Resources

Since the California Consumer Privacy Act (CCPA) was enacted in 2018, business obligations under the law have continued to evolve due to several rounds of rulemaking by both the Attorney General and the California Privacy Protection Agency (CPPA). The latest regulations from the CPPA are some of the most significant yet. Starting January 1, 2026, […]

Conversational AI technologies are hyper-personalizing. Across sectors, companies are focused on offering personalized experiences that are tailored to users’ preferences, behaviors, and virtual and physical environments. These range from general purpose LLMs, to the rapidly growing market for LLM-powered AI companions, educational aides, and corporate assistants. There are clear trends among this overall focus: towards […]

On July 17, 2025, the Future of Privacy Forum (FPF) hosted the second in a series of Technologist Roundtables with the goal of convening an open dialogue on complex technical questions that impact law and policy, and assisting global data protection and privacy policymakers in understanding the relevant technical basics of large language models (LLMs). […]

On April 25, 2025, the Future of Privacy Forum and the Mozilla Foundation co-hosted a Privacy Enhancing Technologies (PETs) Workshop in Washington, DC, convening industry, academia, and civil society experts to explore practical applications of PETs. The workshop featured two leading-edge use cases: Mastercard’s cross-border fraud detection system using Fully Homomorphic Encryption (FHE), and Oblivious’s […]

In this use case, Oblivious partnered with an insurance company to tackle a common tension between data privacy and utility: how to retain meaningful insights from personal data while complying with legal requirements to delete it. By applying Differential Privacy, the organization can preserve actuarial insights without violating global privacy laws, generating differentially private statistical […]

Mastercard’s use of Fully Homomorphic Encryption (FHE) demonstrates how Privacy Enhancing Technologies (PETs) can support fraud detection across borders without compromising sensitive data. In this use case, Mastercard collaborated with Singapore’s Infocomm Media Development Authority to pilot a system that allows encrypted International Bank Account Numbers (IBANs) to be checked for fraud risk without revealing […]

Data-driven pricing: A set of practices that use personal and/or non-personal data to routinely inform decisions about the prices and products offered to consumers, often for the purpose of price personalization. State lawmakers in the U.S. are seeking to regulate various pricing strategies that fall under the umbrella of data-driven pricing, following the release in […]

Cross-border data flows are critical to Africa’s digital economy, enabling trade, innovation, and access to continental and global markets. As the drive towards data-driven technologies among businesses and governments grows, the ability to transfer personal data across borders efficiently and securely has become a key policy concern on the continent, a position echoed by the […]

On March 4, 2025, Senator Markey reintroduced the Children and Teens’ Online Privacy Protection Act (COPPA 2.0), which was referred to the Committee on Commerce, Science, and Transportation for consideration. COPPA 2.0 would amend the Children’s Online Privacy Protection Act (COPPA), initially passed in 1998 to provide protections for teens. On June 25, 2025, the […]

We are now in 2025, the year of AI agents. Leading large language model (LLM) developers (including OpenAI, Google, Anthropic) have released early versions of technologies described as “AI agents.” Unlike earlier automated systems and even LLMs, these systems go beyond previous technology by having autonomy over how to achieve complex, multi-step tasks, such as […]