FPF Statement on White House Executive Order to Implement the European Union-U.S. Data Privacy Framework
October 7, 2022 — Statement from Future of Privacy Forum’s CEO Jules Polonetsky: With this step, the U.S. puts in place practical surveillance limitations, oversight, and individual redress that are unmatched almost anywhere else in the world in the context of national security. Leading democracies are converging on surveillance standards with this progress. Constitutional limitations […]
ETSI’s consumer IoT cybersecurity ‘conformance assessments’: parallels with the AI Act
In early September 2021, the European Telecommunications Standards Institute (ETSI) published its European Standard to lay down baseline cybersecurity requirements for Internet of Things (IoT) consumer products (ETSI EN 303 645 V2.1.1). The Standard is a recommendation to manufacturers to develop IoT devices securely from the outset. It also provides an internationally recognized benchmark – […]
Introduction to the Conformity Assessment under the draft EU AI Act, and how it compares to DPIAs
The proposed Regulation on Artificial Intelligence (‘proposed AIA’ or ‘the Proposal’) put forward by the European Commission is the first initiative towards a comprehensive legal framework on AI in the world. It aims to set rules on specific AI applications in certain contexts and does not intend to regulate AI technology in general. The proposed […]
FPF Report: Automated Decision-Making Under the GDPR – A Comprehensive Case-Law Analysis
On May 17, the Future of Privacy Forum launched a comprehensive Report analyzing case-law under the General Data Protection Regulation (GDPR) applied to real-life cases involving Automated Decision Making (ADM). The Report is informed by extensive research covering more than 70 Court judgments, decisions from Data Protection Authorities (DPAs), specific Guidance and other policy documents […]
The ebb and flow of trans-Atlantic data transfers: It’s the geopolitics, stupid!*
The following is a guest post to the FPF blog from Lokke Moerel, Professor of Global ICT Law at Tilburg University and a Dutch Cyber Security Council member. Guest blog posts do not necessarily reflect the views of FPF. 1. Introduction There is a call for a rational debate on trans-Atlantic data transfers. Frustrations increase […]
FPF Statement on the EU/US Transatlantic Data Agreement
March 25, 2022 — This morning the European Union and the United States came to a breakthrough agreement in principle, which allows Europeans’ personal data to flow to the United States. Future of Privacy Forum’s CEO Jules Polonetsky said: We are encouraged to see progress in the important effort to ensure that cross-border EU-U.S. research, […]
Upcoming data protection rulings in the EU: an overview of CJEU pending cases
There has been a surge in questions posed by national courts to the Court of Justice of the EU (CJEU) in the past year on how various provisions of the General Data Protection Regulation (GDPR) should be interpreted and applied in practice. They vary from understanding essential aspects of the fundamental right to the protection […]
The European Commission Considers Amending the General Data Protection Regulation to Make Digital Age of Consent Consistent
The European Commission published a Communication on its mandated two-year evaluation of the General Data Protection Regulation (GDPR) on June 24, 2020 in which it discusses as a future policy development “the possible harmonisation of the age of children consent in relation to information society services.” Notably, harmonizing the age of consent for children across […]
FPF Releases New Report on GDPR Guidance for US Higher Education Institutions
Today, FPF released The General Data Protection Regulation: Analysis and Guidance for US Higher Education Institutions by Senior Counsel Dr. Gabriela Zanfir-Fortuna. The new report contains analysis and guidance to assist United States-based higher education institutions and their edtech service providers in assessing their compliance with the European Union’s General Data Protection Regulation (GDPR).
FPF Appoints Robbert van Eijk as Managing Director for Europe
FPF Expanding EU Programming BRUSSELS – October 1, 2019 – The Future of Privacy Forum (FPF) today announced Robbert van Eijk as managing director for its operations in Europe. In this role, Eijk will implement FPF’s agenda in Europe, oversee its day-to-day operations, and manage relationships with stakeholders in industry, government, academia, and civil society. […]