Search results

[…] Article 1 of the LGPD identifies the objective of the law as ensuring the processing of personal data protects the fundamental rights of freedom, privacy, and the free development of personality.3 At the same time, Article 2 of the LGPD recognizes data protection is “grounded” on economic and technological development and innovation.  The study […]

[…] to them upon request. The CFPB undertook a lengthy and extended process to issue these rules, and engaged with numerous stakeholders and closely monitored market developments to promote consumer interests, innovation, and competition. Ms. Strickland’s testimony lists a number of valuable aspects to the rule, including its treatment of consumer controls, screen scraping, security […]

[…] at Fortune 20 companies in many verticals, including government, retail, healthcare, an d finance. At the USPS, I served as the first CPO, and managed Privacy Act, Freedom of Information Act, and records functions, as well as new areas (at the time) relating to internet privacy. At Walmart, I managed global privacy and records, […]

Today, the Future of Privacy Forum (FPF) published a new paper—Data Minimization’s Substantive Turn: Key Questions & Operational Challenges Posed by New State Privacy Legislation. Data minimization is a bedrock principle of privacy and data protection law, with origins in the Fair Information Practice Principles (FIPPs) and the Privacy Act of 1974. At […]

Today, the Future of Privacy Forum (FPF) published a new paper—Data Minimization’s Substantive Turn: Key Questions & Operational Challenges Posed by New State Privacy Legislation. Data minimization is a bedrock principle of privacy and data protection law, with origins in the Fair Information Practice Principles (FIPPs) and the Privacy Act of 1974. At […]

In May 2025, Nebraska and Vermont passed Age-Appropriate Design Code Acts (AADCs), continuing the bipartisan trend of states advancing protections for youth online. While these new bills arrived within the same week and share both a common name and general purpose, their scope, applicability, and substance take two very different approaches to a common goal: crafting a design […]

In May 2025, Nebraska and Vermont passed Age-Appropriate Design Code Acts (AADCs), continuing the bipartisan trend of states advancing protections for youth online. While these new bills arrived within the same week and share both a common name and general purpose, their scope, applicability, and substance take two very different approaches to a common […]

[…] alignment between data protection regulators, with the G7 Data Protection Authorities and Privacy Commissioners’ Summit in Tokyo. This resulted in a communiqué outlining their focus on Data Free Flow with Trust (DFFT), emerging technologies, and enforcement cooperation. FPF’s Global team circled the globe, hosting and speaking at leading events this year, including the Global […]

[…] impact on, a minor; (b) financial, physical, or reputational injury; (c) unauthorized disclosure of personal data as a result of a security breach (as described in Mont. Code Ann. § 30-14-1704); or (d) intrusion upon the solitude or seclusion or private affairs or concerns of a minor, whether physical or otherwise, that would be offensive […]

[…] the advancement of science and healthcare improvements which are accomplished with de-identified data. Properly implemented de-identification complying with the HIPAA de-identification provisions goes a long way toward promoting such a reasonable balance, but I would suggest that there is still room for further improvements in this regard. Where Should We Go From Here? Perhaps […]