World Privacy Forum

Report: From the Filing Cabinet to the Cloud: Updating the Privacy Act of 1974

Patient’s Guide to HIPAA: How to Use the Law to Guard your Health Privacy

prev next

Feb 23 2021

WPF comments to the US Federal Trade Commission regarding Everalbum proposal

The World Privacy Forum submitted comments to the US Federal Trade Commission regarding its proposed consent order regarding In the Matter of Everalbum, Inc. The FTC alleges that Everalbum misrepresented to its users the circumstances in which the company would utilize face recognition on its users’ photos. The Commission’s complaint also alleges that Everalbum utilized

Feb 03 2021

Addressing Cross-Border Spillovers in Data Policy: The Need for a Global Approach

Global debates about data governance standards have primarily reflected the priorities and needs of rich countries, with less wealthy countries left in the role of “standards takers.” More needs to be done to ensure that digital governance policies pursued by the world’s largest economies do not create unintended consequences that make it harder for other countries to support a strong domestic digital economy and participate in the global digital economy. This is a joint blog post by Michael Pisa, Center for Global Development, WPF’s Pam Dixon, and Benno Ndulu, Oxford Professor.

Jan 12 2021

FTC proposes precedent-setting face recognition settlement: photo app company must delete consumers’ photos and the algorithmic models it developed using the photos

The FTC has proposed a crucially important settlement with a photo app developer, Everalbum Inc., which the FTC says “deceived consumers about its use of facial recognition technology and its retention of the photos and videos of users who deactivated their accounts.” The proposed FTC settlement will require the company to obtain consumers’ express consent

Dec 20 2020

Comments of World Privacy Forum to EDPB re: data localization and privacy

WPF provided feedback on the European Data Protection Board’s Recommendations 01/2020 on measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data. In responding to the Recommendations, we found several areas which, if improved, would enhance the stated goals of the EDPB for facilitating free flow of data while preserving

Dec 03 2020

New Zealand’s New Privacy Law 2020 is Now in Force

New Zealand has meaningfully updated its privacy law, The Privacy Act 2020, which took force December 1. The new Privacy Act 2020 is a significant advancement of New Zealand’s privacy law, and encompasses numerous changes, including: Data Breach Reporting Obligations: There are new reporting obligations for data breaches. Companies are required to notify the Office

National IDs Around the World — Interactive map

About this Data Visualization: This interactive map displays the presence...
Report: From the Filing Cabinet to the Cloud: Updating the Privacy Act of 1974

This comprehensive report and proposed bill text is focused on the Privacy Act of 1974, an important and early Federal privacy law that applies to the government sector and some contractors. The Privacy Act was written for the 1970s information era -- an era that was characterized by the use of mainframe computers and filing cabinets. Today's digital information era looks much different than the '70s: smart phones are smarter than the old mainframes, and documents are now routinely digitized and stored and perhaps even analyzed in the cloud, among many other changes. The report focuses on why the Privacy Act needs an update that will bring it into this century, and how that could look and work. This work was written by Robert Gellman, and informed by a two-year multi-stakeholder process.
COVID-19 and HIPAA: HHS’s Troubled Approach to Waiving Privacy and Security Rules for the Pandemic

The COVID-19 pandemic strained the U.S. health ecosystem in numerous ways, including putting pressure on the HIPAA privacy and security rules. The Department of Health and Human Services adjusted the privacy and security rules for the pandemic through the use of statutory and administrative HIPAA waivers. While some of the adjustments are appropriate for the emergency circumstances, there are also some meaningful and potentially unwelcome privacy and security consequences. At an appropriate time, the use of HIPAA waivers as a response to health care emergencies needs a thorough review. This report sets out the facts, identifies the issues, and proposes a roadmap for change.

WPF comments to the US Federal Trade Commission regarding Everalbum proposal

Addressing Cross-Border Spillovers in Data Policy: The Need for a Global Approach

FTC proposes precedent-setting face recognition settlement: photo app company must delete consumers’ photos and the algorithmic models it developed using the photos

Comments of World Privacy Forum to EDPB re: data localization and privacy

New Zealand’s New Privacy Law 2020 is Now in Force

Reports

Infographics

WPF in the News