Search results

ANATOMY OF A STATE COMPREHENSIVE PRIVACY LAW Charting the Legislative Landscape DECEMBER 2025 The Future of Privacy Forum (FPF) is a non-profit organization that serves as a catalyst for privacy leadership and scholarship, advancing principled data practices in support of emerging technologies. Learn more about FPF by visiting fpf.org. Jordan Francis Senior Policy Counsel, Future […]

[…] H ow eve r, ob sta cle s re m ain , in clu d in g th e la ck of open perm is sio n APIs an d in co nsis te nt r e g ula to ry fr a m ew ork s. S ad eh’s ke y messa g […]

[…] H ow eve r, ob sta cle s re m ain , in clu d in g th e la ck of open perm is sio n APIs an d in co nsis te nt r e g ula to ry fr a m ew ork s. S ad eh’s ke y messa g […]

[…] app roved by the Commission upon making a determination that the guidelines meet the requirements of the regulations issued under section 6502 of this title. (3) E XPEDITED RESPONSE TO REQUESTS The Commission shall act upon requests for safe harbor treatment within 180 days of the filing of the request, and shall set forth […]

[…] that organizations possess in order to ensure that “meaningful oversight” is actually occurring, including: Clarifying the “intention” and value of oversight Training Designing the oversight process Escalation Documentation Assessments Evaluation and testing of the process Evaluation of outcomes  Overall, the resolution notes that human oversight mechanisms are the responsibility of developers and deployers, and […]

[…] third party . The CFPB should carefully consider the feedback it receives on this qu estion from industry , including how changes to the rule could impact API adoption . 4 III. Data Security The importance of data security in open banking cannot be over -stated. Consumer data that is access ed , whether […]

Comparison Chart: Risk Assessment (DPIA) Requirements in California, Colorado, and the EU California Colorado EU FPF Analysis: CA v. CO References California Consumer Privacy Act (CCPA) Cal. Civ. Code § 1798.185, subd. (a)(15) Colorado Privacy Act (CPA) Colo. Rev. Stat. § 6-1-1309 General Data Protection Regulation (GDPR) Article 35 This comparison chart focuses on the […]

[…] Framework: Large frontier developers must publish an annual Frontier AI framework describing how catastrophic risks are identified, mitigated, and governed.  Among other items, the framework must include documentation of governance structures, mitigation processes, cybersecurity practices, and a developer’s alignment with national/international standards. The framework must also assess catastrophic risk from internal use of models, […]

THE STATE OF STATE AI Legislative Approaches to AI in 2025 OCTOBER 2025 • SUPPLEMENTAL The Future of Privacy Forum (FPF) is a non-profit organization that serves as a catalyst for privacy leadership and scholarship, advancing principled data practices in support of emerging technologies. Learn more about FPF by visiting fpf.org . Justine Gluck Policy […]

[…] for providers to carefully track how AI is deployed in clinical settings and ensure consent is obtained w henever required. While the statute does not mandate formal documentation practices, providers will likely need to maintain records of consent and AI use as a practical safeguard against enforcement risk. Additionally, the law’s general prohibition against […]