Best Practices

Nov 12 2020

Governing Data for Development: Trends, Challenges, and Opportunities

The World Privacy Forum is pleased to announce its work on a new project with the Center for Global Development (CGD). This project, Governing Data for Development, is led by CGD, with WPF’s Executive Director Pam Dixon as co-chair of the project working group with co-chair and Oxford professor Benno Ndulu, who is also the former Governor of the Central Bank of Tanzania. The project, which has been underway for a year, has produced its first report, which is a scoping report based on interviews with key stakeholders. This blog post, which provides background on the project and links to the first project report, is being jointly posted at WPF and CGD.

Jan 22 2020

Age Appropriate Design: new code of practice regarding online services for children from the UK Information Commissioner

The UK Information Commissioner’s Office has published a new code of practice for online services directed to children, Age appropriate design: A code of practice for online services. The new code sets 15 flexible standards and gives specific explanations of how the GDPR applies to childrens’ online activities and pursuits. The code is not a

Apr 23 2019

Still a One-Way Mirror Society – why has progress in retail biometrics and privacy stalled?

Today WPF was quoted in an AP article about cameras that detect age, gender, and emotion being installed in retail stores, Coming to You: Cameras that guess your age and sex. For us, this was deja vu. In 2010, we published a report about cameras in retail settings called The One Way Mirror Society. In

Jan 03 2019

Health Industry Cybersecurity Practices: New consensus practices and tools from HHS

The US Department of Health and Human Services (HHS) has produced a set of cybersecurity resources for healthcare provider organizations from small to large. So far, HHS has published four documents: an overview report of cybersecurity issues and practices, two technical volumes, and a toolkit. The documents focus on what an expert multistakeholder consensus group determined to be the five most prevalent cybersecurity threats and the ten core cybersecurity practices. The practices are voluntary, and utilize the NIST cybersecurity framework. The documentation is based in reality, not conjecture, and the documents are not intended to sell any particular products for any particular vendor. This has allowed for a rich and helpful documentation of current challenges along with solutions. See our overview of the four new resources.

May 09 2018

Public Comments: WPF comments on proposed revised consent decree re: Uber; requests FTC to hold workshop to determine standards for privacy assessments

In comments to the FTC regarding a proposed revised consent decree with Uber Technologies, Inc., WPF urged the FTC to clarify what the term “assessment” means in the context of a consent decree with a company. The comments note that the requirement for an assessment is not the same as the requirement for an audit.

Global Visualization of Countries with Data Privacy Laws, Treaties, or Conventions

Background and Methodology: The conceptualization and initial research for this...
New Report: Risky Analysis: Assessing and Improving AI Governance Tools

We are pleased to announce the publication of a new WPF report, “Risky Analysis: Assessing and Improving AI Governance Tools.” This report sets out a definition of AI governance tools, documents why and how these tools are critically important for trustworthy AI, and where these tools are around the world. The report also documents problems in some AI governance tools themselves, and suggests pathways to improve AI governance tools and create an evaluative environment to measure their effectiveness. AI systems should not be deployed without simultaneously evaluating the potential adverse impacts of such systems and mitigating their risks, and most of the world agrees about the need to take precautions against the threats posed. The specific tools and techniques that exist to evaluate and measure AI systems for their inclusiveness, fairness, explainability, privacy, safety and other trustworthiness issues — called in the report collectively AI governance tools – can improve such issues. While some AI governance tools provide reassurance to the public and to regulators, the tools too often lack meaningful oversight and quality assessments. Incomplete or ineffective AI governance tools can create a false sense of confidence, cause unintended problems, and generally undermine the promise of AI systems. The report contains rich background details, use cases, potential solutions to the problems discussed in the report, and a global index of AI Governance Tools.
National IDs Around the World — Interactive map

About this Data Visualization: This interactive map displays the presence...