To see the research and use this data visualization : Each jurisdiction or country in the world has an associated country card with extensive data governance information and links. The power of this data visualization is to filter and sort the country cards to reveal patterns and regional details. Filter ...
WPF provided feedback on the European Data Protection Board's Recommendations 01/2020 on measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data. In responding to the Recommendations, we found several areas which, if improved, would enhance the stated goals of the EDPB for ...
The World Privacy Forum is pleased to announce its work on a new project with the Center for Global Development (CGD). This project, Governing Data for Development, is led by CGD, with WPF's Executive Director Pam Dixon as co-chair of the project working group with co-chair and Oxford professor Benno Ndulu, who is also the former Governor of the Central Bank of Tanzania. The project, which has been underway for a year, has produced its first report, which is a scoping report based on interviews with key stakeholders. This blog post, which provides background on the project and links to the first project report, is being jointly posted at WPF and CGD.
Guest Post by Dr. Isaac Rutenberg, Director and Senior Lecturer, Centre for Intellectual Property and Information Technology Law, Strathmore University, Nairobi, Kenya. On the 8th of November, the President of Kenya signed into law the Data Protection Act 2019. This action completed a process that spanned more than a decade, and allows Kenya to enter a new phase with respect to the evolving centricity and treatment of data in society. This article looks at the content of the Act, highlights important and interesting provisions, and concludes with predictions as to the implementation.
The first Roundtable of African Data Protection Authorities was a wide-ranging and vibrant roundtable conversation on the status and response to privacy risks in identity systems on the continent of Africa. The dialogue focused on data protection and privacy experiences, challenges, risks, and solutions in identity ecosystems, including biometrics. It was an extraordinary, first-of-its-kind event, and the DPAs had notable experiences and thoughts to share. These thoughts are captured in the Rapporteur’s report, which was written by WPF’s Pam Dixon.
A data ethics conversation has been growing on a global scale for some time now, but particularly since 2015, when the European Data Protection Supervisor (EDPS) issued an Opinion on the matter and formed a Data Ethics Advisory Group to further consider the issue. Along the way, other countries, such ...
The government of India has published an important white paper discussing its approach to data protection legislation, White Paper of the Committee of Experts on Data Protection Framework for India . The government of India is accepting comments on its white paper until January 31, 2018. This paper is particularly ...
The World Privacy Forum will be speaking several times during the International Conference of Data Protection & Privacy Commissioners in Hong Kong; here's the schedule, below; we look forward to meeting or catching up with those of you attending, please come by and say hello. Monday 25 September : European ...
The World Privacy Forum filed comments today with the US Office of Management and Budget regarding a US Customs and Border Protection agency proposal to request social media account information from arriving and departing travelers on entry/exit forms. Earlier this year, WPF wrote comments to CBP directly and urged the agency to drop its proposal to request social media profile information from travelers on these key entry/exit forms due to procedural and policy concerns.
The World Privacy Forum filed comments today with the US Customs and Border Protection agency regarding a proposal to request social media account information from arriving and departing travelers on entry/exit forms. WPF urged CBP to drop its proposal to request social media profile information from travelers on these key ...
After four years of negotiations, the EU Commission, Parliament, and Council have reached a final agreement on the General Data Protection Regulation (GDPR). The GDPR is an omnibus data protection law which sets arguably the most extensive data protection laws globally, along with strong enforcement authority. The new law contains ...
India's Supreme Court has issued an important ruling and interim orders about a much-watched case related to India's national biometric IDs and how they are used. More than 800 million biometric IDs have been issued to Indians, and are called the Aadhaar card or the UID, for Universal ID. The ...
The Healthy Cities Project in China is one where mobile devices, mobile health mini-hubs, and sensors are the key way that patients, doctors, government, and enterprises can input, monitor, and access vital health statistics and other information in the cloud. Twenty million people already use this system. Healthy Cities is important for study, because it is a fully established infrastructure in those cities in China where it has been deployed. In the US, the Healthy Cities project is being studied by academics to see how it could be replicated in the US marketplace.
An important report came out today from the Privacy and Civil Liberties Oversight Board, the board that was appointed to be a privacy watchdog for the US government surveillance programs. The newly released report covers PRISM and other Section 702 surveillance programs conducted under the US Foreign Intelligence Surveillance Act. The report is complex, and provides important benchmarking on how PRISM and "upstream" surveillance programs work. The report's recommendations, however, are what have proven to be more controversial.
The European Court of Justice has recently decided an important case involving privacy and search engines. The decision may have enormously broad implications for privacy, for search engines, and for the Internet as a whole. This brief analysis provides context and highlights of the court's decision, with a discussion of the implications, which are far-ranging.
May 20 Update: see our full analysis of the ruling here . In a ruling with far-reaching implications for online privacy, the European Court of Justice has ruled that online search companies are subject to the European Data Protection Directive, (Directive 95/46/EC) . Search engine companies that are based in ...
I was honored to address students at the National Law University, Delhi this past week about privacy in the US and global privacy trends and issues. The talk included a Q and A session, during which the students engaged in a spirited conversation about US policies regarding surveillance and privacy. I enjoyed the session thoroughly. The students asked challenging questions in particular about telecommunications policies and the idea of safety versus privacy and achieving proper balance.
Japan -- Under the mai nannbaa-ho (マイナンバー法) My Number Act (enacted May 13, 2013, also called the Social Benefits and Tax Number Act), Japan's citizens will be assigned unique numbers to track income, social security, taxes, welfare and benefits, and certain information in disasters. Japan will start assigning numbers to its citizens in late 2015. The My Number Act brought with it concern about the use of the numbers as a unique national ID. As a result, Japan will establish a new independent Data Protection Authority called the Specific Personal Information Protection Commission, and will consist of a Chairman and six commission members. The Chairman and Commissioners will be appointed by Japan's Prime Minister, and confirmed by Japan's National Diet. The Commission will oversee the use of the new Social Security and Tax system numbers. Unlike many national ID numbering systems, Japan did not set up a centralized database for the numbers due to concerns about data breach and privacy. Professor Hiroshi Miyashita from Japan's Chuo University, and an Advisor to the Consumer Affairs Agency (CAA) -- gave a talk Oct. 1 at a Privacy Laws & Business Asia Roundtable in London. He told PL& B that the new Commission is to "ensure the proper handling of personal numbers and other specific personal information, and provide guidance, advice and recommendations." Professor Miyashita said enforcement powers will be limited to requiring reports and conducting on-site inspections. Additional documents regarding the new DPA indicate that there will be a role for the Commission in overseeing release of personal information in disasters, and that the Commission will also issue guidance regarding the use of identifying numbers.
India's national biometric ID card -- In the May/June, 2013 issue of Foreign Policy Magazine, Pam Dixon writes about the privacy issues related to India's national biometric ID card. In the piece, Mission Creep, Dixon discusses how government-issued biometric ID cards that serve as national ID cards and as the basis for employment and financial transactions create profound civil liberties and privacy challenges that are neither easily or well-constrained by government policy.
Privacy in India and Developing Economies -- World Privacy Forum Executive Director Pam Dixon will present WPF's research and India privacy videos at the FTC - IAPP Global Privacy Conference workshop Wednesday, March 7. The session, Global Perspectives on Consumer Privacy, is the first session of its kind at IAPP or the FTC focused on privacy in developing economies. WPF has researched privacy extensively in India, and has documented a number of key privacy issues in a video series. So far, 5 videos in the series have been released. All of the videos were shot on location in India and feature Pam Dixon, with videographer Blake Hamilton. These videos offer a rare and early glimpse into privacy interactions and issues in India. WPF will be releasing one more video on biometric ID cards in India.
India and Privacy -- WPF has researched privacy extensively in India, and has documented a number of key privacy issues in a video series. So far, 5 videos in the series have been released. All of the videos were shot on location in India and feature Pam Dixon, with videographer Blake Hamilton. These videos offer a rare and early glimpse into privacy interactions and issues in India
This section reviews several other privacy self-regulatory activities that share some characteristics with the industry self-regulatory programs discussed above, but these activities differ in various ways. The most noticeable differences are the role of the government in the programs. The Department of Commerce is involved in the Safe Harbor Framework, and the Federal Trade Commission is involved in the Children’s Online Privacy Protection Act.
TACD -- The Trans Atlantic Consumer Dialogue (TACD), which WPF is a member of, has sent a letter regarding Internet privacy to a Congressional subcommittee explaining that European privacy controls are not burdensome, but rather of key importance. The TACD is a forum of more than 80 US and European consumer groups and represents several hundred million consumers in North America and the United States.
Comments on EASA --The World Privacy Forum submitted comments today on the European Advertising Standards Alliance's Best Practice Recommendation on Online Behavioural Advertising. Our comments focus upon three key areas: First, the EASA recommendation fails to recognize the protection of consumer privacy in Online Behavioral Advertising (OBA) as a key policy goal. Second, the recommendation's protections are narrow, creating illusory protections for user privacy, whether or not they opt out of OBA. Finally, we critique the oversight and compliance mechanisms, which are not likely to foster consumer confidence nor police the industry. Drawing upon the WPF's 2007 report, The NAI: Failing at Consumer Protection and at Self-Regulation, the comments argue that EASA's approach suffers from the same weaknesses as self-regulatory approaches deployed in the United States, and that European lawmakers should not replicate the failed American approach. Law students from the Samuelson Law, Technology & Public Policy Clinic helped draft the comments as part of an ongoing project on consumer privacy and OBA.
This report evaluates the US Department of Commerce’s international privacy programs, their efficacy, and their value to business and to consumers. The role of the Commerce Department has become more important in light of the Obama Administration's establishment of a Subcommittee on Privacy and Internet Policy in October 2010. The Subcommittee is chaired jointly by the Department of Commerce and the Department of Justice, and it is intended to promote “individual privacy,” among other things. [1] This report reviews, analyzes, and summarizes major international privacy activities of the Department of Commerce, with a focus on the Safe Harbor Framework established in 2000 with the European Union in response to the requirements of the EU Data Protection Directive. The report also considers briefly the Department’s work on the Asia Pacific Economic Cooperation (APEC) Privacy Framework.
