Search results

[…] protections for consumer health data. New Y ork passed, but has not yet enacted, a broad bill similar to Washington State’ s My Health My Data Act. Virginia updated its Consumer Protection Act to prohibit obtaining, disclosing, selling, or disseminating any personally identifiable reproductive or sexual health information without a consumer’ s consent. How […]

Today, FPF Senior Fellow Zoe Strickland testified before the U.S. House of Representatives Financial Services Subcommittee on Financial Institutions, providing expert insight about data privacy in the financial system, focusing specifically on rulemaking under Section 1033 of the Dodd-Frank Act.  With over 25 years of experience as a global chief privacy officer at […]

[…] Strickland Senior Fellow, Future of Privacy Forum Before the U.S. House of Representatives Financial Services Subcommittee on Financial Institutions “Framework for the Future: Reviewing Data Privacy in Today’s Financial System” June 5, 2025 On behalf of the Future of Privacy Forum (FPF), I thank you for the opportunity to testify about data privacy in […]

Today, the Future of Privacy Forum (FPF) published a new paper—Data Minimization’s Substantive Turn: Key Questions & Operational Challenges Posed by New State Privacy Legislation. Data minimization is a bedrock principle of privacy and data protection law, with origins in the Fair Information Practice Principles (FIPPs) and the Privacy Act of 1974. At […]

Today, the Future of Privacy Forum (FPF) published a new paper—Data Minimization’s Substantive Turn: Key Questions & Operational Challenges Posed by New State Privacy Legislation. Data minimization is a bedrock principle of privacy and data protection law, with origins in the Fair Information Practice Principles (FIPPs) and the Privacy Act of 1974. At […]

In May 2025, Nebraska and Vermont passed Age-Appropriate Design Code Acts (AADCs), continuing the bipartisan trend of states advancing protections for youth online. While these new bills arrived within the same week and share both a common name and general purpose, their scope, applicability, and substance take two very different approaches to a common goal: crafting a design […]

In May 2025, Nebraska and Vermont passed Age-Appropriate Design Code Acts (AADCs), continuing the bipartisan trend of states advancing protections for youth online. While these new bills arrived within the same week and share both a common name and general purpose, their scope, applicability, and substance take two very different approaches to a common […]

[…] discussions, expert panels, and more. Learn from the Leading Privacy and Data Protection Experts The Future of Privacy Forum (FPF) Training Program provideb an in-depth underbtanding of today’b mobt prebbing privacy and data protection topicb. Debigned by FPF expertb, thib program ib for profebbionalb who develop policieb for their organizationb, work with clientb on […]

[…] lowest numerical applicability thresholds of any of the state comprehensive privacy laws when the law was enacted in 2023. At that time, prior comprehensive privacy laws in Virginia, Colorado, Utah, Connecticut, Iowa, and Indiana all applied to controllers that either (1) control or process the personal data of at least 100,000 consumers (“the general […]

[…] real certainty about the accuracy of his attempted re-identification using the Cambridge voter data. And, although Weld clearly couldn’t have been re-identified by a voter list attack today because of the HIPAA privacy protections that the event has helped to inspire, detailed scrutiny of this historic attack is still warranted because the report of […]