Search results

[…] from FPF experts about responsibilities when engaging service providers, the role of technical and organizational measures, and Article 25’s intersection with AI and privacy enhancing technologies. Register today! If the above conditions are met, the IoT device embeds a high-risk AI system and thus both assessments (under the AI Act and the Standard) are […]

[…] appear similar to the EU’s “legitimate interests,” but whose scope still remains uncertain. The PDP Bill would have required consent for processing of personal data to be free, informed, specific, clear, and capable of being withdrawn. For consent to qualify as “informed” under the PDP Bill, the data controller would have to provide certain […]

[…] 43). They relate to: a) The quality of data sets used to train, validate and test the AI systems; the data sets have to be ‘relevant, representative, free of errors and complete’, as well as having ‘the appropriate statistical properties (…) as regards the persons or groups of persons on which the high-risk AI […]

[…] cases and scale of data transfers. Yeong stressed that global stakeholders need to reset the conversation around data flows in a way that respects different cultures and promotes global consensus around key issues like supervisory and law enforcement access to data. This resonated with Tobias Judin who said that the EU can continue to […]

Today, the Future of Privacy Forum (FPF) and the Asian Business Law Institute (ABLI), as part of their ongoing joint research project: “From Consent-Centric Data Protection Frameworks to Responsible Data Practices and Privacy Accountability in Asia Pacific,” are publishing the tenth in a series of detailed jurisdiction reports on the status of “consent” […]

[…] secrecy claims are not able to prevent individuals from effectively exercising their privacy rights. Panelists discussed issues such as the necessity of disclosing application or software source code when providing “explainability” of decision-making to data subjects, and debated the level of detail necessary in disclosures required under transparency obligations. Ms. Demetzou focused on how […]

[…] subject to narrow exceptions, such as requests from state authorities or necessity for medical care. Generally, under Vietnamese law, consent for processing of personal information must be freely given. Prevailing laws generally require entities that handle personal data to inform the data subject of the scope and purpose for collection and use of the […]

[…] the disclosure of personal data held by certain regulated entities (e.g., providers of financial services, medical practitioners), the PDP Commissioner has approved and registered seven Personal Data Codes of Practice, which provide more detailed requirements for entities in certain sectors to comply with the PDPA. These sectors include: insurance and takaful;  banking and finance;  […]

Today, The Hill published an op-ed from the Future of Privacy Forum’s (FPF) Senior Policy Counsel for Data, Decision Making, and Artificial Intelligence Bertram Lee. The piece highlighted that privacy, particularly in the context of digital services, electronic data flows, and personal data, is a civil right. Yesterday, the House Energy and Commerce […]

Introduction Today, the Future of Privacy Forum (FPF) and Asian Business Law Institute (ABLI), as part of their ongoing joint research project: “From Consent-Centric Data Protection Frameworks to Responsible Data Practices and Privacy Accountability in Asia Pacific,” are publishing the seventh in a series of detailed jurisdiction reports on the status of “consent” and […]