Our Work
Digital Library
Sort By
-
EDPB Orders Stop to Meta’s Behavioral Advertising
On October 27, the European Data Protection Board (EDPB) adopted an urgent binding decision that the Irish Data Protection Authority (DPA) must ban Meta from behavioral advertising in the European Economic Area by November 10th.
-
Big Data
-
Consumer Privacy
-
Data Protection
-
Enforcement of Privacy Laws
-
International Privacy
-
International Privacy Laws
-
Privacy Laws
-
Social Media Privacy
-
Updates
-
-
EPIC Urges UK ICO To Address Law Enforcement Use of Private Data/Systems, Security Issues, AI, and “Soft Biometrics” in Draft Biometric Data Guidance
In comments filed October 20th, EPIC urged the UK ICO's Identity and Trust Team (Technology Policy) to make updates to its draft biometric data guidance. In particular, we recommend that the guidance be expanded to (i) address the pervasive ties between law enforcement and private companies' biometric data and systems; (ii) establish baseline security standards for biometric processing, including a template risk assessment; and (iii) detail the risks of scale and scope of harm present where AI is integrated into biometric systems.
-
Data Protection
-
Enforcement of Privacy Laws
-
Face Surveillance & Biometrics
-
International Privacy
-
International Privacy Laws
-
Privacy in Public
-
Privacy Laws
-
Surveillance Oversight
-
Updates
-
-
Microsoft Adapts AI Governance Blueprint for India
Microsoft recently published a white paper adapting its AI Governance Blueprint for India, setting out policy ideas and recommendations tailored to India's governance and regulatory structure
-
AI Policy
-
Artificial Intelligence and Human Rights
-
Commercial AI Use
-
Data Protection
-
Government AI Use
-
International Privacy
-
Updates
-
-
India Passes Digital Personal Data Protection Bill
India's Digital Personal Data Protection Bill has passed both the upper and lower houses of Parliament and will soon be signed into law.
-
Data Protection
-
International Privacy
-
International Privacy Laws
-
Privacy Laws
-
Updates
-
-
European Commission Adopts Adequacy Decision for EU-U.S. Data Privacy Framework
The European Commission has formally adopted an adequacy decision for the EU-U.S. Data Privacy Framework (the Framework). U.S. and EU authorities developed the Framework to replace Privacy Shield, a data transfer framework which was deemed non-compliant with the GDPR in the Schrems II case.
-
Communications Privacy
-
Consumer Privacy
-
Data Protection
-
Enforcement of Privacy Laws
-
FISA Section 702
-
Intelligence Surveillance
-
International Privacy
-
International Privacy Laws
-
Privacy Laws
-
Surveillance Oversight
-
Updates
-
-
EPIC Awards Johnny Ryan, Beeban Kidron as EPIC International Privacy Champions
-
Children's Privacy
-
Data Protection
-
Enforcement of Privacy Laws
-
International Privacy
-
Updates
-
-
Ireland Fines Meta €1.2 Billion, Orders Halt of Personal Data Transfers to U.S.
ompany to suspend transfers of personal data to the United States within five months, finding that Meta’s transfers violation the EU’s General Data Protection Regulation.
-
Consumer Privacy
-
Data Protection
-
FISA Section 702
-
International Privacy
-
Surveillance Oversight
-
Updates
-
-
EPIC Comments on EU Metaverse Vision
-
Data Protection
-
Enforcement of Privacy Laws
-
International Privacy
-
International Privacy Laws
-
Privacy Laws
-
Updates
-
-
EU Parliament Approves AI Act, Urges Rejection of Transatlantic Data Framework
uropean Parliament held a series of meetings, resulting in adopting both the text of the AI Act and a resolution outlining risks and proposals for change in the currently-proposed EU-U.S. Data Privacy Framework.
-
AI in the Criminal Justice System
-
AI Policy
-
Artificial Intelligence and Human Rights
-
Commercial AI Use
-
Consumer Privacy
-
Data Protection
-
Enforcement of Privacy Laws
-
International Privacy
-
International Privacy Laws
-
Privacy Laws
-
Screening & Scoring
-
Web Scraping
-
Updates
-
-
Italy Bans ChatGPT and Begins Investigating Potential GDPR Violations by OpenAI
Yesterday, the Italian Data Protection Authority (DPA) issued an order under the GDPR requiring OpenAI to immediately stop processing local user data, effectively blocking ChatGPT until OpenAI complies with European data protection laws. The DPA’s order comes at a time of increased scrutiny over ChatGPT and similar generative A.I. models.
-
Artificial Intelligence and Human Rights
-
Commercial AI Use
-
Consumer Privacy
-
Enforcement of Privacy Laws
-
International Privacy
-
Updates
-
Support Our Work
EPIC's work is funded by the support of individuals like you, who allow us to continue to protect privacy, open government, and democratic values in the information age.
Donate