A Price to Pay: U.S. Lawmaker Efforts to Regulate Algorithmic and Data-Driven Pricing
“Algorithmic pricing,” “surveillance pricing,” “dynamic pricing”: in states across the U.S., lawmakers are introducing legislation to regulate a range of practices that use large amounts of data and algorithms to routinely inform decisions about the prices and products offered to consumers. These bills—targeting what this analysis collectively calls “data-driven pricing”—follow the Federal Trade Commission (FTC)’s […]
FPF at PDP Week 2025: Generative AI, Digital Trust, and the Future of Cross-Border Data Transfers in APAC
Authors: Darren Ang Wei Cheng and James Jerin Akash (FPF APAC Interns) From July 7 to 10, 2025, the Future of Privacy Forum (FPF)’s Asia-Pacific (APAC) office was actively engaged in Singapore’s Personal Data Protection Week 2025 (PDP Week) – a week of events hosted by the Personal Data Protection Commission of Singapore (PDPC) at […]
The Curse of Dimensionality: De-identification Challenges in the Sharing of Highly Dimensional Datasets
The 2006 release by AOL of search queries linked to individual users and the re-identification of some of those users is one of the best known privacy disasters in internet history. Less well known is that AOL had released the data to meet intense demand from academic researchers who saw this valuable data set as essential […]
FPF Submits Comments to Inform New York Children’s Privacy Rulemaking Processes
At the end of the 2024 legislative session, New York State passed a pair of bills aimed at creating heightened protections for children and teens online. One, the New York Child Data Protection Act (NYCDPA), applies to a broad range of online services that are “primarily directed to children.” The NYCDPA creates novel substantive data […]
Beth Do
EU’s Digital Services Act Just Became Applicable: Outlining Ten Key Areas of Interplay with the GDPR
DSA: What’s in a Name? The European Union’s (EU) Digital Services Act (DSA) is a first-of-its-kind regulatory framework, with which the bloc hopes to set an international benchmark for regulating online intermediaries and improving online safety. The DSA establishes a range of legal obligations, from content removal requirements, prohibitions to engage in manipulative design and […]
Introduction to the Conformity Assessment under the draft EU AI Act, and how it compares to DPIAs
The proposed Regulation on Artificial Intelligence (‘proposed AIA’ or ‘the Proposal’) put forward by the European Commission is the first initiative towards a comprehensive legal framework on AI in the world. It aims to set rules on specific AI applications in certain contexts and does not intend to regulate AI technology in general. The proposed […]
Jordan Wrigley
BCIs & Data Protection in Healthcare: Data Flows, Risks, and Regulations
This post is the second in a four-part series on Brain-Computer Interfaces (BCIs), providing an overview of the technology, use cases, privacy risks, and proposed recommendations for promoting privacy and mitigating risks associated with BCIs. Click here for FPF and IBM’s full report: Privacy and the Connected Mind. In case you missed it, read the […]