Blog

This Issue Brief analyzes Brazil’s recently enacted children’s online safety law, summarizing its key provisions and how they interact with existing principles and obligations under the country’s general data protection law (LGPD). It provides insight into an emerging paradigm of protection for minors in online environments through an innovative and strengthened institutional framework, focusing on […]

Since the California Consumer Privacy Act (CCPA) was enacted in 2018, business obligations under the law have continued to evolve due to several rounds of rulemaking by both the Attorney General and the California Privacy Protection Agency (CPPA). The latest regulations from the CPPA are some of the most significant yet. Starting January 1, 2026, […]

Conversational AI technologies are hyper-personalizing. Across sectors, companies are focused on offering personalized experiences that are tailored to users’ preferences, behaviors, and virtual and physical environments. These range from general purpose LLMs, to the rapidly growing market for LLM-powered AI companions, educational aides, and corporate assistants. There are clear trends among this overall focus: towards […]

On July 17, 2025, the Future of Privacy Forum (FPF) hosted the second in a series of Technologist Roundtables with the goal of convening an open dialogue on complex technical questions that impact law and policy, and assisting global data protection and privacy policymakers in understanding the relevant technical basics of large language models (LLMs). […]

In the U.S., state lawmakers are seeking to regulate various pricing strategies that fall under the umbrella of “data-driven pricing”: practices that use personal and/or non-personal data to continuously inform decisions about the prices and products offered to consumers. Using a variety of terms—including “surveillance,” “algorithmic,” and “personalized” pricing—legislators are targeting a range of practices […]

Cross-border data flows are critical to Africa’s digital economy, enabling trade, innovation, and access to continental and global markets. As the drive towards data-driven technologies among businesses and governments grows, the ability to transfer personal data across borders efficiently and securely has become a key policy concern on the continent, a position echoed by the […]

This Issue Brief summarizes key developments in data protection laws across the Asia-Pacific region since 2022, when the Future of Privacy Forum (FPF) and the Asian Business Law Institute (ABLI) published a series of reports examining 14 jurisdictions in the region. We found that while many offer alternative legal bases for data processing, consent remains […]

Enforcement activity intensifies as U.S. consumer privacy laws continue to evolve and come into effect. In 2023 and 2024 alone, there have been dozens of enforcement actions at the U.S. federal and state levels, some of which reveal or touch on significant throughlines for privacy policy issues, such as what constitutes a privacy violation or […]

Today, the Future of Privacy Forum (FPF) Center for Artificial Intelligence is releasing a newly updated version of our Generative AI internal compliance document – Generative AI for Organizational Use: Internal Policy Considerations, with new content addressing organizations’ ongoing responsibilities, specific concerns (e.g., high-risk uses), and lessons taken from recent regulatory enforcement related to these technologies. […]

Authors: Maria Badillo and Momina Imran Today, the Future of Privacy Forum (FPF) published an Issue Brief analyzing the regulatory strategies and priorities of data protection authorities (DPAs) in Latin America. Titled Regulatory Strategies and Priorities of Data Protection Authorities in Latin America: 2024 and Beyond, the Issue Brief outlines an overview of the various […]