Search results

[…] for a digital age 75 (and those of millions of other Europeans) to the United States. After crowdfunding his campaign, he succeeded in challenging Facebook through the Irish authorities and eventually the European Court of Justice. Max epitomises citizen lobbying. He occupied the space left vacant by regulators, enforcers and civil society organisations. We […]

[…] since 2008, requested the company to provide him with a copy of all the data it holds about himself. Later on, he filed a complaint with the Irish Data Protection Commissioner (“DPC”) in which he asked the DPC to exercise its power by prohibiting Facebook Ireland to transfer his personal data to the US.6 […]

[…] corporation InterContinental Hotels Group, British hotel company Telefónica, Spanish mobile network provider Mind Candy Inc., British children’s app developer and creator of mobile game “Moshi Monsters” Ingersoll-Rand, Irish global diversified industrial company Dassault, major French manufacturer and software developer Vodafone, major British telecommunications company   These and other participating European companies depend on the […]

[…] OF COMMERCE , U.S. -EU SAFE HARBOR FRAMEWORK : GUIDE TO SELF -CERTIFICATION 11 (2009), http://www.trade.gov/publications/pdfs/safeharbor -selfcert2009.pdf . See also Letter from Ciara O’Sullivan, Senior Compliance Officer, Irish Data Protection Authority, to Europe -v-facebook.org (July 23, 2013), available at http://www.e urope -v-facebook.org/Response_23_7_2013.pdf (Irish DPA relying on the national security exception in the Safe Harbor […]

[…] Third, the Proposed Regulation incorporates a number of privacy  policy innovations, some of which have roots outside of the EU.  In  1995, the Directive had demonstrated a willingness to absorb policy  innovations made within the EU.  The Proposed Regulation proves  similarly willing to absorb recent information privacy policy innova- tions, whether from EU member states or elsewhere.  By incorporating  these innovations, the Proposed Regulation demonstrates its openness  to the work of global policy entrepreneurs.  Among the privacy regula- tory innovations that the Commission incorporated into the Proposed  Regulation are data breach notifications; data protection impact as- sessments; data protection by design; and the concept of “responsibil- ity,” which has more typically been termed “accountability.” 241   The  last concept provides an especially interesting example of privacy poli- cy entrepreneurship.  The OECD’s Privacy Guidelines contain an early, if underdevel- oped, mention of accountability.  The OECD Guidelines require the  “data controller” to “be accountable for complying with” their princi- ples. 242   More recently, a joint policymaking effort has sought to create  standards of accountability for the twenty-first century. 243   This pro- ject has been facilitated by a U.S. organization, the Centre for Infor- mation Policy Leadership, and began with the  Irish Data Protection  Commissioner’s multiyear “Galway Project.” 244   These initial steps  have been followed by accountability projects led by the French data  –––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––  239 See id. art. 43, at 71–73.   240 Id. art. 42(2)(b)–(d), at 70–71.    241 Id. arts. 31, 32, at 60–62 (data breach notifications); id. art. 33, at 62–63 (data protection  impact assessments); id. art. 23, at 56 (data protection by design); id. (accountability).  242 OECD Guidelines, supra note 23, art. 14.   243 CTR . FOR  INFO . POLICY  LEADERSHIP , HUNTON  & WILLIAMS  LLP,  DATA   […]

This post is the third in a series on personality versus personality in AI systems. Read Part 1 (exploring concepts) and Part 2 (concrete uses and risks).   Conversational AI technologies are hyper-personalizing. Across sectors, companies are focused on offering personalized experiences that are tailored to users’ preferences, behaviors, and virtual and physical environments. These […]

“Algorithmic pricing,” “surveillance pricing,” “dynamic pricing”: in states across the U.S., lawmakers are introducing legislation to regulate a range of practices that use large amounts of data and algorithms to routinely inform decisions about the prices and products offered to consumers. These bills—targeting what this analysis collectively calls “data-driven pricing”—follow the Federal Trade Commission (FTC)’s […]

[…] narrowly on specific types of health data individually or in tandem with AI or other technologies. For example, mental health chatbots (Utah HB452), reproductive health data ( Virginia SB754), or AI disclosures in clinical settings (California AB3030). Other bills and laws have broad definitions that include location, movement, and voice data, all common types […]

FPF is pleased to welcome our colleague Bianca-Ioana Marcu to her new role as Managing Director of FPF Europe. With extensive experience in privacy and data protection, she takes on this responsibility at a pivotal moment for digital regulation in Europe. In this blog, we will explore her perspectives on the evolving privacy landscape, her […]