Search results

[…] The Hill and Lawfare editorials respectively. In addition to federal privacy legislation, 2022 also saw the introduction of consumer privacy laws in Utah and Connecticut, joining California, Virginia, and Colorado. Last month, FPF urged the Federal Trade Commission to prioritize practical rules that clearly define individuals’ rights and companies’ responsibilities in our filed comments […]

[…] because the regulation of data privacy and security is a “major question” best served through Congress. These comments focused on the Supreme Court’s 2022 ruling in West Virginia v. EPA, holding that regulatory agencies, absent clear congressional authorization, cannot issue rules on major questions that affect a large portion of the American economy. Several […]

[…] remarks on state-level legislation focusing on the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), adding that Colorado, Connecticut, Utah, and Virginia have similar laws. She elaborated on the CPRA’s contractual language, comparing California’s categorization of “Businesses,” “Contractors,” “Third Parties,” and “Service Providers” to the GDPR’s distinction between […]

[…] Rights Act (CPRA) ballot initiative expanded California’s privacy regime, establishing heightened protections for certain sensitive personal information and providing a right to correct inaccurate data. In 2021, Virginia (VCDPA) and Colorado (CPA) enacted laws that are notable for creating ‘opt-in’ affirmative consent requirements in addition to California-style ‘opt-out’ privacy rights. Finally, in 2022, Connecticut […]

The Future of Privacy Forum (FPF) today released a new policy brief comparing the California Age-Appropriate Design Code Act (AADC), a first-of-its-kind privacy-by-design law in the United States, and the United Kingdom’s Age-Appropriate Design Code. While there are distinctions between the two codes, the California AADC, which is set to become enforceable on July […]

[…] Utah and a Master’s in Education from the University of Pittsburgh.  Learn more about David in the Q&A below. You started out as a teacher–how did you get involved in student privacy? I was in the right place at the right time. I worked for the Utah State Board of Education as the assessment […]

[…] (Art 5)  This right expresses the ‘principle of transparency’ found under Article 16(2)(a); The right to access and obtain a copy of the data subject’s personal data free of charge, except for certain conditions that require a fee. (Art 7);  A right to rectification in which the data subject may complete, update, or correct […]

[…] Education team is pleased to publish a new policy brief that builds on this first brief by providing a comparative analysis of the United Kingdom’s Age Appropriate Design Code (UK AADC) to the California AADC, which was modeled after the UK AADC. Learn more and download the UK and CA AADC Comparative policy brief here.  New report […]

[…] Bill) and its withdrawal. We tease apart the reasons and realpolitik behind the withdrawal and consider what lies ahead for data protection in India. How did we get here? The PDP Bill was not the first time that attempts had been made to create a comprehensive national privacy legislation for India. A decade ago, […]

[…] of the SFRP system. The court found it unreasonable that seventeen unidentifiable “admin” users had unrestricted access to the sensitive information of millions of individuals, while also free to manipulate and/or erase data without any meaningful transparency or accountability mechanisms in place. The court determined that at least 356 search records for individuals whose […]