Across the United States, evolving data collection and processing practices are driving digital services and socially beneficial research, but also pose increasing risks to individuals and communities that America’s existing sectoral privacy frameworks are insufficient to govern. In response, leaders in law and policy are considering more comprehensive approaches to privacy regulation, which establish baseline rights and protections for personal data throughout the economy. Years of negotiations in Congress culminated in the introduction of the bipartisan American Data Privacy and Protection Act in 2022; however, its fate remains uncertain. In the absence of federal legislation, five U.S. states—California, Virginia, Colorado, Utah, and Connecticut— enacted comprehensive consumer privacy laws between 2018-2022.
The Future of Privacy Forum provides expert, independent analysis of legislative and regulatory approaches to protecting data privacy interests. FPF does not typically support or oppose particular bills, but instead focuses on analyzing proposals in relation to existing privacy frameworks, sharing information on current data practices and technologies, and ensuring that data governance strategies are future-looking and adaptable.
FPF also engages with the broader privacy community through reports, blog posts, webinars, and educational programs such as the CPRA Law + Tech Series. It is our view that robust and durable policy outcomes can be achieved when all stakeholders are equipped to understand the key technologies, business practices, and legal mechanisms available to regulate privacy and data protection. FPF’s legislation work is led by Keir Lamont, Senior Director.
FPF Files COPPA Comments with the Federal Trade Commission
Today, the Future of Privacy Forum (FPF) filed comments with the Federal Trade Commission (Commission) in response to its request for comment on the Children’s Online Privacy Protection Act (COPPA) proposed rule. Read our comments in full. As technology evolves, so must the regulations designed to protect children online, and FPF commends the Commission’s efforts […]
Little New About Hampshire
On March 6, 2024, Governor Sununu signed SB 255 into law, making New Hampshire the fourteenth U.S. State to adopt a comprehensive privacy law to govern the collection, use, and transfer of personal data. SB 255 is the second comprehensive privacy law enacted in 2024, the first having been New Jersey’s S332, which was also […]
FPF Statement on President Biden’s 2024 State of the Union Address
“At this critical moment in time, the U.S. is positioned to demonstrate leadership to develop and regulate emerging technologies such as AI. These tools, while incredibly advantageous when deployed responsibly, also carry tremendous potential to cause harm. We commend the Biden administration for recognizing the multifaceted challenges and opportunities presented by AI technologies. We’re also […]
The DNA of Genetic Privacy Legislation: Montana, Tennessee, Texas, and Virginia Enter 2024 with New Genetic Privacy Laws Incorporating FPF’s Best Practices
In 2023, four states enacted new genetic privacy laws regulating direct-to-consumer genetic testing companies. This blog post provides details on what these new laws cover and how they compare to FPF’s widely-adopted Best Practices for Consumer Genetic Testing Services. Genetic privacy has been under increasing scrutiny at the state and federal levels, and regulators are […]
Colorado’s Approval of Global Privacy Control: Implications for Advertisers and Publishers
The privacy laws of both Colorado and California require organizations to recognize Universal Opt-Out Mechanisms (UOOMs), a tool through which a person can invoke their opt out rights broadly across all the websites they visit. While California has required responding to certain UOOMs since July 2021, the Colorado Attorney General has only recently approved their […]
The Garden State Joins the Comprehensive Privacy Grove
On January 16, 2024, Governor Murphy signed S332 into law, making New Jersey the thirteenth U.S. State to adopt a comprehensive privacy law to govern the collection, use, and transfer of personal data. S332 endured a long and circuitous route to enactment, having been introduced in January 2022 and amended six times before being passed […]
This Year’s Must-Read Privacy Papers to be Honored at Washington, D.C. Event
The Future of Privacy Forum’s 14th Annual Privacy Papers for Policymakers Award Recognizes Influential Privacy Research Today, the Future of Privacy Forum (FPF) — a global non-profit focused on data protection headquartered in Washington, D.C. — announced the winners of its 14th annual Privacy Papers for Policymakers (PPPM) Awards. The PPPM Awards recognize leading U.S. […]
FPF Files Comments with the Consumer Financial Protection Bureau Regarding Personal Financial Data Rights
On December 21st, 2023, the Future of Privacy Forum filed comments with the Consumer Financial Protection Bureau (CFPB) in response to the notice of proposed rulemaking (NPRM) regarding personal financial data rights. FPF’s comments focus on promoting privacy as a core tenet in the U.S. open banking ecosystem in order to protect individuals’ personal information […]
Five Big Questions (and Zero Predictions) for the U.S. State Privacy Landscape in 2024
Entering 2024, the United States now stands alone as the sole G20 nation without a comprehensive, national framework governing the collection and use of personal data. With bipartisan efforts to enact federal privacy legislation once again languishing in Congress, state-level activity on privacy dramatically accelerated in 2023. As the dust from this year settles, we […]
A Blueprint for the Future: White House and States Issue Guidelines on AI and Generative AI
Since July 2023, eight U.S. states (California, Kansas, New Jersey, Oklahoma, Oregon, Pennsylvania, Virginia, and Wisconsin) and the White House have published executive orders (EOs) to support the responsible and ethical use of artificial intelligence (AI) systems, including generative AI. In response to the evolving AI landscape, these directives signal a growing recognition of the […]