CPRA Law + Tech Series: Universal Opt-Outs and Global Privacy Controls

FREE March 18, 2022 @ 3:00pm - 4:15pm ET (12:00pm - 1:15pm PT)

Overview

CPRA Law + Tech Series: Understanding Data, Decisionmaking, and Design

Session 5: Universal Opt-Outs and Global Privacy Controls

Co-Hosted by: California Lawyers Association Privacy Law Section and the Future of Privacy Forum

About the Series: What do privacy lawyers need to know about the technologies and data practices at the heart of emerging legislation? New state privacy laws, including the California Privacy Rights Act (CPRA), will introduce a host of new obligations for businesses. Privacy lawyers charged with operationalizing these requirements will need to understand the technologies that these laws address.

In this Winter 2022 series, the California Lawyers Association Privacy Law Section and FPF will host informational sessions on technological basics for privacy lawyers. Each session will provide a brief summary of new requirements under the CPRA, the Virginia Consumer Data Protection Act (VCDPA), and the Colorado Privacy Act (CPA), accompanied by an exploration of the key technologies that are addressed in these laws, including digital advertising, global opt-outs, automated decisionmaking, and dark patterns.

About Session 5: Join us on Friday, March 18th, from 12:00-1:15PM Pacific Time, for an informational presentation on universal opt-outs and global privacy controls.

Most consumer privacy laws, to different extents, require businesses to comply with verifiable consumer requests to object to, or opt out of, certain activities, such as sale or targeted advertising. In addition, however, CPRA and other upcoming consumer privacy laws are increasingly contemplating the development of “global privacy controls.” Instead of requiring consumers to submit a request to opt-out from each specific company, global privacy controls include mechanisms by which a consumer can use an intermediary (e.g. browser, plug-in, or device setting) to universally or “globally” communicate that person’s choice to opt-out of certain processing activities to all companies with whom the consumer interacts.

How do these kinds of global opt-out signals work in practice, and what could they look like in the future? This session will provide a lawyer-friendly explanation of how such signals work, summarize what website operators should know in order to implement these technologies, and explore other technical and design issues related to their development in practice.

We are pleased to be joined by guest experts:

Dr. Rob van Eijk (EU Managing Director, Future of Privacy Forum) – Dr. van Eijk holds a Ph.D. in programmatic advertising from Leiden University, and served as a Senior Technologist with the Dutch Data Protection Authority for nearly ten years, prior to joining Future of Privacy Forum as its EU Managing Director. In this role, he represented the Dutch DPA and European Data Protection Authorities in the multi-stakeholder negotiations of the World Wide Web Consortium on Do Not Track. Read his full bio here.

Tanvi Vyas (Principal Engineer, Mozilla) – Tanvi Vyas is a Principal Engineer at Mozilla where she is advocating for a more private web for all users. She leads the vision and development of privacy features in Firefox, including Enhanced Tracking Protection and Firefox Containers, an identity segregation system. Tanvi is also the co-chair of the W3C Privacy Community Group, which is a cross-industry organization that develops privacy-focused web standards and APIs.

Download the Slides | Watch the Recording

Speakers

Tanvi Vyas

Principal Engineer, Mozilla

Tanvi Vyas is a Principal Engineer at Mozilla where she is advocating for a more private web for all users. She leads the vision and development of privacy features in Firefox. Most notably, she drove the effort to design and release Enhanced Tracking Protection to all Firefox users, mitigating the threat of cross-site tracking. She created the concept behind Firefox Containers, an identity segregation system that allows users to separate their online personas. She also led a team to ship Facebook Container, an extension that protects users from Facebook tracking. Tanvi is a member of the Firefox Senior Leadership team, where she focuses on the growth and maturity of the engineering organization.

Tanvi is the co-founder and co-chair of the W3C Privacy Community Group, which is a global cross-industry organization that develops privacy-focused web standards and APIs. Before immersing herself in privacy, Tanvi focused on web application security as a Firefox engineer and as a Paranoid at Yahoo. She has a masters degree from Stanford University, where she did research on Elliptic Curve Cryptography with Dan Boneh. She did her undergraduate studies at UCLA, where she obtained a double major in Mathematics and Business Economics.

Rob van Eijk

Managing Director, Europe, Future of Privacy Forum

Dr. Rob van Eijk serves as the Future of Privacy Forum’s Managing Director for Europe. In this role, van Eijk implements FPF’s agenda in Europe, overseeing its day-to-day operations, and managing relationships with stakeholders in the industry, government, academia, and civil society. Van Eijk is a technologist with an M.Sc. from the Leiden Institute of Advanced Computer Science, Leiden University, and a Ph.D. from Leiden Law School, Leiden University, focusing on online advertising (real-time bidding).

Prior to serving in this position, van Eijk worked at the Dutch Data Protection Authority (DPA) as Senior Supervision Officer and Technologist for nearly 10 years. He represented the Dutch DPA in international meetings such as the Technology Expert group of the European Data Protection Board (EDPB) and as a technical expert in court. He also represented the European Data Protection Authorities, assembled as the Article 29 Working Party, in the multi-stakeholder negotiations of the World Wide Web Consortium on Do Not Track.

Learn more about Rob’s work by reading Rob van Eijk Discusses Trends in European Privacy Discussions.