to one or more identified or identifiable individuals in a household.” The prior definition was narrower and limited to an enumerated list of identifiers, plus a catch-all. This definition, in contrast, is modeled on the broader definitions of “personal data” under many state comprehensive privacy laws. Additionally, the “publicly available information” exception to the definition of BPI has been broadened. The previous definition only excluded publicly available information “to the extent that it is related to a consumer’s business or profession.” That qualifier has been removed.
• Re-defining “data broker” by changing the “direct relationship” requirement. The core definition remains unchanged: a data broker is “a business . . . that knowingly collects and sells or licenses to third parties the [BPI] of a consumer with whom the business does not have a direct relationship.” Previously, the law provided examples of direct relationships, such as a “past or present . . . customer, client, subscriber, user, or registered user of the business’s goods or services.” The newly revised definition is instead modeled on California’s Delete Act regulations: a consumer must have “intentionally interacted with a business for the purpose of accessing, purchasing, using, requesting, or obtaining information about the business’s products or services,” and “[a] business is still a data broker and does not have a direct relationship with a consumer as to the [BPI] the business sells about the consumer that it collected outside of a first-party interaction with the consumer.” The revised definition also removed some of the law’s exceptions to data brokerage, such as “developing or maintaining third-party e-commerce or application platforms.”
• Adding a definition of “sale” that is consistent with the common definition under state comprehensive privacy laws: the exchange of BPI for monetary or other valuable consideration, subject to exceptions. 
• Imposing due diligence or ‘know your customers’–style requirements prior to disclosing BPI, such as: requiring “prospective users” of BPI to identify themselves, state their purposes for seeking the information, and certifying that the information will not be used for other purposes; and, prior to disclosing such information, verifying the prospective user’s identity, reviewing the stated purposes for using the information, and not disclosing the information where there are “reasonable grounds for believing that the information will be used to violate State or federal law or will not be used for the purposes stated by the user.” 
• Adding new security breach notice requirements specific to data brokers.
• Accelerating when a data broker must register, closing the timeframe to 30 days after a data broker first meets the relevant definition and then annually by July 1 of each year. 
• Increasing the registry fee and imposing a $20,000 bond. 
• Expanding the mandatory disclosures during registration. New information that a data broker must disclose includes whether the data broker: collects certain categories of personal information (e.g., precise geolocation data, immigration status); has sold or shared the consumers’ data, in the past year, with certain entities (e.g., foreign actors, state or federal government, “developer of a GenAI system or model”); “the URL of a page on the data broker’s website” that includes relevant information on consumer rights; and more. Notably, while this disclosure requirement references consumer rights to deletion, opting-out of the collection of BPI, and authorized agents’ ability to exercise an opt-out on the consumer’s behalf, the revised data broker law itself does not require that data brokers offer these rights. The newly enacted VDPOSA, however, will require data brokers to offer consumer rights if they are within the scope of that law. 
• Improving consumer access to the data broker registry in the form of a downloadable spreadsheet of registered data brokers.

Although earlier versions of H.211 would have added a California Delete Act–style accessible deletion mechanism, the final bill merely directs the Vermont Secretary of State to study the feasibility of establishing an accessible deletion mechanism. 

Genetic Testing: Vermont has become the third state this year—after South Dakota and Connecticut—to enact a law regulating direct-to-consumer genetic testing. The Vermont Genetic Information Privacy Act will go into effect on July 1, 2026. This law imposes notice and consent requirements for the collection and use of biological samples and genetic data, gives consumers rights of deletion and access, and prohibits certain disclosures or uses of genetic data. Violations of the law will constitute unfair and deceptive acts in commerce under 9 V.S.A. § 2453. This includes a private right of action, although consumers will have to provide written notice of an alleged violation to a direct-to-consumer genetic testing company or service provider prior to initiating a civil action and allow 30 days to cure the notice. The cure requirement will expire on June 30, 2028. The Attorney General has enforcement and rulemaking authority. 

Mental and Neural Privacy: Although the primary focus of H.814 is extending the duration and scope of the state’s Artificial Intelligence Advisory Council, this law also formally recognizes an individual right to “mental and neural data privacy.” This includes rights to “change an individual’s decision regarding neurotechnology,” to “be afforded protection from unauthorized neurotechnological alterations in mental functions critical to personality,” and to “be afforded protection from unauthorized neurotechnological alterations in mental functions critical to personality.” The law does not define key terms such as “neurotechnology,” nor are there specific mechanisms or business obligations attached to these new rights. The newly enacted VDPOSA includes neural data as a category of sensitive data, however, providing Vermont residents with actionable protections like opt-in consent requirements and mandatory data protection assessments.

* * *

Looking to get up to speed on the existing state comprehensive consumer privacy laws? Check out FPF’s 2025 report, Anatomy of a State Comprehensive Privacy Law: Charting the Legislative Landscape. 

Pictured: Vermont receiving its red star on the FPF “Privacy Patchwork” quilt.

Future of Privacy Forum Announces 2026 Career Achievement Award Recipients

WASHINGTON, D.C. — The Future of Privacy Forum, a global non-profit focused on data protection, AI, and emerging technologies, announced new recipients of its Career Achievement Award, recognizing exceptional leaders whose work has advanced privacy, responsible data governance, and AI leadership worldwide.

The 2026 recipients of the FPF Career Achievement Award are: 

• Anita L. Allen, one of the world’s foremost scholars of the law and ethics of data and technology, and Professor of Law at the University of Pennsylvania Penn Carey Law School; Henry R. Silverman Professor of Law and Professor of Philosophy, Emeritus   
• Nuala O’Connor, a leading voice in the responsible and ethical use of technology and data, a board member and senior advisor to companies and nonprofits, and the first Chief Privacy Officer of the Department of U.S. Homeland Security 
• Harriet Pearson, an esteemed technology governance and policy advisor and Managing Principal at Axia Advisory, former Cybersecurity Division Head, New York Department of Financial Services, former Partner, Hogan Lovells, first Chief Privacy Officer and Security Counsel, IBM Corporation.

Alan Raul, FPF’s Board Chair, and Jules Polonetsky, FPF CEO, were honored to introduce the awardees and presenters at the organization’s Advisory Board Annual Meeting in Washington, D.C.

“At a moment when conversations around privacy, AI, and digital governance are evolving faster than ever, these honorees represent the very best of principled leadership,” said Polonetsky. “Anita Allen, Nuala O’Connor, and Harriet Pearson have each made extraordinary contributions to advancing thoughtful, practical, and responsible approaches to data protection and emerging technologies. Their work has shaped the field in profound and lasting ways.”

“Each of this year’s honorees has helped define the modern privacy field through decades of leadership, scholarship, and public service,” added Raul. “Their work has influenced legal frameworks, corporate governance practices, academic thought, and public policy conversations around the world. FPF is proud to recognize their leadership.”

Anita L. Allen

Anita Allen is an internationally recognized scholar, philosopher, and legal theorist whose work has helped shape foundational conversations around privacy rights, ethics, civil liberties, and data governance. She is the Henry R. Silverman Professor of Law and Professor of Philosophy, Emeritus at the University of Pennsylvania Carey Law School and served as Vice Provost for Faculty. A prolific author, educator, and thought leader, Allen has examined issues of consent, accountability, equality, and ethical responsibility across both public and private life. Allen is also the author of more than 130 articles and chapters, as well as several books, including Unpopular Privacy: What Must We Hide.  She is an elected member of the National Academy of Medicine, the American Law Institute, the American Philosophical Society and a fellow of the American Academy of Arts and Sciences. Throughout her distinguished career, she has advised policymakers, data protection authorities, and institutions on questions at the intersection of privacy, technology, and democratic values, helping establish frameworks that continue to influence privacy law and ethics globally.

Nuala O’Connor

Nuala O’Connor is a globally recognized leader in the responsible use of data and technology in our daily lives. She currently serves as senior advisor on technology, privacy, and AI to multinational companies Maersk and Kekst CNC and is a board member at several nonprofit organizations including EqualAI, the Society for the Rule of Law, and the Future of Privacy Forum. Nuala has held technology and legal leadership roles at General Electric, Amazon, DoubleClick, and Walmart, and served as President and CEO of the Center for Democracy & Technology (CDT). She has held senior appointed positions in the U.S. Federal government, including serving as the country’s first statutory chief privacy officer, when she was appointed as CPO of the U.S. Department of Homeland Security. Throughout her career, O’Connor has been a leading voice advancing practical, human-centered approaches to emerging technology policy, responsible innovation, and digital governance.

Harriet Pearson

Harriet Pearson is one of the pioneers of modern corporate privacy leadership and cybersecurity governance. She is the founder of Axia Advisory LLC, where she consults on program design and governance, coaches senior leaders, and supports strategic communications and external engagement.  Pearson served for more than a decade as IBM’s first Chief Privacy Officer, helping establish one of the world’s most influential corporate privacy programs during a transformative period for global data governance and technology regulation. Until June 2024, Pearson was Executive Deputy Superintendent and head of the Cybersecurity Division at the New York Department of Financial Services where she led a comprehensive update of DFS’s cybersecurity regulation. Previously, Pearson was a Partner at Hogan Lovells where she founded and led the global cybersecurity practice for a decade starting in 2012. In addition to her corporate leadership, she has served in advisory and board roles across the technology, policy, and nonprofit sectors, helping organizations navigate complex questions around accountability, ethics, and responsible innovation. Pearson’s work has been at the leading edge of technology innovation and her work has led the implementation of privacy leadership as a core business and governance function at companies around the world.

FPF’s Annual Awards recognize individuals whose work has had a lasting impact on privacy protections, responsible innovation, and the advancement of ethical technology governance worldwide. 

Past FPF award winners are listed below.

Career Achievement Award

• Dale Skivington (2019) – former Chief Privacy Officer, Dell & Eastman Kodak
• Sandra Hughes – former privacy executive, Procter & Gamble
• Jane Horvath (2023) – Partner, Gibson Dunn, former Chief Privacy Officer, Apple
• Jim Halpert (2024) – General Counsel, White House Office of the National Cyber Director, Partner, DLA Piper
• Barbara Cosgrove (2025) – VP & Chief Privacy and Digital Trust Officer, Workday

Distinguished Public Service Award

• Jessica Rich (2017) – former Director, Bureau of Consumer Protection, Federal Trade Commission
• Helen Dixon (2019) – Data Protection Commissioner, Ireland
• Maneesha Mithal (2023) – Partner, Wilson Sonsini, former Associate Director, Division of Privacy & Identity Protection, Federal Trade Commission

Excellence in Career Award

• Patrice Ettinger (2024) – Chief Privacy Officer, Regeneron, former Chief Privacy Officer, Pfizer

Community Builder Award

• J. Trevor Hughes (2019) – President & CEO, IAPP

Outstanding Academic Scholarship Award

• Peter Swire (2019) – J.Z. Liang Chair, Georgia Tech School of Cybersecurity & Privacy Senior Counsel, Alston & Bird

Global Responsible AI Leadership Award

• Government of Singapore (2024)
• Brazil’s Autoridade Nacional de Proteção de Dados (ANPD) (2025)

Lifetime Achievement Award

• Julie Brill (2025) – Founder and Principal, Brill Strategies, former Commissioner, Federal Trade Commission, former Chief Privacy Officer, Corporate Vice President for Global Privacy, Safety and Regulatory Affairs, Microsoft

To learn more about the Future of Privacy Forum, visit fpf.org. 

##

Future of Privacy Forum Releases Comprehensive Report On Algorithmic Personalization in Youth Online Experiences

As policymakers continue to debate youth online safety regulations, a new FPF report assesses the role of data-driven personalization and its implications for emerging policy and product design

WASHINGTON, D.C. — (June 10, 2026) — The Future of Privacy Forum — a global non-profit focused on data protection, AI, and emerging technologies —today released Personalization and Youth Online: Assessing Benefits, Risks, and Safeguards, a comprehensive report examining the role of algorithmic personalization in young people’s digital lives and its implications for emerging policy and product design.

Personalization—the use of personal data to tailor content and services to individual users—sits at the center of today’s most contested debates about youth and digital technology.  It appears in nearly every digital service young people use—influencing the content they see, how information is ranked, which recommendations are surfaced, and what prompts or ads are presented. While it offers a host of functional and protective benefits, the practice has also become a recurring regulatory focus of efforts to protect minors from online harms, including by targeting the specific product features and design elements through which personalization operates.

“Personalization is an incredibly nuanced topic; the same mechanisms that may be associated with risks may also enable benefits such as adaptive learning, community discovery, and age-appropriate protections that make the online experience safer for young people,” said Daniel Hales, Policy Counsel for the Future of Privacy Forum and co-author of the report. “Understanding the tradeoffs that come with any risk mitigation strategy is critical, so you don’t inadvertently limit the benefits of personalization along with the harms.”

In an effort to help policymakers and companies effectively evaluate these tradeoffs, the report examines the intersection of personalization and youth online experiences in five parts: key definitions and common use cases; key benefits of personalization in youth online experiences; common risks of harm; an assessment of more than a dozen emerging mitigation proposals and the associated tradeoffs; and an analysis of the emerging policy and regulatory landscape.

Examples of the mitigation strategies examined in the report include:

• Alternative approaches to curating content, such as feeds that display content chronologically, by popularity, or by categories and preferences a user has explicitly selected. While these approaches may reduce data-intensive curation, the report notes that they may have unintended effects, including the potential to inadvertently amplify spam and misinformation, and limit platforms’ ability to suppress age-inappropriate content.
• Data minimization rules applied without reference to the purpose of how the data is being used may curtail beneficial personalization alongside higher-risk applications. Purpose-based limitations, which restrict data use according to processing context rather than data category alone, may better preserve the protective uses of personalization while constraining its riskier applications.
• Risk mitigations related to conversational AI chatbots, including those designed to facilitate transparency, consent, responsible data practices, and safety-by-design. Each of these comes with its own tradeoffs; for example, on-device processing of sensitive data protects privacy, but can reduce model quality, which may ultimately push users toward less protective alternatives. Effective safeguards for AI personalization will require careful attention to which constraints reduce overall risk and which simply shift it. 
• Safety and well-being measures, including parental control and oversight, increasing digital literacy, measures to improve digital well-being, and control over personal data use. Many of these tactics will be most effective when paired with other measures; for example, increased digital literacy and making default wellbeing features like time-use limits and sleep and nighttime protections do not address the underlying design features that generate risk.

“Effective regulation must account for some precise questions: how personalization is implemented, what data it uses, and what purpose it serves,” said Holly Hawkins, Director for Youth Policy for the Future of Privacy Forum and the other co-author of the report. “While no single mitigation strategy is going to effectively address the full range of risks, we know that the most effective approaches share a common characteristic: they take a risk-proportionate approach to limiting higher-impact potential harms while preserving the functional and protective benefits of personalization for young people. We hope that this report can serve as a valuable resource to policymakers and companies who are attempting to find this delicate balance.”

The report’s release follows a growing interest from policymakers at both the federal and state levels in regulating personalization practices as part of efforts to strengthen protections for youth online. Both New York and California have passed laws prohibiting online services from providing algorithmically curated feeds to minors without parental consent; South Carolina and Nebraska’s age-appropriate design code laws require services to offer an opt-out of personalized recommender systems.

The full report, including an appendix tracking a sample of enacted and proposed youth online safety laws worldwide that address personalization, is available here. 

To learn more about the Future of Privacy Forum, visit fpf.org. 

###

Frontier AI Goes Federal: How the Great American AI Act Compares to State Laws

Introduction

It has been an unusually active few weeks for AI safety policy. Following a new frontier model safety bill passed in Illinois, and a White House executive order on AI security, Rep. Jay Obernolte (R-CA) and Rep. Lori Trahan (D-MA) released a bipartisan discussion draft for the Great American AI Act of 2026, adding another major federal proposal to the rapidly developing frontier AI landscape.

The draft is broad, covering issues ranging from workforce development and AI literacy to cybersecurity and international standards. But for many AI developers and deployers, the most important provisions are those focused on frontier model regulation. The draft would create requirements related to frontier AI transparency, critical safety incident reporting, employee whistleblower protections, and independent verification organizations. It would also include a three-year preemption clause restricting state laws that specifically regulate AI model development.

This blog highlights four key takeaways of the discussion draft: 

1. The draft is one of the first bipartisan attempts in Congress to address both frontier model safety and preemption of AI. These aspects make it a notable legislative effort, even if its prospects are uncertain. 
2. The draft incorporates many of the frontier model safety provisions in existing state laws but also has key distinctions. Compared to recent state frontier AI laws in California, New York, and Illinois (pending signature), the bill makes some important adjustments, like adding a revenue threshold for “frontier developers,” modifying the definition of “critical safety incident,” and utilizing a different penalty structure. 
3. The draft brings the preemption debate back into the federal AI policy conversation. It includes a three-year preemption clause focused on state laws that specifically regulate AI model development. 
4. The draft also reaches beyond frontier model safety. Other notable provisions include a study content moderation, a federal voluntary model testing program, and disclosure requirements for AI-related mass layoffs.

The Act Enters the AI Safety and Preemption Debate 

Amidst a crowded but unsettled federal AI policy landscape, the Great American AI Act is notable for its regulatory focus, bipartisan backing, and what it may signal for federal AI governance ahead. Though Congress has introduced no shortage of AI bills, there has been limited movement toward enacted legislation. Congress has considered sector-specific bills on chatbots¹, regulatory sandboxes, defense, elections, and financial scams, as well as broader proposals aimed at establishing a national AI framework like Sen. Blackburn’s (R-TN) TRUMP AMERICA AI Act.

Amid this activity, the Great American AI Act steps into two of the most active and contested AI policy debates: frontier model safety and federal preemption. On AI safety, the draft follows a period of growing attention to frontier model oversight at both the state and federal levels, where policymakers are trying to balance concerns about catastrophic risks and national security with concerns that overly burdensome requirements could slow AI innovation or weaken U.S. competitiveness.

On preemption, the draft arrives less than a year after Congress rejected a much broader effort to pause state AI regulation. In July 2025, the Senate voted 99-1 to remove a proposed 10-year moratorium on state AI laws from the budget reconciliation package. By contrast, the Great American AI Act includes a narrower three-year preemption provision focused on state laws that specifically regulate AI model development.

The draft is also significant because of both who introduced it and how they introduced it. Other federal AI bills have addressed AI safety or included preemption language, but this proposal comes from bipartisan sponsors who have been closely involved in federal AI policy². In introducing the draft, the sponsors emphasized that “policy for a technology this transformative can only be built to last if it’s written by both parties.” Just as importantly, they have framed the draft as a starting point rather than a final product, describing it as “the start of a serious national conversation.” Whether the bill advances in its current form remains uncertain, especially given the sensitivity of federal preemption and the range of issues addressed. Even if the draft changes, it may help shape the terms of future federal debates over AI safety. At a minimum, it is another sign that Congress is increasingly focused on how to govern AI systems and how federal rules should interact with the fast-moving state AI landscape.

Frontier AI Requirements: Where the Draft Aligns with State Laws

The draft’s frontier model provisions are not starting from scratch. They closely track the framework emerging from California’s SB 53, New York’s RAISE Act, and Illinois’ SB 315 (awaiting signature), including requirements for frontier AI frameworks, transparency reports, safety incident reporting, enforcement, and whistleblower protections. But the federal draft makes some important adjustments, including a revenue threshold for “frontier developers,” a definition of “critical safety incident” that is broader in some respects and narrower in others, and a federal enforcement structure with penalties of up to $1 million per day.

Key Definitions

The Draft largely aligns with recent state frontier AI laws’ definitions of “large frontier developer,” “frontier model” (encompassing foundation models trained using more than 10^26 computational operations), and “catastrophic risk” (covering certain risks of death, serious injury, or major property damage arising from frontier models). For more background on SB 53 and the RAISE Act, see FPF’s prior analysis. There are, however, a few notable differences. 

First, unlike the state laws, the Draft requires “frontier developers” to have a gross revenue exceeding $50 million. The state laws only include a gross revenue qualifier in the definition of “large frontier developer.”

Second, the draft’s definition of “catastrophic risk” does not  specify that the death, serious injury, or property damage must arise from a “single incident,” as in the state laws.

Finally, the draft’s definition of “critical safety incident” differs from the state laws by not mandating actual harm occur (such as death, bodily injury, or property loss), nor does it include scenarios where the model uses deceptive techniques to evade developer controls or monitoring.

Core Frontier Model Obligations

The draft would impose several obligations on frontier developers and large frontier developers that also largely mirror the recent state frontier AI laws. The main requirements include:

• Frontier AI Framework: Large frontier developers would need to write and publicly post a frontier AI framework addressing catastrophic-risk thresholds and mitigations, model weight cybersecurity, internal governance, and decisions about internal use and deployment. Developers would need to review the framework at least annually and publish any material modification within 30 days. These requirements closely track the state laws.
• Transparency Reports: Before, or concurrently with, deploying a new frontier model or a model with a substantial modification, frontier developers would need to publish a transparency report covering information such as release date, supported languages, output modalities, intended uses, restrictions, risk assessments, third-party involvement, and mitigation steps. These requirements largely align with recent state frontier AI laws.
• Reporting Mechanisms: The draft would require confidential reporting mechanisms for critical safety incidents and for catastrophic risks arising from a large frontier developer’s own use of its frontier models, including internal use and internally deployed models. This is similar to the state laws in allowing both frontier developers and members of the public to report critical safety incidents, but the draft adds a separate mechanism for reporting catastrophic risks from developers’ own model use.
• Critical Safety Incident Disclosures: Frontier developers would need to report critical safety incidents to the Center for AI Standards and Innovation (CASI) within 15 days of discovery, or within 24 hours if the incident poses an imminent risk of death or serious injury. This mirrors California’s SB 53, while New York and Illinois require a shorter 72-hour reporting window.
• Enforcement: Violations can result in fines of up to $1 million per violation, with each day treated as a separate violation. Federal and state attorneys general may also seek injunctions. This penalty structure may be less stringent than the state laws: SB 53 allows penalties of up to $1 million per violation, while the RAISE Act and SB 315 allow penalties of up to $3 million for subsequent violations. However, unlike the draft, those laws do not clearly cap penalties for a continuing violation at $1 million per day, meaning multiple violations could potentially be enforced in a single day.
• Definitional Updates and Rulemaking: Beginning by January 1, 2028, the CAISI Director would need to issue annual recommendations on whether key definitions should be updated. The Secretary of Commerce would also have authority to adopt rules implementing the provisions, including criteria for determining when model modifications are “substantial” or “material.” California’s SB 53 includes a similar definitional update requirement, while New York’s RAISE Act similarly provides rulemaking authority.
• Employee Whistleblower Protections: In a separate section, the draft would prohibit AI companies from retaliating against employees for lawfully reporting violations of federal AI laws and would provide remedies for employees who experience retaliation. This provision is similar to whistleblower protections in California’s SB 53 and Illinois’ SB 315, though those laws go further by requiring frontier developers to provide covered employees with clear notice of their rights and access to a reasonable internal process for anonymously disclosing information.

Taken together, the draft would bring much of the emerging state frontier AI framework into federal law. The broad architecture is familiar, but the federal draft contains key distinctions. It also does not carry over every state-law mechanism, most notably the frontier developer disclosure programs in the RAISE Act and SB 315, which require large frontier developers to maintain current filings with state agencies on ownership and business information. 

Independent Verification Organizations and Audits

The draft would also put independent auditors at the center of its frontier AI framework. Within one year of enactment, and every six months thereafter, large frontier developers would need to retain a licensed independent verification organization (IVO) to verify compliance with the draft and assess whether the developer’s risk mitigation efforts are adequate to address catastrophic risks. 

The provision reflects a broader trend toward independent evaluation of frontier models. Illinois SB 315 would also require large frontier developers to undergo independent third-party audits, but it does not create a licensing and oversight system for IVOs like the one proposed in the draft. However, other states, like Virginia, have begun exploring this model. Virginia enacted SB 384 this year, which directs the Joint Commission on Technology and Science to study the future development of an IVO framework (after earlier versions of the bill would have created an IVO licensing structure akin to this draft).

These provisions would require:

• Access: Large frontier developers would have to provide IVOs with timely access to unredacted materials and other information reasonably necessary to conduct audits and assessments. Developers could impose reasonable security protocols and access limitations to protect trade secrets and confidential business information.
• Audit and Assessment Content: IVO reports would have to describe the scope, time period covered, materials reviewed, methods used, and any limits on the assessment. They would also assess the developer’s compliance efforts; the adequacy of its frontier AI framework, and risk-monitoring; any “failure, deficiency, or material weakness;” and internal controls.
• Ad Hoc Audits and Assessments: The Director of CASI could require additional audits when necessary to verify compliance, validate prior findings, or monitor significant changes in risk, including after a critical safety incident or substantial modification.
• Supplemental Reports: IVOs could also need to submit supplemental reports when new information, unexpected model capabilities, or major model changes call into question an earlier finding that the developer was adequately managing catastrophic risks.

Additionally, the Bill would create a federal licensing and oversight system for the auditors themselves, making IVOs a potential new layer of AI governance.

Together, these proposals suggest that policymakers are increasingly looking to independent verification as a middle ground between company self-assessment and direct government review. The Great American AI Act would take that idea further by specifying who can serve as an independent verifier, what they must review, and how their findings may be shared with enforcement authorities.

Federal Preemption and the State AI Landscape

One of the draft’s most consequential provisions is its three-year preemption clause. The draft would prohibit states from establishing, continuing in effect, or enforcing any law or regulation that specifically regulates the development of an AI model (emphasis added). It would not preempt laws of general applicability, state authority granted under the draft, or laws governing post-deployment activities, including the implementation, distribution, offering, or use of AI systems, products, or services.

This approach differs significantly from the AI moratorium Congress considered last year as part of the One Big Beautiful Bill Act. That proposal would have broadly restricted states from enforcing laws or regulations that “limit,” “restrict,” or “regulate” AI models, AI systems, or automated decision systems, while allowing laws viewed as “facilitating” AI. It also evolved from a proposed ten-year pause to a five-year compromise before ultimately being removed from the package. By contrast, the Great American AI Act uses narrower language: it applies only to laws that specifically regulate AI model development and sunsets after three years.

However, as always, preemption would be complicated. Many state AI laws do not neatly separate development from deployment. They may impose obligations on developers and deployers, or require pre-deployment documentation or risk assessments for systems that are ultimately used in employment or other high-impact contexts.

As drafted, the draft’s preemptive effect would likely be greatest for state laws focused on frontier model development, such as California’s SB 53, New York’s RAISE Act, and Illinois SB 315. But the clause could also create uncertainty for other AI laws. For example, a chatbot law focused on how companies offer chatbots to the public would likely be easier to preserve under the post-deployment carveout. But if a law requires changes to how a model is trained, fine-tuned, tested, or designed before release, the line between deployment and development may be harder to draw.

The result is a preemption provision that is far narrower than last year’s proposed 10-year moratorium, but still raises significant interpretive questions. The answer to those questions is likely to have an impact on both developers and deployers, and would likely depend on how regulators and courts characterize specific laws and their requirements.

Other Key Provisions

Although the frontier model provisions are the most significant for most AI developers, the draft reaches well beyond AI safety: It also includes several provisions focused on the broader AI ecosystem, including workforce development and displacement. This section highlights three additional provisions worth watching: a study on government engagement with AI platforms, new federal AI testbeds and voluntary model testing, and disclosure requirements for AI-related mass layoffs.

• Study on Protecting Free Speech: The draft would direct the Secretary of Commerce to study how the government encourages or pressures AI companies on content moderation, information prioritization, and output generation. The report must examine legal frameworks governing federal agency interactions with AI platforms and recommend legislation providing individuals with redress against unlawful government censorship, including transparency and oversight mechanisms. While this section is only a study requirement, it signals congressional interest in how the government communicates with AI companies about content moderation and model outputs. For AI companies, this study may lead to future regulation on transparency and government oversight.
• AI Testbeds: The draft would direct the establishment of an AI testbed program for testing, evaluating, and assessing AI systems, including automated evaluations, security vulnerability assessments, and computational resource assessments. It would also establish a voluntary foundation model testing program for vendors of foundation models, AI virtual agents, and robots that incorporate foundation models. This provision parallels recent federal activity around voluntary AI testing and evaluation, including the White House’s June 2026 executive order establishing a voluntary framework for certain frontier AI developers to share models with the federal government before public release for national security and cybersecurity assessment.
• Disclosures for AI Layoffs: The draft would require employers to provide 60 days’ advance notice when AI is a “substantial factor” in a mass layoff, including information on the AI involved, the estimated share of job losses attributable to AI, and pre-layoff upskilling or retraining efforts. A similar requirement was recently enacted in Connecticut’s SB 5, which requires employers issuing mass layoff notices to tell the state’s Labor Department whether the layoffs are related to the employer’s use of AI. This provision reflects growing interest in how AI may affect workforce displacement and whether existing worker-notice frameworks should account for AI-related job losses.

Conclusion

The Great American AI Act is still a discussion draft; whether it will advance in its current form remains uncertain. Federal AI legislation has faced a difficult path in Congress and the draft touches on issues, especially frontier model safety and preemption, that are likely to generate significant debate.

But the draft is still an important marker in the federal AI conversation. It shows that Congress is continuing to consider how to regulate frontier model development, how to structure independent oversight, and how federal rules should interact with the growing number of state AI laws. Even if this bill changes substantially, these questions are unlikely to go away.

In the meantime, states are likely to continue to test different approaches to AI regulation, including laws that regulate frontier model development, deployment, or both. That could make the draft’s preemption language especially important to watch. The next phase of AI policymaking could be defined not only by the rules new proposals would set, but also by the coalitions advancing them and the venues where they move forward: Congress, the Executive Branch, the states, or all three.

1. Five major federal chatbot proposals have been introduced: the CHAT Act (S.2714/H.R. 7218), GUARD Act (S.3062/HB 8623), SAFE BOTs Act (H.R. 6489), Youth AI Privacy Act (S. 4199), and the CHATBOT Act (S 4407). ↩︎
2. Rep. Obernolte (R-CA) previously co-chaired the bipartisan House Task Force on Artificial Intelligence, which released its final report in December 2024. Rep. Trahan (D-MA), a member of the House Energy and Commerce Committee’s Innovation, Data, and Commerce Subcommittee, has also been active on technology accountability issues. ↩︎

Privacy Becomes You, Bayou State: A Look at the Louisiana Data Privacy Act

Louisiana has become the 22nd U.S. state to enact a comprehensive consumer privacy law—and the third this year following Oklahoma and Alabama—after Governor Landry signed the Louisiana Data Privacy Act (LDPA) (SB 386) on May 29. Overall, this is a fairly standard state privacy law that follows the Washington Privacy Act framework apart from the law’s CCPA-style applicability thresholds. The law will go into effect on January 1, 2027. This blog post covers the LDPA’s scope, consumer rights, business obligations, and enforcement. 

Scope

Applicability: Like other comprehensive privacy laws based on the Washington Privacy Act (WPA) framework, this law regulates controllers’ and processors’ collection and use of personal data.

Departing from the common WPA framework, this law’s applicability thresholds are modeled on those under the California Consumer Privacy Act (CCPA). The LDPA only applies to a person or entity doing business in Louisiana that either—

1. Has annual gross revenues exceeding $25 million; 
2. Annually buys, “receives for the business’s commercial purposes,” sells, or shares for commercial purposes the “personal information” of at least 75,000 consumers, households, or devices; or 
3. Derives 50% or more of its annual revenues from selling consumers’ “personal information.”

Not only do these thresholds reflect those under the CCPA, they also use the undefined term “personal information” (which is used in the CCPA) rather than the defined term “personal data” used throughout the LDPA. One unique aspect of these applicability thresholds is that prong (2) adds the criteria “receives for the business’s commercial purposes,” which is not present in the CCPA’s text although that law defines “commercial purpose” and uses the term in other contexts. (§ 1780.2(A).)

The LDPA includes broad entity- and data-level exemptions, including for—

• State agencies or political subdivisions;
• Financial institutions, affiliates, or data subject to the GLBA; 
• Covered entities, business associates, and protected health information governed by HIPAA; 
• Health records;
• Information included in a limited data set maintained as required under 45 C.F.R. 164.514(e);  
• Nonprofits, including political organizations; 
• Institutions of higher education; 
• Information collected, used, or disclosed by a consumer reporting agency or furnisher to the extent regulated by and authorized under FCRA; 
• Personal data collected, processed, sold, or disclosed in compliance with the DPPA; 
• Personal data regulated under FERPA; and more. (§ 1780.2(B)-(C).)

Key Definitions: Personal data is defined consistently with other state laws as information that is linked or reasonably linkable to an identified or identifiable individual, and it does not include deidentified data or publicly available information. Sensitive data includes: personal data revealing racial or ethnic origin, religious beliefs, mental or physical health diagnosis, sexuality, or citizenship or immigration status; genetic or biometric data processed for uniquely identifying an individual; personal data collected from a known child (under 13); and precise geolocation data (within a radius of 1,750’). This definition is narrower than in many of the newer state laws, which often include other categories such as consumer health data, neural data, or status as a victim of a crime. (§ 1780.1.)

This law includes many of the key definitions associated with the Connecticut-model of state laws. For example: the definition of “biometric data” includes data generated from a photograph or video or audio recording if generated to identify a specific individual; “dark patterns” are defined and prohibited for obtaining consent; and “sale” is defined broadly to include exchanges of personal data for “other valuable consideration” apart from monetary consideration. (§ 1780.1.)

Consumer Rights

Consumers will have the standard rights to: confirm whether their personal data is being processed; access their personal data; correct inaccuracies in their personal data; have their personal data deleted; obtain a copy of their personal data in a portable format (if available in a digital format); and opt-out of the processing of their personal data for the purposes of targeted advertising, the sale of personal data, and profiling in furtherance of a decision that produces a legal or similarly significant effect concerning the consumer. Like the laws in Tennessee and Alabama, these consumer rights (including the opt-out right) do not apply to pseudonymous data if the controller is able to demonstrate that information necessary to identify the consumer is kept separately and subject to effective technical and organizational controls that prevent the controller from accessing the information.  (§ 1780.3(A), 1780.4(O),)

Controllers must respond to consumer rights requests within 45 days, which can be extended an additional 45 days if necessary so long as the consumer is informed of the extension and the reason. If a controller declines to act on a consumer request, then it must inform the consumer of the decision, the justification, and how to appeal the decision. A controller is not required to comply with a rights request that it cannot authenticate, and that the authentication requirement extends to the consumer opt-outs as well. Some states, like Connecticut, provide that a controller does not need to authenticate an opt-out request but may deny an opt-out request if it has a good faith, reasonable and documented belief that the request is fraudulent. (§ 1780.3(B).)

In another departure from the Connecticut-style suite of state laws, the LDPA does not appear to require a controller to provide consumers with a mechanism to revoke previously given consent. 

What about Agents and OOPS? A consumer will be able to designate another person to serve as the consumer’s authorized agent to opt-out of the processing of consumer’s personal data for targeted advertising or the sale of personal data. Although the law does not reference opt-out preference signals (OOPS) or universal opt-out mechanisms (UOOM), it does provide that a consumer can “designate an authorized agent using a technology, including . . . a global setting on an electronic device,” that allows the consumer to indicate the consumer’s intent to opt out of the processing for targeted advertising, for sale of personal data, or both.” Additionally, a “technology” described in the subsection may not “unfairly disadvantage another controller,” make use of a default setting (instead requiring “an affirmative, freely given, and unambiguous choice” by the consumer), and be consumer-friendly and easy to use. These are the common requirements for an OOPS under the state comprehensive privacy laws. 

The use of a technologically-designated authorized agent by a consumer could be limited due to several exceptions under the law. A controller is not required to comply with an opt-out request from an authorized agent if: the authorized agent does not communicate the request in a clear and unambiguous manner; the controller cannot verify (with reasonable effort) that the consumer is a resident of Louisiana; the controller does not possess the ability to process the request; or the controller “does not process similar or identical requests the controller receives from consumers for the purpose of complying with similar or identical laws or regulations of another state.”(§ 1780.3(E)(5)-(6).) 

Business Obligations

Consistent with most of the state privacy laws, controllers and processors are subject to an enumerated list of duties under the law—including transparency, data minimization, data security, non-retaliation, oversight of processors, data protection assessments, and children-specific protections—as well as a list of broad exceptions. 

Transparency: Controllers must provide consumers with a “reasonably accessible and clear privacy notice” including information such as categories of personal data processed, processing purposes, how consumers can exercise their data rights, categories of personal data sold to third parties, and categories of third parties to whom data is sold. If the controller sells personal data, processes personal data for targeted advertising, sells sensitive data, or sells biometric data, there are additional notices that must be provided in the privacy notice (e.g., “NOTICE: We may sell your sensitive data”). (§ 1780.4(B).)

Data Minimization: The LDPA includes common procedural data minimization and purpose limitation restrictions. A controller must— 

• “[L]imit the collection of personal data to what is adequate, relevant, and reasonably necessary in relation to the purposes for which that personal data is processed, as disclosed to the consumer” 
• Obtain the consumer’s consent to “process personal data for a purpose that is neither reasonably necessary to nor compatible with the disclosed purpose for which the personal data is processed, as disclosed to the consumer”; and 
• Obtain the consumer’s consent to process the consumer’s sensitive data. (§ 1780.4(A).)

Data Security: A controller must establish, implement, and maintain reasonable administrative, technical, and physical data security practices that are appropriate to the volume and nature of the data. (§ 1780.4(A)(1)(b).)

Anti-discrimination and Non-retaliation: Controllers cannot process personal data in violation of state and federal laws that prohibit unlawful discrimination against consumers. Controllers also may not deny goods or services, charge different prices or rates for goods or service, or provide a different level of quality of goods or services to the consumer as retaliation for a consumer exercising any of their rights under the LDPA, subject to exceptions (e.g., if the data is necessary to provide a service or processed in connection with a bona fide loyalty program). (§ 1780.4(A).)

Processors: Processors must adhere to the instructions of a controller and assist the controller in complying with the controller’s duties or requirements under the law. Whether a person is acting as a controller or processor is a fact-based determination depending on context, but a processor remains a processor if they are adhering to a controller’s instructions with respect to a specific processing activity. There must be a valid contract in place between the controller and processor that meets statutory criteria (e.g., clear instructions for processing, deleting or returning personal data after the service is concluded). (§ 1780.4(D).)

Children’s Privacy: Consistent with most other state comprehensive privacy laws, the LDPA includes protections for children’s personal data and provisions that address COPPA compliance. “Sensitive data” includes personal data collected from a known child, and a controller must process the sensitive data of a known child in accordance with COPPA. Parents are able to exercise consumer rights on behalf of a child whose personal data is processed. Controllers and processors that comply with the verifiable parental consent requirements of COPPA are deemed to be in compliance with any requirement to obtain parental consent under the LDPA. In contrast to many of the newer state comprehensive privacy laws, the LDPA does not include opt-in rights for teenagers with respect to targeted advertising or the sale of personal data. (§§ 1780.1, 1780.2(E), 1780.3(A) & 1780.4(A).)

Data Protection Assessments: Controllers must conduct and document a data protection assessment for processing activities that present a heightened risk of harm to consumers, including processing personal data for targeted advertising, selling personal data, processing personal data for profiling that presents a reasonably foreseeable risk of substantial injury to consumers, and processing sensitive data. A controller must make a data protection assessment available to the Louisiana attorney general if requested in a civil investigative demand (although that requirement includes a cross-reference to a non-existent subsection of the law). (§ 1780.4(E).)

Exceptions: This bill includes a number of common exceptions, providing that nothing in the law shall be construed to limit a controller’s or processor’s ability to: comply with state, federal, or local laws or regulations; comply with regulatory inquiries or investigations; provide a specifically requested product or service; engage in public or peer-reviewed research in the public interest adhering to relevant safeguards; cooperating with law enforcement agencies; internal use of data for conducting research, effectuating a product recall, identifying and repairing technical errors, performing internal operations reasonably aligned with consumers’ expectations; and more. (§ 1780.4(G)-(I).) 

Miscellaneous: This law includes one unique provision related to the sale of sensitive data. Section 1780.4(P) provides that “[a] person or entity described by R.S. 51:1780.2(A)(3) may not engage in the sale of personal data that is sensitive without receiving prior consent from the consumer,” and violation of that requirement subjects a person to a penalty under the law. The cross-reference is to the applicability threshold for a person or entity that does business in the state and that derives fifty percent or more of its annual revenues from selling consumers’ “personal information.” This is an ambiguous requirement. An entity meeting that threshold would already be under the requirement to obtain consent prior to processing sensitive data, which includes selling data, so it is not clear that this is an added responsibility, unless it is meant to apply more broadly. But there is no other language in the requirement suggesting that it would apply notwithstanding the law’s broad entity-level exemptions.

Enforcement

The Louisiana Attorney General will enforce the LDPA and violations will constitute unfair and deceptive trade practices under Louisiana’s Unfair Trade Practices and Consumer Protection Law. Notably, the private rights of action under the unfair trade practices law do not extend to violations of the LDPA. For the first six months of enforcement (January 1, 2027 to July 31, 2027), the attorney general must give persons notice of alleged violations and at least 30 days to cure those violations prior to initiating an investigation. 

The attorney general is required to post online information regarding controllers’ and processors’ responsibilities and consumer rights under the law, and money received from enforcement actions will go towards funding the attorney general’s consumer protection efforts or promoting consumer protection and education. 

* * *

Looking to get up to speed on the existing state comprehensive consumer privacy laws? Check out FPF’s 2025 report, Anatomy of a State Comprehensive Privacy Law: Charting the Legislative Landscape. 

Pictured: Louisiana receiving its star on the FPF “Privacy Patchwork” quilt.

Comparing Enacted App Store Accountability Acts

On May 28, 2026, the 5th Circuit granted a stay on the preliminary injunction blocking enforcement of Texas’s App Store Accountability Act (ASAA)—meaning the law is now in effect while litigation on the merits continues. In 2025, Utah, Texas, and Louisiana enacted App Store Accountability Acts (ASAAs) which impose novel and significant age assurance obligations on app store providers and app developers. These laws require account holder age verification and parental consent for minors at the app store level, with age band and consent data transmitted between the two parties via bespoke “age signals.” Texas’s law was the first scheduled to go into effect on January 1, 2026. Before the law took effect, however, two groups filed suit challenging its constitutionality on First Amendment grounds. In December 2025, a federal judge issued a preliminary injunction blocking the law, finding it more likely than not an unconstitutional content-based regulation. Attorney General Paxton quickly appealed this decision to the 5th Circuit seeking a stay on the injunction, which was subsequently granted last week. 

The uncertain constitutional outlook of ASAAs puts compliance teams in a difficult position. Moving slowly risks liability if the laws survive legal challenge; moving quickly risks sunken compliance costs if ASAAs are ultimately struck down—costs that could have otherwise been diverted to other important trust and safety priorities. While Utah’s, Texas’s, and Louisiana’s laws impose broadly similar obligations on app store providers and developers, important distinctions will shape how companies ultimately achieve compliance. Amendments to Utah’s and Louisiana’s laws in 2026 further shape the developing obligations in each state. FPF created a comparison chart detailing the key terms, scope, and core obligations of these laws, including changes incorporated by 2026 amendments. The chart also includes an Appendix detailing current information about Developer APIs released publicly by app stores to aid developers as these requirements go into effect. 

Key takeaways from this resource include:

• Scope: These laws apply broadly to apps publicly available to consumers for download in an app store with very narrow exceptions, such as for settings apps or essential device drivers, and no wholesale exemptions from application. Uniquely, Louisiana also applies to apps that are available for download from an app store onto connected devices.
• Obligations: These laws require app store providers to implement age verification and obtain parental consent for minor account holders making purchases, downloads, in-app transactions, or significant account changes. Utah and Louisiana extend this requirement to a minor’s first-time access to many pre-loaded apps. Developers must request and receive age signals from app stores, use that data to manage minor access, and implement appropriate safety features. Utah and Louisiana add notable nuances for developers, such as allowing them to request that app stores block minor access to their apps entirely, or permitting reliance on a primary account holder’s age data for “family account apps.”
• Enforcement: Private rights of action (PRAs) are a trending enforcement mechanism in ASAA models. While Utah relies solely on a PRA for enforcement, Texas’s law only allows a PRA through incorporated references to the Deceptive Trade Practices Act (DTPA). Louisiana is the only law that  does not include a PRA.

The ASAA trend has continued into 2026 with Alabama enacting a new ASAA law back in February. Alabama’s law largely tracks with the ASAA models in Utah and Louisiana following their 2026 amendments. As ASAA legislation and litigation continues to develop, the 5th Circuit’s stay on injunction means that compliance teams must figure out how to navigate this growing thicket of app store age signals and online safety requirements in the meantime.

No Silver Bullet, But a Silver Lining? PETs and International Data Transfers

Is there a role for Privacy Enhancing Technologies (PETs) to play in the context of international data transfers? The answer to this question could be one of the keys to unlock trusted cross-border data flows at scale in the age of AI.

This was the topic explored in a session organized by the Future of Privacy Forum (FPF) during the Global CBPR Forum in Lima, Peru. Bringing together technical, regulatory, policy, and academic perspectives, the session provided an in-depth overview of initiatives centering on PETs in data transfer developments. It included a technical presentation of two of the most promising such technologies available – trusted execution environments and differential privacy, as well as a recent use case from a US-UK policy pilot and a regional perspective on PETs adoption in Latin America.

The session highlighted both the growing maturity of PETs deployments, as well as the structural challenges that continue to shape their adoption. A central takeaway was that PETs are increasingly being positioned as enabling tools for data use and collaboration — particularly in contexts where legal, regulatory, or trust constraints have historically limited data sharing. By illustrating a specific medical use case and their technical features, speakers demonstrated how PETs can support more responsible data ecosystems and trusted data sharing.

You can read the full blog on the Global CBPR Forum’s website here.

Career Choice in the AI Age: What Next for Privacy and Data Professionals?

When I was in college, privacy existed but the privacy profession did not. Some cynics might say that the reverse is true now, but the reality is more complex: even amidst mounting pressures on individual privacy, there are arguably more privacy protections enshrined into law around the world than ever before. 

One point, though, is beyond debate: the privacy profession is changing. The rise of AI and AI governance work, under the broad umbrella of privacy and compliance work, raises questions about law and policy, how to be effective internally, how to take basic data governance and map it to AI governance, and how to create sustainable governance structures and processes. But it also raises fundamental – and familiar – questions about how we map our careers and what choices we make. 

“Some have greatness thrust upon them”¹

Many of the first privacy professionals started by doing other things and in many cases being appointed by their organization to handle the new privacy issues that arose. I started in government affairs and lobbying and bounced into privacy via trust and safety. Many privacy lawyers were simply lawyers in legal departments working on contracts or compliance or intellectual property and were “volunteered” to handle privacy.

Over time a new generation of privacy pros arose, intentionally choosing to work on these interesting new issues. Some loved learning the new technologies. Some were attracted to the idea of upholding the core and important values of privacy. Others liked the multidisciplinary nature of the work. It was a basket of “cool” legal and policy issues on the leading edge of technology. 

Eventually the profession got more specialized, with engineers, project managers, non-lawyers and the like finding important roles.  And over time, the uphill nature of the work caught up with some privacy pros (but not all), giving rise to burnout from constantly feeling like the organization resists the compliance work or concept of risk that privacy pros perceive. 

AI is a major technological leap, raises new issues of law and policy and governance, and arrived so fast that few data or AI professionals were in a position to intentionally choose the work they do now. This has implications for how people might think about their careers in data, privacy, and AI.

One might characterize privacy professionals in four categories since AI swept in.

Adopting – They love the job and they’re making it their own. They think the tech is cool, they’re optimistic about what AI will be able to do. The law, policy, and governance challenges are interesting. This work gives them purpose and meaning.

Adapting — Realistic and pragmatic, figuring it out and making it work. The adapters might be struggling because they didn’t really wish for AI; they wouldn’t have chosen it. They’re in a privacy role and now they must adapt to this new technology and this new set of issues and this new pace of change. They try to make the most of it but now career questions arise: Is this the work they want to do? Purpose and meaning are in question.

Enduring — Hanging on, fighting the good fight, until something else feels more rewarding. A sense of obligation or duty, such as a need to support a family, supplants purpose and meaning.

Resisting – Resistance takes two broad forms. The change is too much, there’s no interest in the technology, fear and anxiety predominate, and change is resisted. Some people withdraw. These are the “quiet quitters” who don’t know what to do, think they are in a comfort zone and don’t want to leave it. Alternatively, people get angry and rebel, resist, push back and try to stop it or bring about meaningful change.  

Where Are You Going?

Maybe you see yourself in one of these categories. Maybe you fit into a category not mentioned here (tell us about it!). For three of the four, career choices loom: Is this what I want to work on, work that chose me that I did not choose? What’s next?

Here are some helpful lenses or frameworks to think about the career choices and mapping we face:

Run toward, not away. It’s important to feel like you’re running towards something desirable rather than running away. That means you need to do the work to figure out what you want. That often connects to a deeper meaning or purpose. 

Enlarge, not diminish. Another useful lens for looking at big decisions (career or otherwise) is an idea put forth years ago by James Hollis, a Washington DC area psychologist. He suggests asking this question: “Does this choice diminish me, or enlarge me?”² It’s a powerful question. If working on AI makes you feel bigger in the organization, or it feels like growth to you or it makes you feel more influential more on top of things then that’s clearly a good choice – for you.  If it makes you feel smaller, like you’re being pushed down in the organization, like you can’t keep up, like you’re overwhelmed, then maybe this isn’t a good choice and a good place to stay in your career.

Practice, practice, practice. What is the practice in your profession, the thing you seek to perfect? Surgeons seek to get better at surgery. Pianists practice to constantly get better. Professional athletes, lawyers, teachers, coaches, all seek to get better at what they do. That refinement of the craft, through daily practice, provides meaning and focus. What is it in your role that is the daily practice, the craft you seek to refine, the talent you seek to develop? If that question is hard to answer, it might be time for a change.

When in doubt, choose growth. So often what feels like languishing or burnout might simply be an absence of growth. Feeling like we are growing creates meaning and focus. Horizontal growth, the learning of new information, broadening one’s horizons, can be entertaining but insufficient. Vertical development – growing soft skills, ability to lead people and across teams, expanding impact in the org or profession – is more meaningful for people. Are you growing now? What would feel like growth to you?

What changes if you have a clear destination or desired outcome to move toward? What does it feel like to simply move and act and see where change takes you – or leaves you? 

We hope we don’t have to simply endure. If we do, we might hope we’d have the courage to resist. In the end, we will all have to be adapters, but what could it feel like to intentionally choose? What would it feel like to find direction and purpose, to feel new growth and adopt one’s work, role, and the technological change underway?

It’s important to be clear about what’s happening with you, to identify which category above you’re in and find a lens through which to see your choices. If you’re just making it up as you go along, you might still find yourself in a place you don’t want to be. It’s normal human behavior to want to stay in our comfort zones, but how can a place where you merely endure and do not grow be a comfort? 

Privacy and data professionals are multi-faceted and multi-talented people. They may be guided by core values like privacy, excited by technology, eager to launch new products, or simply do good work.  The lenses set out above are not the only ones: you can start with why, think about what you long for, explore the Ikegai matrix, or any number of other ways to think about what’s next.  But make a choice, rather than let events simply happen to you. Our careers are often set up as default opt-out, but we can choose to opt-in to the work that fulfills us.  AI presents us with that choice.

1. Twelfth Night, Act II scene 5: “Be not afraid of greatness: some men are born great, some achieve greatness and some have greatness thrust upon them.” ↩︎
2. James Hollis, What Matters Most: Living a More Considered Life, p.13.  “Ask yourself of every dilemma, every choice, every relationship, every commitment, or every failure to commit, “Does this choice diminish me, or enlarge me?” Do not ask this question if you are afraid to find the answer.” ↩︎

FPF Releases Practitioner Guides on Privacy Enhancing Technologies for Education Stakeholders

The Future of Privacy Forum (FPF) has released a suite of practitioner resources on Privacy Enhancing Technologies (PETs) for the education sector. Building on FPF’s 2025 landscape analysis of PETs adoption by State Education Agencies, the new resources move from landscape analysis to implementation considerations — providing audience-specific guidance for the three practitioner communities most responsible for handling student data: state education agencies and statewide longitudinal data systems, education researchers, and EdTech vendors.

FPF worked with AEM Corporation to develop the resources, which include three practitioner guides and a comparative reference chart covering seven PETs relevant to education data environments.

Addressing a Gap Between Awareness and Practice

FPF’s 2025 landscape analysis found that awareness of PETs among education practitioners remains limited, and that even practitioners who understand what PETs are often lack the use case guidance needed to match a specific technology to a specific workflow. The new guides are designed to close that gap. Each is written for its audience’s actual decision context —as a practical resource for the people who manage longitudinal data systems, design research studies, or build and test EdTech products using student data.

“State education agencies, researchers, and EdTech vendors all work with student data, but they face different risks, different analytical requirements, and different governance obligations,” said Jim Siegl, FPF Senior Fellow for Youth & Education Privacy. “These guides are designed to help each audience understand not just what PETs can do, but what each approach costs analytically — and how to make and document those tradeoffs responsibly.”

What the Guides Cover

Privacy Enhancing Technologies for State Education Agencies: A practical guide to privacy-preserving computation for state education data systems addresses the specific challenges of SEA and SLDS environments, where linked longitudinal records create both high analytical value and elevated re-identification risk. The guide explains how PETs can reduce how often student-level data must be copied, moved, or distributed to support analysis, and provides use case guidance for cross-agency computation, public reporting, and research partnerships. It also addresses a tension that is particularly acute in state education data: the student populations most at risk of re-identification — small districts, low-incidence disability categories, and rare demographic combinations — are often those for whom noise-based methods like Differential Privacy perform least well analytically.

Privacy Enhancing Technologies for Education Researchers: A practical guide to conducting education research with reduced data exposure addresses the analytical tradeoffs researchers need to understand before selecting a PET for a given study. Results produced under Differential Privacy carry an epsilon parameter that should be reported. Synthetic data findings require disclosure of generation methodology and fidelity validation. The guide frames PET selection as a methodological decision with implications for replication and publication, not just a data governance requirement.

Privacy Enhancing Technologies for EdTech Vendors: A practical guide to handling student data across product, testing, and analytics workflows addresses the range of vendor workflows — system testing, staff training, product analytics, and collaborative research with agencies — that involve student data and carry different PET requirements. The guide emphasizes that vendors operate under a dual obligation: to deliver useful analytics and product capabilities, and to handle student data in ways that honor the trust schools and agencies have placed in them. It includes guidance on transparency with agency partners when PET-protected outputs are shared, including disclosure of noise parameters and fidelity limitations.

The Comparison Chart

Accompanying the three guides is a comparative reference chart covering seven PETs — Differential Privacy, Synthetic Data, Federated Learning, Trusted Execution Environments, Secure Multi-Party Computation, Homomorphic Encryption, and Zero-Knowledge Proofs — across six dimensions: approach, benefits, limitations, example use case, data utility impact, and implementation complexity. The chart is designed as a standalone reference for practitioners who need to quickly orient to the PET landscape or compare options for a specific workflow, without reading all three guides in full.

Selecting the Right PET

A consistent theme across all three guides is that PET selection is a methodological decision, not a compliance checkbox. Each approach involves a tradeoff between privacy protection and analytical precision, and that tradeoff varies by method and by context. Differential Privacy introduces noise that grows more distorting as group sizes decrease. Synthetic data may misrepresent rare populations. Secure Multi-Party Computation and Trusted Execution Environments constrain which analyses can be run. Federated Learning reduces raw data exposure but can produce less accurate models when district data is heterogeneous.

The guides encourage practitioners to identify the acceptable level of analytical imprecision for their specific workflow before selecting a PET, to document that choice and its rationale, and to disclose relevant parameters — such as epsilon values for Differential Privacy or fidelity validation results for synthetic data — where outputs are shared or published. PETs work best when integrated into existing data governance frameworks rather than treated as standalone solutions.

FPF has actively contributed to shaping policy and practice around PETs through discussion papers, reports, stakeholder engagement, and its PETs Repository, launched in November 2024 as a centralized resource for practitioners seeking practical information about these technologies. The new practitioner guides extend that work by providing the audience-specific implementation guidance the landscape analysis identified as a critical gap.