Search results

[…] substantive obligations relating to privacy, in addition to security and anti – breach requirements. Privacy and security are related yet distinct disciplines. Privacy relates to how companies use co nsumer information entrusted to them, and respect consumers’ rights and control over that information. It’s important that a company 4 secures information from hackers. That’s […]

[…] as a contested and priority issue in privacy legislation. Under many existing state privacy laws, companies have been subject to “procedural” data minimization requirements whereby collection and use of personal data is permitted so long as it is adequately disclosed or consent is obtained. As privacy advocates have pushed to shift away from notice-and-choice, […]

[…] d ura l” data min im iz a tio n r e q uir e m ents whe re b y co lle ctio n an d use of pers o nal data is perm it te d so lo ng as it is ad eq uate ly d is c lo se d […]

In May 2025, Nebraska and Vermont passed Age-Appropriate Design Code Acts (AADCs), continuing the bipartisan trend of states advancing protections for youth online. While these new bills arrived within the same week and share both a common name and general purpose, their scope, applicability, and substance take two very different approaches to a common goal: crafting a design […]

[…] a nod to First Amendment concerns that have plagued similar requirements in other state laws. Covered businesses must design services to avoid reasonably foreseeable emotional distress, compulsive use, or discrimination. However, the bill clarifies that the mere content that a minor views cannot, by itself, constitute harm. Nebraska, by contrast, does not create a […]

[…] re ce iv e , se ll, or sh are th e pers o nal d ata of 50,0 00+ co nsu m ers , h o use ho ld s, or devic e s; an d ● Deriv e s >5 0 % of it s annua l re ve n ue f […]

[…] other risks. ● Helps draft FPF reports. Stacey Gray, Senior Director for Artificial Intelligence, [email protected] Biometrics – Quarterly calls ● Private sector participants interested in technologies that use biometric data, such as for recognition and verification, detection, characterization, persistent tracking, and other emerging use cases such as digital identity and emotion analysis. ● Discusses […]

[…] Believe Data Protection is One Effective Means to Balance Rights and Freedoms in Society 2 We Believe That Law, Policy, and Technology Can Mitigate Harms of Data Use and Misuse 3 We Believe in the Fair and Ethical Use of Technology to Improve People’s Lives 4 We Believe in the Power of Inclusive Collaboration […]

[…] region, noting that most APAC jurisdictions have preferred not to enact hard AI laws. Instead, these regions focus on regulating elements of AI systems such as the use of personal data (Singapore), addressing risk in AI systems (Australia), promoting industry development (South Korea), fostering international cooperation, and responsible AI practices (Japan), government oversight of […]

[…] it is necessary to independently test the tools using their own data, rather than relying on representations made by third party vendors – especially for “high risk” use cases. This is due to the growing amount of regulatory interest in unfair and deceptive practices pertaining to AI deployment (e.g. misleading statements about the capabilities, […]