Reading the Signs: the Political Agreement on the New Transatlantic Data Privacy Framework
The President of the United States, Joe Biden, and the President of the European Commission, Ursula von der Leyen, announced last Friday, in Brussels, a political agreement on a new Transatlantic framework to replace the Privacy Shield. This is a significant escalation of the topic within Transatlantic affairs, compared to the 2016 announcement of a […]
Measuring Privacy Programs
The risks of falling short on privacy compliance are greater than they have ever been. New laws are going into effect around the world and in the states, enforcement agencies are exercising their authority and media organizations have teams devoted to identifying data protection failures. Legal judgments can run into the billions. And most important, […]
Utah Consumer Privacy Act Passes State Legislature
This week, the Utah legislature passed the Utah Consumer Privacy Act (SB 227). If enacted by Governor Spencer Cox, Utah will follow California, Virginia, and Colorado as the fourth U.S. state to establish a baseline regime for the protection of personal data. The law would come into effect in December 2023. “While the Utah Consumer […]
Privacy Harms, Global Privacy Regulation, and Algorithmic Decision Making are Major Topics During Privacy Papers for Policymakers Event
For the 12th year, the Future of Privacy Forum (FPF) hosted its Privacy Papers for Policymakers event, honoring the 2021 Privacy Papers for Policymakers Award winners. This year’s event featured an opening keynote by Colorado Attorney General Phil Weiser and facilitated discussions between the winning authors – Daniel Solove, Ben Green, Woody Hartzog, Neil Richards, […]
BCI Technical and Policy Recommendations to Mitigate Privacy Risks
This is the final post of a four-part series on Brain-Computer Interfaces (BCIs), providing an overview of the technology, use cases, privacy risks, and proposed recommendations for promoting privacy and mitigating risks associated with BCIs. Click here for FPF and IBM’s full report: Privacy and the Connected Mind. In case you missed them, read the […]
CPRA Law + Tech Series: Understanding Data, Decisionmaking, and Design
What do privacy lawyers need to know about the technologies and data practices at the heart of emerging legislation? The California Privacy Rights Act (CPRA), and other new state laws, will introduce a host of new compliance obligations for businesses subject to the laws. Privacy lawyers charged with operationalizing these requirements will need to understand […]
How the Kenyan High Court (temporarily) struck down the national digital ID Card: Context and Analysis
The High Court of Kenya, by virtue of a judicial review application, delivered a landmark judgment declaring the proposed national digital ID card (Huduma Card) unconstitutional on October 14, 2021 – a judgment that is now part of the growing data protection and privacy jurisprudence in the country. Kenya enacted its first Data Protection Act […]
BCI Commercial and Government Use: Gaming, Education, Employment, and More
This post is the third in a four-part series on Brain-Computer Interfaces (BCIs), providing an overview of the technology, use cases, privacy risks, and proposed recommendations for promoting privacy and mitigating risks associated with BCIs. Click here for FPF and IBM’s full report: Privacy and the Connected Mind. In case you missed them, read the […]
Privacy Best Practices for Rideshare Drivers Using Dashcams
FPF & Uber Publish Guide Highlighting Privacy Best Practices for Drivers who Record Video and Audio on Rideshare Journeys FPF and Uber have created a guide for US-based rideshare drivers who install “dashcams” – video cameras mounted on a vehicle’s dashboard or windshield. Many drivers install dashcams to improve safety, security, and accountability; the cameras […]
The State of Play – Issue Brief: COPPA 101
The Children’s Online Privacy Protection Act (COPPA), enacted by Congress in 1998, aims to give parents more control over the information collected about their children online. The law requires operators of games, websites, apps, and other online services catered to users under the age of 13 to obtain permission from a child’s parent before collecting information about […]