Public Policy

Feb 02 2016

Update: EU, US reach new Safe Harbor deal

Update for February 29, 2016: The US and the European Commission have released new details about the proposed Privacy Shield program. We have published a new post about this release here. Briefly, the US Department of Commerce has released a 132-page package containing the program principles, letters from the FTC, the Department of Transportation, the Office of the Director

Jan 05 2016

WPF Files Comments on Federal Proposal for Human Subject Research (Common Rule)

The Nuremberg Code, an extraordinary document around ethics and research on human subjects written after the research abuses that took place during World War II, is akin to a global Emancipation Proclamation for human research subjects. The Nuremberg Code’s 10 principles remain a timeless rendering of thought on what should be in place prior to any entity conducting research on human subjects, and this code forms the philosophical foundation of a regulation in the US known as the Common Rule. We have written extensive comments on the US proposal that will update the Common Rule…

Nov 17 2015

WPF files comments on federal information handling to the Office of Management and Budget

The World Privacy Forum filed comments today on the Office of Management and Budget’s proposed revision to a document that advises Federal agencies on how to handle the information they store. The document, OMB Circular A-130, Managing Information as a Strategic Resource, establishes policies for the management of federal information resources, including information the US holds

Apr 21 2014

Public Comments: WPF files comments urging the SEC to protect asset-level data privacy of consumers

The World Privacy Forum submitted comments to the Securities and Exchange Commission today requesting that the SEC do more to protect the privacy of consumers’ asset information. Asset information — the financial information attached to mortgages, car loans, and other consumer borrowing activities– is very attractive to the consumer data industry. We would be happier with the current SEC proposal if it were practical to keep all sensitive asset-level data under the direct control of the Commission or, perhaps, the Consumer Finance Protection Bureau. Direct involvement by a federal agency, while no guarantee of a better outcome for data subjects, would provide better and clearer accountability for maintenance of the data as well as the possibility of meaningful enforcement.

Sep 09 2013

WPF Resource Page: Selected Agency and Public Comments

This resource page is a curated list of WPF public comments to agencies, as well as other public comments focused on privacy.

New Report: Risky Analysis: Assessing and Improving AI Governance Tools

We are pleased to announce the publication of a new WPF report, “Risky Analysis: Assessing and Improving AI Governance Tools.” This report sets out a definition of AI governance tools, documents why and how these tools are critically important for trustworthy AI, and where these tools are around the world. The report also documents problems in some AI governance tools themselves, and suggests pathways to improve AI governance tools and create an evaluative environment to measure their effectiveness. AI systems should not be deployed without simultaneously evaluating the potential adverse impacts of such systems and mitigating their risks, and most of the world agrees about the need to take precautions against the threats posed. The specific tools and techniques that exist to evaluate and measure AI systems for their inclusiveness, fairness, explainability, privacy, safety and other trustworthiness issues — called in the report collectively AI governance tools – can improve such issues. While some AI governance tools provide reassurance to the public and to regulators, the tools too often lack meaningful oversight and quality assessments. Incomplete or ineffective AI governance tools can create a false sense of confidence, cause unintended problems, and generally undermine the promise of AI systems. The report contains rich background details, use cases, potential solutions to the problems discussed in the report, and a global index of AI Governance Tools.
National IDs Around the World — Interactive map

About this Data Visualization: This interactive map displays the presence...
Report: From the Filing Cabinet to the Cloud: Updating the Privacy Act of 1974

This comprehensive report and proposed bill text is focused on the Privacy Act of 1974, an important and early Federal privacy law that applies to the government sector and some contractors. The Privacy Act was written for the 1970s information era -- an era that was characterized by the use of mainframe computers and filing cabinets. Today's digital information era looks much different than the '70s: smart phones are smarter than the old mainframes, and documents are now routinely digitized and stored and perhaps even analyzed in the cloud, among many other changes. The report focuses on why the Privacy Act needs an update that will bring it into this century, and how that could look and work. This work was written by Robert Gellman, and informed by a two-year multi-stakeholder process.