Search results

[…] Article 1 of the LGPD identifies the objective of the law as ensuring the processing of personal data protects the fundamental rights of freedom, privacy, and the free development of personality.3 At the same time, Article 2 of the LGPD recognizes data protection is “grounded” on economic and technological development and innovation.  The study […]

[…] tha t outlin e s cro ss-b ord er data tr a n sfe r p ro vis io ns acro ss Kenya , Nig eria , South Afr ic a , Rw an d a, an d Iv o ry Coast. I S SU E BRIE F: G LO BA L T a […]

[…] and implementation of mechanisms such as adequacy decisions, certification mechanisms, standard contractual clauses (SCCs), and binding corporate rules (BCRs) and derogations, currently in use across Kenya, Nigeria, South Africa, Rwanda, and Ivory Coast. This comparative analysis highlights that the practical implementation of transfer tools remains uneven across the continent, and many countries lack clear […]

In May 2025, Nebraska and Vermont passed Age-Appropriate Design Code Acts (AADCs), continuing the bipartisan trend of states advancing protections for youth online. While these new bills arrived within the same week and share both a common name and general purpose, their scope, applicability, and substance take two very different approaches to a common goal: crafting a design […]

In May 2025, Nebraska and Vermont passed Age-Appropriate Design Code Acts (AADCs), continuing the bipartisan trend of states advancing protections for youth online. While these new bills arrived within the same week and share both a common name and general purpose, their scope, applicability, and substance take two very different approaches to a common […]

[…] alignment between data protection regulators, with the G7 Data Protection Authorities and Privacy Commissioners’ Summit in Tokyo. This resulted in a communiqué outlining their focus on Data Free Flow with Trust (DFFT), emerging technologies, and enforcement cooperation. FPF’s Global team circled the globe, hosting and speaking at leading events this year, including the Global […]

[…] Benifei (Member of European Parliament, co-Rapporteur of the AI Act), John Edwards (Information Commissioner, U.K. Information Commissioner’s Office), and Louisa Specht-Riemenschneider (Federal Commissioner for Data Protection and Freedom of Information, Germany), on Cross-regulatory Cooperation Between Digital Regulators.  Their panel began by painting a detailed portrait of how the proliferation of digital regulations has created […]

[…] lowest numerical applicability thresholds of any of the state comprehensive privacy laws when the law was enacted in 2023. At that time, prior comprehensive privacy laws in Virginia, Colorado, Utah, Connecticut, Iowa, and Indiana all applied to controllers that either (1) control or process the personal data of at least 100,000 consumers (“the general […]

[…] contract performance, bringing Indonesia closer to global privacy frameworks. In November 2023, the Philippines‘ National Privacy Commission issued a Circular on Consent, clarifying valid consent standards and promoting transparency. The guidance aims to reduce consent fatigue by encouraging layered, contextual consent interfaces and outlines when consent may not be strictly necessary. South Korea amended […]

[…] the advancement of science and healthcare improvements which are accomplished with de-identified data. Properly implemented de-identification complying with the HIPAA de-identification provisions goes a long way toward promoting such a reasonable balance, but I would suggest that there is still room for further improvements in this regard. Where Should We Go From Here? Perhaps […]