When is a Biometric No Longer a Biometric?
In October 2021, the White House Office of Science and Technology (OSTP) published a Request for Information (RFI) regarding uses, harms, and recommendations for biometric technologies. Over 130 entities responded to the RFI, including advocacy organizations, scientists, experts in healthcare, lawyers, and technology companies. While most commenters agreed on core concepts of biometric technologies used […]
Diverging fining policies of European DPAs: is there room for coherent enforcement of the GDPR?
The European Union’s (EU) General Data Protection Regulation (GDPR) puts forward a non-exhaustive list of criteria in Article 83 that Data Protection Authorities (DPAs) need to consider when deciding whether to impose administrative fines and in determining their amount in specific cases. Notoriously, the ceiling for administrative fines put forward by the GDPR is high […]
Party of Five: Connecticut Poised to Pass Fifth U.S. State Privacy Law, Improving Upon Virginia, Colorado
This week, the Connecticut legislature passed Senate Bill 6, an ‘Act Concerning Personal Data Privacy and Online Monitoring.’ If SB 6 is enacted by Governor Lamont, Connecticut will follow California, Virginia, Colorado, and Utah as the fifth U.S. state to adopt a baseline regime for the governance of personal data. The law would come into […]
What the Biden Executive Order on Digital Assets Means for Privacy
Author: Dale Rappaneau Dale Rappaneau is a policy intern at the Future of Privacy Forum and a 3L at the University of Maine School of Law. On March 9, the Biden Administration issued an Executive Order on “Ensuring Responsible Developments of Digital Assets” (“the Order”), published together with an explanatory Fact Sheet. The Order states […]
Comparative Look at Models of Data Protection – Series of Webinars Led by the Israel Tech Policy Institute (ITPI)
Authors: Kavisha Patel and Lee Matheson Kavisha Patel is a current student at Georgetown Law and an FPF Global Privacy Intern. As a result of Israel’s recently proposed comprehensive privacy law update, the Protection of Privacy Bill, the Israel Tech Policy Institute led a series of three webinars in February 2022 discussing comparative models of […]
FPF at the 2022 IAPP Global Privacy Summit
Last week, IAPP held its first in-person annual Global Privacy Summit in Washington, DC since 2019! Through expert panels and our expo booth, FPF remained active during this two-day conference, with our CEO Jules Polonetsky holding a conversation with FTC Commissioner Noah Phillips, our data privacy experts speaking and providing their expert analysis at the […]
The ebb and flow of trans-Atlantic data transfers: It’s the geopolitics, stupid!*
The following is a guest post to the FPF blog from Lokke Moerel, Professor of Global ICT Law at Tilburg University and a Dutch Cyber Security Council member. Guest blog posts do not necessarily reflect the views of FPF. 1. Introduction There is a call for a rational debate on trans-Atlantic data transfers. Frustrations increase […]
Reading the Signs: the Political Agreement on the New Transatlantic Data Privacy Framework
The President of the United States, Joe Biden, and the President of the European Commission, Ursula von der Leyen, announced last Friday, in Brussels, a political agreement on a new Transatlantic framework to replace the Privacy Shield. This is a significant escalation of the topic within Transatlantic affairs, compared to the 2016 announcement of a […]
Measuring Privacy Programs
The risks of falling short on privacy compliance are greater than they have ever been. New laws are going into effect around the world and in the states, enforcement agencies are exercising their authority and media organizations have teams devoted to identifying data protection failures. Legal judgments can run into the billions. And most important, […]
FTC Requires Algorithmic Disgorgement as a COPPA Remedy for First Time
On March 4, the Federal Trade Commission (FTC) and Department of Justice (DOJ) announced a settlement agreement with WW International and its subsidiary, Kurbo (Kurbo by WW), after charging the companies with violating the Children’s Online Privacy Protection Act (COPPA) for improperly collecting health information and other data from children as young as eight years […]