About Us
Mission and Vision Statement
The World Privacy Forum is dedicated to reimagining data governance and data protection in a digital era through groundbreaking, in-depth research, analysis, and consumer education of the highest quality. Our vision is to illuminate data and technical ecosystems with a deep empirical basis in facts, and empower people with the knowledge, rights, and tools they need to safeguard their privacy and shape their digital lives.
By fostering an inclusive culture of thoughtful inquiry and collaboration, we strive to provide a compelling factual foundation for the development of sound policies and practices that illuminate modern data ecosystems and their governance, safeguard privacy, and protect the rights of individuals and groups of people in the digital world.
About the World Privacy Forum
The World Privacy Forum is a nonprofit, non-partisan 501(C)(3) public interest research group. The organization is focused on conducting in-depth research, analysis, and consumer education in the area of data privacy and data governance, and focuses on pressing and emerging issues. It is among one of the only privacy-focused NGOs conducting independent, original, longitudinal research. The World Privacy Forum has had notable successes with its research, which has been pioneering and consistently ahead of trends. World Privacy Forum research has provided insight in important issue areas, including predictive analytics, health privacy and medical identity theft, data brokers, and large-scale digital data flows, among others. The core area of focus for the World Privacy Forum is on complex data ecosystems and their governance. Within this, WPF has key areas of focus, including health care data and governance, large data sets, AI and machine learning, identity ecosystems (and biometrics), the financial sector, and work on vulnerable populations and inclusion. The Forum was founded in 2003 and works both nationally and internationally. The Forum also works to encourage collaborative efforts among other non-profits. WPF frequently chairs or co-chairs international working groups focused on research and data governance/data protection, most recently at the WHO, UN, and OECD.
Funding
The World Privacy Forum is funded by the Rose Foundation Consumer Privacy Rights Fund, the California Consumer Protection Foundation, by Cy Pres privacy settlements, general support funding from corporations, and by individual donations. WPF has policies in place to facilitate and ensure the independence of our work.
World Privacy Forum Activities
A brief selection of our present and past activities includes:
- WPF is a leading researcher about privacy and data analytics, including big data, predictive analytics, consumer scoring, and the data broker industry. We have published major reports about the issue, and have testified before Congress about privacy and data brokers now three times. Our reports include The Scoring of America (2014), and Data Brokers and the Federal Government (2013). The reports have been frequently cited, including in the White House Big Data report.
- WPF is a leading researcher about health privacy, including the subareas of genomic and pharmacogenomic privacy, electronic health records, digital health data flows, sensor-driven biometric data, medical privacy regulation, the Common Rule and human subject research, and other emerging health data flows, issues, and practices. The Executive Director of WPF currently serves as an expert advisor to the OECD on a health privacy advisory group. Previously, WPF has served as an appointee or board member on US national and state-level health privacy boards.
- WPF conducted extensive biometric field research in India regarding it’s Aadhaar digital ID, which is the world’s largest biometric ID ecosystem. WPF’s India work formed the basis of a peer-reviewed scholarly article on India’s Aadhaar which was published in 2017. Specifically, A Failure to Do No Harm was published in a special issue of Springer-Nature and co-published in the Harvard-based Journal of Technology Science.
- The World Privacy Forum researched and published the first major report on medical identity theft and brought this crime to the attention of the public for the first time. The World Privacy Forum coined the term “medical identity theft” in its report on the topic. The Forum also has published the only detailed consumer education and victim materials on this crime. California passed a new law that went into effect in 2008 based on the recommendations in the WPF medical identity theft report, which later became part of HIPAA. The World Privacy Forum’s continuing activities in this area have made a substantial impact in the awareness and understanding of this crime for both victims and health care providers.
- Consensus and multistakeholder work:
- WPF co-leads the civil society work at the AI Working Party at OECD, with ADC Argentina, and is a member of the OECD’s civil society stakeholder group steering committee.
- WPF co-leads the United Nations Statistical Commission working group on Data Governance and Legal Frameworks with Statistics Poland.
- WPF co-chairs (with the Centers for Disease Control) the World Health Organization’s Research, Academia, and Technology network.
- WPF was co-head of delegation for the OECD 2022 Ministerial in Gran Canaria, Spain.
- WPF co-chaired the American Bar Association Consumer Protection Conference, with co-chair Christopher Olsen, former staff attorney at the FTC.
- WPF participated in a multinational consensus effort to develop governance for AI systems (IRGC, Zurich, Switzerland) in 2018.
- WPF’s Pam Dixon was named as an expert advisor on health data uses to the OECD, where she has worked with global stakeholders on health privacy and health data protection.
- WPF was the lead drafter of the US Department of Commerce NTIA Multistakeholder Process short form privacy notice during 2012-2013. The process finished with a completed short form notice to be used by mobile apps. The notice is now being tested and implemented. This notice provides important and innovative privacy improvements. Among the most important is that consumers receive notification when their information is being sent off of their mobile devices to data brokers. This is the first notice to allow for this transparency.
- In 2011, WPF led the nation’s leading civil society groups in developing the Civil Society Multistakeholder Principles for the White House/US Department of Commerce Privacy process.
- The World Privacy Forum led a consensus group of non-profits in 2007 meeting that culminated in the now well-known Do Not Track proposal presented to the Federal Trade Commission. Do Not Track is an idea that is now known globally and being tested and discussed in a variety of forums, including W3C.
- WPF broke new ground in publishing the first report on privacy in digital signage networks and mobile device tracking in retail spaces in the One Way Mirror Society report. The report was easily three or more years ahead of trends.
- WPF held a major privacy conference in Tokyo, Japan in 2008, which facilitated meaningful dialogue and information sharing between key Japanese, Asian, EU, and US experts at a pivotal time in privacy in Japan.
- In 2012, WPF published an interactive map documenting health information data flows for California. This map was the first of its kind, and has been updated and the information expanded.
- The World Privacy Forum published the first in-depth legal and policy analysis of patient and consumer medical files held outside the protections of HIPAA, an area of increasing importance.
- The World Privacy Forum has researched and presented leading-edge thinking about genetic privacy to the Institute of Medicine and to the Secretary’s Advisory Committee on Genetics, Health and Society, among others. WPF’s testimony before the Secretary’s Advisory Committee on Genetics in winter 2008 led to substantive positive changes in recommendations about privacy and genetics in the SACGHS report.
- The World Privacy Forum has been appointed by the state of California to a board tasked with finding innovative ways to protect patient privacy and security in the rapidly modernizing health care sector. The World Privacy Forum serves as co-chair for this board, the California Privacy and Security Advisory Board.
- The World Privacy Forum researched and testified twice about the iPledge program in 2007. iPledge is a mandatory registration system for people who take the acne drug Accutane, which had systemic privacy issues. The WPF was the only organization to point out the profound privacy problems in the system. After the World Privacy Forum analysis and testimony, the FDA asked for substantive changes to the privacy for the system, which impacts approximately 300,000 people a year.
- The World Privacy Forum researched and published a series of longitudinal research reports and related work in the area of job search privacy, which has led to significant changes and improvements in the oversight of fraud at online job sites.
- The World Privacy Forum publishes key consumer education resources, including the Top Ten Opt Out list, Search Engine Privacy Tips, Resume Privacy Tips, Tips for Victims of Medical Identity Theft, tips on Security Freezes, and much more.
- The World Privacy Forum published a series of research reports on free credit reports that led to FTC enforcement actions against “imposter domains.”
Bios
Pam Dixon, Executive Director
Pam Dixon is the founder and executive director of the World Privacy Forum, a respected public interest research group. An author and researcher, she has written influential studies in the area of identity, AI, health, and complex data ecosystems and their governance for more than 20 years. Dixon has worked extensively on privacy across multiple jurisdictions, including the US, India, Africa, Asia, the EU, and additional jurisdictions. Dixon currently serves as the co-chair of the UN Statistics Data Governance and Legal Frameworks working group, and is co-chair of WHO’s Research, Academic, and Technical network. At OECD, Dixon leads the formal civil society multistakeholder work in OECD’s new AI Working Party. In prior work, Dixon was part of the AI expert group that crafted the OECD AI Principles, which were ratified in 2018. (https://www.oecd.org/going-digital/ai/principles/ ) Dixon has presented her work on complex data ecosystems governance to the National Academies of Science and to the Royal Academies of Science. She has written 9 books and numerous studies and articles. Dixon was named one of the most influential global experts in digital identity in 2021. Dixon received the EFF Pioneer Award for groundbreaking research regarding privacy and data ecosystems in 2021.
Dixon was named one of the most influential global experts in digital identity in 2021. Dixon conducted substantive biometrics research in India from 2010 to 2014, which formed the basis of a scholarly, peer-reviewed article of original research regarding India’s Aadhaar biometric identity system and its policies (Pam Dixon, A Failure to Do No Harm: India’s Aadhaar biometric ID program and its inability to protect privacy in relation to measures in Europe and the U.S., Springer Nature, Health Technology. DOI 10.1007/s12553-017-0202-6. http://rdcu.be/tsWv ). Dixon’s work from A Failure to Do No Harm was cited twice in the landmark 2018 Supreme Court of India Aadhaar decision. The Supreme Court required the Aadhaar system to be both curtailed and improved in meaningful ways.
In 2019, Dixon served as Rapporteur for the first Roundtable of African Data Protection Authorities (RADPA), held at ID4Africa, for which she produced a rapporteur’s report regarding privacy and identity systems governance in African jurisdictions. (English version http://www.id4africa.com/2019/files/RADPA2019_Report_Blog_En.pdf; French version http://www.id4africa.com/2019/files/RADPA2019_Report_Blog_FR.pdf )
Dixon also served as the co-chair of the Data for Development Workgroup at the Center for Global Development. In 2020, the group produced a report regarding the impact of COVID-19 on Low and Middle Income Countries (Pisa, Dixon, Ndulu, Governing Data for Development, 2020). In 2021 the project published work on the urgent need to include all jurisdictions in privacy and data governance discussions (Pisa, Dixon, Ndulu, Addressing Cross-Border Spillovers in Data Policy: The need for a global approach, 2021), and the working group has also been holding a series of roundtables, moderated by Dixon. (Briefs include: Are current models of data protection fit for purpose? Understanding the consequences for economic development https://www.cgdev.org/publication/do-evolving-digital-trade-rules-create-uneven-playing-field-understanding-global.)
Earlier work of note includes Dixon’s groundbreaking report on medical identity theft, and ongoing follow-up work on this issue for more than a decade. Medical Identity Theft: The information crime that can kill you, was published in 2006 ( https://www.worldprivacyforum.org/2006/05/report-medical-identity-theft-the-information-crime-that-can-kill-you/. ) In the report, Dixon coined the term “medical identity theft,” proved the issue existed in the health ecosystem, provided information about the methodology and impact of the crime, and suggested crucial actions to protect patients and improve the ecosystem. Based on the recommendations in the medical identity theft report, medical data breach notification is now a federal law in the US, and the Social Security Administration removed SSNs from printed Medicare / Medicaid cards, which was a substantial undertaking which has been completed as of 2019. Dixon has subsequently researched further work for victims of medical forms of ID theft, and has written new work documenting the incidence and rate of growth of medical identity theft across the US. (The Geography of Medical Identity Theft, https://www.worldprivacyforum.org/2017/12/new-report-the-geography-of-medical-identity-theft/ .) A second report on this topic is forthcoming in 2023. Dixon was a board member of HITSPE, a national-level board for determining health information technology standards. She was also an expert advisor to OECD on health data uses, helping craft its Recommendation on Health Data Governance (https://www.oecd.org/health/health-systems/health-data-governance.htm).
Other earlier work of note includes Dixon’s deeply researched report on AI and machine learning with Robert Gellman, The Scoring of America https://www.worldprivacyforum.org/2014/04/wpf-report-the-scoring-of-america-how-secret-consumer-scores-threaten-your-privacy-and-your-future/, (2014). This report has been widely cited and is considered one of the first major privacy-focused reports on AI and machine learning uses and risks. In 2019, Dixon testified before Congress regarding privacy challenges of “consumer scoring,” a term coined in the Scoring report.
Dixon was formerly a research fellow with the Privacy Foundation at Denver University’s Sturm School of Law. There, she researched and wrote about technology-related privacy issues. Dixon has written extensively about technology both as a researcher and as a book author. Ms. Dixon has written nine books for major publishers, including two critically acclaimed books about technology and consumers. Her books include titles for Random House / Times Books, ABC/CLIO, and Wiley, among other major publishers. Dixon’s most recent book, Surveillance, was published in 2016 by ABC/CLIO. Dixon co-authored Online Privacy , a reference book, with longtime writing collaborator Robert Gellman. Dixon has testified before Congress and Federal agencies, speaks internationally as a leading privacy and data governance expert, and is frequently quoted in the media regarding privacy and security issues.
Kate Kaye, Deputy Director
Kate Kaye joined World Privacy Forum as its deputy director in February 2023. In her role she focuses on national and global work on AI and machine learning, digital identity ecosystems, health data ecosystems, digitalization and related impacts, development and data, and WPF’s ongoing work on data governance.
Before joining WPF, Kate worked for more than 20 years as an award-winning journalist covering emerging technology, data privacy, and governance issues. Her reporting has been seen and heard in outlets including MIT Technology Review, NPR, Protocol, Bloomberg CityLab, OneZero, WSJ and Fast Company.
Through her staff reporting roles covering how business enterprises build and use AI software at Protocol, how marketers use consumer data at Ad Age, and tracking tech platforms and data privacy for Digiday, Kate developed a strong practical knowledge of how emerging data-centric technologies operate and how they’re used on the ground.
Kate’s reporting exposed the earliest forms of online political microtargeting and voter data use, explained the connectivity of data broker systems, and monitored the gradual expansion of location data profiling. Her journalism has evaluated the impacts of AI and surveillance technologies on civil liberties and digital justice, and kept a watchful eye on government AI investments and policy. She is also the author of the groundbreaking book on digital voter data use, Campaign ’08: A turning point for digital media.
Kate has won several journalism awards including a Society of Professional Journalists First Place Technology Award in 2019 and an American Society of Business Publication Editors Silver Award in 2011. She was a Society of American Business Editors and Writers finalist in 2014 and was the recipient of a Society of Environmental Journalists grant in 2020.
She has been interviewed for a variety of media outlets including NPR’s Weekend Edition Sunday, Public Radio’s Science Friday, and WNYC’s Brian Lehrer Show and On the Media, as well as Fox’s Stossel Show.
In addition to serving as a member of the UN’s Hive Data Advisory Board in 2017, Kate has volunteered with several organizations in the Portland, Oregon area where she lives. She’s spun vinyl records as a DJ and produced radio news reports for Portland’s XRAY.fm, assisted in Special Olympics bocce training, served as a board member at Portland mental health organization Northstar Clubhouse, and served as a longtime volunteer caretaker of birds and other small creatures at Portland Audubon’s wildlife care center.
In her spare time Kate enjoys hiking in the forest, observing raptors in the wild, cooking, painting, and rooting for the New York Mets.
Marianne Fitzpatrick, MBA, Senior Project Manager
Marianne joins the World Privacy Forum in the position of Senior Project Manager. Her responsibilities include performing project management activities to ensure strategic objectives are achieved in a timely manner and accurately for the Forum. Marianne is an MBA-degreed professional with managerial experience most recently at JP Morgan Chase supporting the Bank’s attorneys through Program Management activities such as:
- Chair, Weekly Operational Breaks Resolution Meetings with Legal, Senior Operations Managers, Audit and Compliance as well as other delegates from around the world.
- Led Semi Annual Unit Response to Corporate Audit and Compliance for Sarbanes Oxley (SOX).
Change Management Unit Lead. - Led Executive Complaints Resolution for items in a litigation status with the Bank, for example, Congressional, Office of Consumer Complaints.
- Policy and Procedure Subject Matter Expert (22 Unit Process Documentation Kits).
- Led Litigation projects such as Uniform Data Business Analytics, Washington Mutual Litigation Account conversion, Thin Client Conversion, Business Continuity Plan Development and more.
While at Chase, Marianne was selected as the 2009 Chase Portrait Honoree for outstanding demonstration of core values. She also received Multiple Top-Performer Awards and Honors and the Unit Scorecard was an Exceeds rating during her time at Chase.
Bob Gellman, Consultant
Bob has been a key author and collaborator on many WPF reports and projects. He is the co-author with Pam Dixon of the reference book Online Privacy (ABC-CLIO, 2011). Since 1995, Bob has assisted large and small companies, organizations, U.S. government agencies, and foreign governments to develop, implement, and maintain policies for personal privacy and fair information practices. Specialty areas include privacy policy for health (including HIPAA), the Internet and Internet websites, the homeless (HMIS), and other for-profit and non-profit organizations; freedom of information policy, and other information policy areas. Bob’s full bio and extensive writing can be found here at BobGellman.com.
Blake Hamilton, Media and Communications Fellow
Blake Hamilton is a photojournalist and investigative reporter. Blake’s experience includes work at the University of Oregon’s Daily Emerald Newspaper and his international portfolio includes an outstanding short documentary on the Chilean Salmon Farming Industry. Other photography work includes contributions to Ethos Magazine, a student-run quarterly magazine, at the University of Oregon, where he also worked as a photo editor. In this position, Blake established an online version of the magazine. The website recently won the Columbia Scholastic Press Association’s Collegiate Digital Magazine Silver Crown. Blake has lived in Argentina and Chile, is fluent in Spanish, and lives in San Diego, California.
John Emerson, Consultant: Web and Data Visualization
John Emerson of Backspace Design Consultancy has created many WPF data visualizations, including our interactive Medical ID Theft Data map and our HIE map. He did a beautifully conceived and complete redesign of the decade-old static WPF web site and migrated us to a dynamic site.
News, Media, and Press Room:
Visit the News, Media and Press Room
See a list of WPF press mentions over the history of the organization.