Resources

With the close of Utah’s short legislative session, the Beehive State is once again an early mover in U.S. tech policy. In March, Governor Cox signed several bills related to the governance of generative Artificial Intelligence systems into law. Among them, SB 332 and SB 226 amend Utah’s 2024 Artificial Intelligence Policy Act (AIPA) while HB 452 establishes new regulations for […]

On March 14, the Future of Privacy Forum (FPF), submitted comments in response to the Request for Information on the Development of an Artificial Intelligence (AI) Action Plan published in the Federal Register on February 6, 2025. FPF is a non-profit organization that serves as a catalyst for privacy leadership and scholarship, advancing principled data […]

On February 19, the Future of Privacy Forum (FPF) submitted comments to the California Privacy Protection Agency (CPPA) concerning draft regulations governing cybersecurity audits, risk assessments, automated decisionmaking technology (ADMT) access and opt-out rights under the California Consumer Privacy Act. We offer consideration and recommendations intended to strengthen the proposed regulations by reducing ambiguity and […]

The New York legislature passed S929, the New York Health Information Privacy Act (NYHIPA), on January 22. This bill has similar scope and scale as Washington State’s landmark My Health My Data Act (MHMD), with some key differences. The Future of Privacy Forum (FPF) submitted a letter to Governor Hochul’s office, highlighting certain ambiguities in […]

Hundreds of state AI bills have been introduced, but which are the ones to follow? How do the leading bills differ and what are the key areas of debate? How are state legislators thinking about U.S. AI leadership and how do they want to advance both benefits and safeguards? What role does FPF’s Multistate AI […]

On January 18, 2025, the Federal Trade Commission (FTC) finalized its review of the COPPA Rule. Following the FTC’s notice of proposed rulemaking issued in January 2024, this announcement is the latest in a multi-year review of the COPPA Rule, which was last updated in 2013 and which the FTC began reviewing potential updates to […]

The Future of Privacy Forum (FPF) launched a new report—Anatomy of State Comprehensive Privacy Law: Surveying the State Privacy Law Landscape and Recent Legislative Trends. By distilling this broad landscape to identify the “anatomy” of state comprehensive privacy law, this report highlights the strong commonalities and the nuanced differences between the various laws, showing how […]

Increasingly, organizations that handle personal data need privacy and cybersecurity teams to collaborate. Collaborative projects often involve shared questions regarding technologies, business practices, and legal compliance.  FPF’s Expert Group on Privacy and Cybersecurity has launched a new project to better understand these trends. As an initial step, we surveyed privacy and cybersecurity experts across organizations […]

As the D.C. Council considers the important issue of safeguarding health data, FPF writes with feedback on the role of consent in the Consumer Health Information Privacy Protection Act of 2024 (“CHIPPA”). We commend the D.C. Council’s efforts to advance individual health data privacy rights and protections. CHIPPA is closely modeled on Washington State’s My […]

The Multistate AI Policymaker Working Group (MAP-WG) is a bipartisan assembly of over 200 state lawmakers from more than 45 states, brought together by the Future of Privacy Forum. The Group’s primary aim is to foster a shared understanding of emerging technologies and related policy issues. FPF convenes and provides an administrative platform for the […]