Data protection and competition enforcement have been on a collision course in recent years. The Big Tech platforms have amassed powerful market share with vast amounts of user data. This inevitable convergence is shaping up on both sides of the Atlantic. U.S. President Joe Biden has appointed notable antitrust proponents to powerful government positions in recent months. And in Brussels, the European Commission has released a slew of draft legislation to help bolster its Digital Single...

On July 13, Ohio Lt. Governor Jon Husted announced the introduction of the Ohio Personal Privacy Act. The law applies to organizations doing business in Ohio or whose products or services target consumers in the state. Businesses with annual gross revenues exceeding $25 million, or process personal data of 100,000 or more Ohio consumers, or derive 50% of gross annual revenues from the sale of personal data would be covered. Like other laws, it does offer some consumer rights, including...

Voice-activated products and services are proliferating, while voice-recognition technology is on the rise. In addition to popular voice-activated assistants, call centers are beginning to use advanced voice-intelligence technology in novels ways. The technology could lead to plenty of innovation, but the potential privacy, safety and fairness issues will need some thinking. In his new book "The Voice Catchers: How Marketers Listen In to Exploit Your Feelings, Your Privacy, and Your Wallet,"...

Notice and consent have been foundational principles in privacy and data protection for decades. But do they provide individuals with the ability to make informed decisions as they navigate products and services? Will laws like the California Privacy Rights Act help change how companies design their privacy notices? For Jennifer King, the Privacy and Data Policy Fellow at Stanford's Institute for Human-Centered Artificial Intelligence, the notice-and-consent paradigm as it currently stands is...

Prospects for a federal privacy law in the U.S. ramped up in recent years, but even though data protection is a bipartisan issue, nothing has come close to passing. At the same time, U.S. state activity is swarming, and many countries around the world are developing and implementing their own national privacy laws. So what’s it going to take for the U.S. to pass a federal law? Rep. Suzan DelBene, D-Wash., was the first congressional lawmaker to propose federal privacy legislation in 2021. Her...

Artificial intelligence and machine learning technologies are rapidly developing across virtually all sectors of the global economy. One nascent field is empathic technology, which, for better or worse, includes emotion detection. It is estimated that the emotion detection industry could be worth $56 billion by 2024. However, judging a person's emotional state is subjective and raises a host of privacy, fairness, and ethical questions. Ben Bland has worked in the empathic technology space in...

U.S. government surveillance bubbled back up in headlines in recent weeks. Portugal's data protection authority halted transfers of data to the U.S. after complaints that census data were being sent back to the U.S. The same week, a U.S. Foreign Intelligence Surveillance Court decision was published, in which it renewed a U.S. surveillance program even though it found some Federal Bureau of Investigation employees illegally accessed email data. This comes as the U.S. and EU try to hammer out...

The Norwegian Consumer Council made waves in early 2021 after its complaint to Norway's data protection authority, Datatilsynet, against Grindr resulted in an intention to fine the company $12 million, the highest fine ever levied by the nation’s DPA. Grindr responded to the proposed enforcement action, arguing it has refined its consent mechanism, but the case isn't over. The NCC has long worked with other advocacy organizations to bring protections and awareness for consumers around privacy...

In the wake of "Schrems II," the future of data transfers is on shaky ground. True, the Biden administration has demonstrated that it’s taking trans-Atlantic data flows seriously after appointing Christopher Hoff in January, not long after Biden was inaugurated. And though both the U.S. Department of Commerce and European Commission are working together in earnest, short of changing its national security laws, what else can be done to prevent another legal challenge and potential invalidation...

Virginia joined rarified air March 2 after its governor signed the Consumer Data Protection Act into law. Though California was the first state to pass baseline privacy legislation, Virginia was the first to do so absent a ballot initiative. So, what is in Virginia’s CDPA? Where does it overlap with provisions in the California Consumer Privacy Act, California Privacy Rights Act or EU General Data Protection Regulation? What are some early steps businesses should consider as they make...

Concepts like “privacy engineering” and “privacy by design” have been in the privacy lexicon for several years, but do we all know or agree about what they mean? What is a privacy engineer? Sure, when we discuss privacy by design, we’re talking about baking privacy considerations in from the start and not just bolting them on after a product or service has been designed, but what is privacy by design in practice? How do you ensure your tech and legal teams can understand each other, and how...

With 2020 finally in the rearview mirror, 2021 looks like it will be filled with potential data privacy legislation in the U.S. Of course, front and center right now resides the Washington Privacy Act, but the Pacific Northwest state isn't the only one in play. So far, legislation has been proposed in Connecticut, Minnesota, New York, Oklahoma and Virginia, among others. This all comes while a new presidential administration takes hold in Washington, D.C., along with a Congress controlled —...

It goes without saying 2020 has been a challenging and difficult year. COVID-19 has affected the world in inalterable ways. And though the pandemic is a sea change for how we live, work and educate our children, it did not lessen the impact of privacy and the privacy profession. In fact, privacy has become an even more front-and-center issue for businesses, governments and individuals. From the “Schrems II” decision in the EU to Proposition 24 in California to new and proposed laws in Brazil,...

Artificial intelligence, big data and personalization are driving a new era of products and services, but this paradigm shift brings with it a slate of thorny privacy and data protection issues. Ubiquitous data collection, social networks, personalized ads and biometric systems engender massive societal effects that alter individual self-determination, fracture shared reality and even sway democratic elections. As an associate professor at the University of Oxford's Faculty of Philosophy and...

Hard to believe it, but we’re only days away from a fateful vote in California on what’s called Proposition 24. If approved by the residents of California, Prop 24 will put the California Privacy Rights Act on the books. The law will add an additional layer of privacy protections for California residents and a new privacy compliance regime for businesses. Prop 24 has been hotly debated, especially in recent weeks. And the traditional fault lines between consumer advocacy and industry are not...

As a consumer, it can be really difficult to figure out who's tracking your data online. Many companies hide behind algorithms claiming they're the "secret sauce" to their business model, which sometimes frustrates regulators and laymen alike. That's why award-winning journalist Julia Angwin and investigative journalist Surya Mattu, both of the non-profit news organization The Markup, recently developed and released Blacklight, a web site that allows users to scan any site for potential...

There have been no shortage of hearings in the last couple of years on potential federal privacy legislation in the U.S. This week was no exception, as the U.S. Senate Committee on Commerce, Science and Transportation held another. But this hearing was under different circumstances, namely, it was held in the middle of the COVID-19 global pandemic. That garnered some conversation about the need for a comprehensive law more than ever, as did the release this week of the SAFE Data Act, which...

As children around the globe either head back to school or continue their school year, depending on geolocation, many new privacy and data protection concerns present themselves. Whether it be heightened data collection on student health to prevent the spread of COVID-19 at school or new technologies implemented to facilitate virtual learning, there are all sorts of new unprecedented risks. In this episode of The Privacy Advisor Podcast, former White House Senior Advisor for Privacy Marc...

If Brazil gave birth to its data protection law this week, it was a really fast labor.  Privacy professionals awoke to the news Thursday that overnight, in an unprecedented move, the Brazilian Senate approved an amendment allowing the General Personal Data Protection Law to go into effect (almost) immediately. The decision reverses a vote Tuesday to delay the implementation of the LGPD to Dec. 31, 2020. How could this have happened? What does it mean for those covered by the law? In this...

In a highly anticipated decision, Europe's highest court decided July 16 that the EU-U.S. Privacy Shield agreement is invalid. The ruling will impact thousands of companies who'd used Privacy Shield to transfer data from the EU to the U.S. Additionally, the court decided to uphold another data transfer mechanism, standard contractual clauses, but with conditions. The news is a game-changer and casts much uncertainty upon the stability of cross-border agreements. In this episode of The Privacy...

There's no shortage of tech companies and apps aiming to help thwart the spread of COVID-19, in addition to government efforts. But with so many different apps being deployed and so much sensitive data being swept up, is this one of those moments in time that we're putting safety ahead of privacy in ways that can't be undone? In this episode of The Privacy Advisor Podcast, the Future of Privacy Forum's Polly Sanderson and the International Digital Accountability Council's Quentin Palfrey...

Recently, Jay Edelson and his team at Edelson PC have filed three different class-action lawsuits related to unwanted surveillance: One against security company ADT, one against a Chicago hospital and another against biometric start-up Clearview AI. In this episode of The Privacy Advisor Podcast, Edelson talks about why he chose to file the suits and why he thinks they're important cases for privacy rights generally. He also talks about the status of his firm's historic settlement with...

When the world was turned upside down with the COVID-19 pandemic and then the murder of George Floyd in the U.S., any momentum we’d started to see on passing a federal privacy bill was lost — at least temporarily. But Cam Kerry is aiming to change that by re-igniting bi-partisan conversations with a report proposing how we might overcome the impasse we've found ourselves at in two crucial areas: federal pre-emption and a private right of action. In this episode of The Privacy Advisor Podcast,...

There is so much privacy news related to the pandemic lately that it sometimes feels like that's the only news. But the world continues to spin, if more quietly, as most of its population works from the comfort of their homes. In this episode of The Privacy Advisor Podcast, Angelique Carson chats with Brussels-based freelance journalist Jennifer Baker about two government data breaches, the latest on activist Max Schrems and his complaints, as well as recent criticisms on the level of DPA...

Especially now, while most of us are stuck indoors hiding from the invisible monster that is the COVID-19 disease, it's not difficult to imagine better days — days when we can safely travel again to faraway islands with blue-glass waters and sandy beaches. Or, you could do what Alex White did and move there. The former deputy chief privacy officer of South Carolina didn't move to the island for a vacation, though. He took the job as the country's first-ever privacy commissioner, a position...