Search results

[…] chain cybersecurity attacks have become one of the most significant risks to national and organizational security. The 2020 SolarWinds breach demonstrated how integrated environments built on shared code, automated updates, and implicit trust in upstream vendors can allow a single vendor breach to cascade across agencies and enterprises. That incident granted foreign adversaries unauthorized […]

[…] typical state frameworks: a federal data broker registry, classification of all teens’ data (ages 13-16) as sensitive data with parental controls, application to common carriers, and a Code of Conduct certification process (modeled on COPPA safe harbor), providing a rebuttable presumption of compliance. The bill would recognize Global Cross-Border Privacy Rules (CBPR) as an […]

[…] provides: “This act shall not apply to any of the following: . . . A business, including an organization cooperatively organized under Chapter 6 of Title 37, Code of Alabama 1975, or an entity that is an instrumentality of a municipal corporation, with fewer than 500 employees, provided the business does not engage in […]

[…] that protected children online, including the Kids Online Safety and Privacy Act (KOSPA), Children and Teens Online Privacy Protection Act (“COPPA 2.0”), and the California Age-Appropriate Design Code Act (AADC). With the increased number of enacted and evolving legislation, FPF’s work included a breakdown of bills related to children’s online safety, including the status […]

[…] 17 They could also infer the maximum price a customer is willing to pay and charge them that amount, based on information such as spending habits, ZIP code , or the device used to make the purchase. 18 Distinguishing between legitimate and illegitimate uses of data is a major challenge fo r consumers, who […]

[…] concerns vulnerable people based on their socio-economic situation, an example mentioned is an AI-predictive algorithm that could be used to target people who live in low-income post- codes with advertisements for predatory financial products.  3.2. For the Article 5(1)(b) prohibition to apply, AI practices have to materially distort behavior and be reasonably likely to […]

In a new Q&A, our Vice President for U.S. Policy, Matthew Reisman, takes a deeper look at the privacy landscape, particularly his interests in the space, what to look forward to in the U.S. and AI sector, and what is key for stakeholders to pay attention to. What brought you into the privacy and data […]

South Carolina Governor McMaster signed HB 3431, an Age-Appropriate Design Code (AADC) -style law, on February 5, adding to the growing list of new, bipartisan state frameworks fortifying online protections for minors. Although HB 3431 is dubbed an AADC, its divergence from past models and unique blend of requirements that draw upon a variety of […]

South Carolina Governor McMaster signed HB 3431, an Age-Appropriate Design Code (AADC) -style law, on February 5, adding to the growing list of new, bipartisan state frameworks fortifying online protections for minors. Although HB 3431 is dubbed an AADC, its divergence from past models and unique blend of requirements that draw upon a variety […]

[…] pre-GDPR days, when some data protection authorities were indeed applying a relative approach in their regulatory activity.  The new definition technically adds that the holder of key- coded data or other information about an identifiable person, which does not have means reasonably likely to be used to identify that person, does not process personal […]