Analysis

  • Judge in California Age-Appropriate Design Code Case Gets the First Amendment Wrong—Again

    March 14, 2025

    Yesterday, a federal judge issued a second preliminary injunction against California’s Age-Appropriate Design Code (“CAADC”). The judge's First Amendment analysis flouted directions from the Ninth Circuit and the Supreme Court to more critically examine Big Tech’s demands for broad relief from regulation. The decision erroneously questions the constitutionality of every law giving kids special protections online—including the long-standing Children’s Online Privacy Protection Act (“COPPA”).

    • Age Assurance

    • Children's Privacy

    • Data Protection

    • Platform Accountability & Governance

    • Platform Governance Laws & Regulations

    • Privacy Laws

    • The First Amendment

    • U.S. State Privacy Laws

    • Analysis

  • Trump Administration’s Attacks on the CFPB Threaten Privacy, Data Security, and the Stability of the Financial Industry

    March 7, 2025

    Since its founding in 2011, the Consumer Financial Protection Bureau has been a champion for consumers in the financial services industry. The Bureau has returned over $21 billion to consumers in its 14 years of operation. Yet the Trump Administration has launched a full-scale attack on the CFPB over the past month, putting the Project 2025 goal of eliminating the CFPB into action.

    • Consumer Privacy

    • Cybersecurity

    • Data Brokers

    • Data Protection

    • Data Security

    • Government Records & Privacy

    • Privacy Laws

    • U.S. Privacy Laws

    • Analysis

  • Seems a bit DOGE-y: Protecting Federal Worker Rights in an Era of AI-Driven Employment Decisions

    March 6, 2025

    In the last month and a half, the Trump Administration has systematically gutted the federal workforce. However, the Administration’s latest assault brings federal workers a new concern: that they will be fired by an algorithm. his blog post provides an overview of a federal worker’s rights when faced with termination, the problems with using automated decision-making tools to conduct terminations, and how those tools may violate worker’s rights.

    • Artificial Intelligence and Human Rights

    • Data Protection

    • Government AI Use

    • Screening & Scoring

    • Workplace Privacy

    • Analysis

  • Scraping for Me, Not for Thee: Large Language Models, Web Data, and Privacy-Problematic Paradigms

    February 27, 2025

    More than just hypocrisy (though that as well), the supposed reaction to DeepSeek’s model speaks to a troubling AI company argument—one that positions mass web scraping and large-scale data ingestion, sans consent, as a necessity, and an act in which only the companies themselves are entitled to partake.

    • AI Policy

    • Artificial Intelligence and Human Rights

    • Commercial AI Use

    • Consumer Privacy

    • Cybersecurity

    • Data Brokers

    • Data Minimization

    • Data Security

    • Government AI Use

    • Platform Accountability & Governance

    • Social Media Privacy

    • Web Scraping

    • Analysis

  • Kroger’s Surveillance Pricing Harms Consumers and Raises Prices, With or Without Facial Recognition

    February 14, 2025

    Every time you step into a grocery store, you step into a machinery of data that tracks, analyzes, shares, and influences your shopping behavior. Based on shopping history and data shared from data brokers—including internet browsing history and online purchases—grocery stores may infer your age, gender, race, economic status, family makeup, health conditions, or other lifestyle characteristics.

    • Consumer Privacy

    • Data Brokers

    • Data Minimization

    • Online Advertising & Tracking

    • Analysis

  • Paying for Iris Scans: AI-Fueled Surveillance Harms

    February 6, 2025

    Hype about AI research and development is driving companies to buy people’s data where they otherwise weren’t and, conversely, to sell people’s (including customers’ and users’) data where they otherwise wouldn’t. These practices are harmful already. And their acceleration by the AI craze is poised to rapidly increase data-sharing, -selling, and -monetization threats to privacy in the coming years. This enables the repeat exploitation of people’s data and causes especially pronounced harm to vulnerable people and communities.

    • AI Policy

    • Artificial Intelligence and Human Rights

    • Commercial AI Use

    • Data Protection

    • Face Surveillance & Biometrics

    • Health and Reproductive Privacy

    • Surveillance Oversight

    • Analysis

  • These Pregnancy Apps May Be Sources for a Location Data Broker

    January 30, 2025

    Russian hackers posted on the dark web in early January with a news-making claim: they had breached notorious location data broker Gravy Analytics. On top of leaking a sample of phone pings in the White House, the Kremlin, and Vatican City, the hackers revealed another troubling possibility: the broker extracting data from a host of pregnancy and reproductive health apps.

    • Consumer Privacy

    • Data Brokers

    • Data Protection

    • Health and Reproductive Privacy

    • Analysis

  • In Hearing, Judge Seemed Torn on NetChoice’s Renewed First Amendment Attack on California’s Age-Appropriate Design Code

    January 24, 2025

    In a hearing yesterday on NetChoice’s second motion for a preliminary injunction against California’s Age-Appropriate Design Code (CAADC), Judge Beth Labson Freeman appeared far more skeptical of the trade association’s First Amendment arguments than the first time she ruled on the constitutionality of the law.

    • Age Assurance

    • Platform Accountability & Governance

    • Platform Governance Laws & Regulations

    • Privacy Laws

    • Section 230

    • The First Amendment

    • U.S. State Privacy Laws

    • Analysis

  • In TikTok v. Garland, Supreme Court Sends Good Vibes for Privacy Laws, But Congress’s Targeting of TikTok Alone Won’t Do Much to Protect Privacy

    January 17, 2025

    We need protections from all tech companies, not just TikTok, and we can only achieve that through a strong, comprehensive federal privacy law, vigorous antitrust enforcement, and other regulatory measures that apply to all companies exploiting our personal data. But overexpansive First Amendment interpretations pushed by the tech industry are a dangerous obstacle to the types of laws necessary to truly protect Americans’ privacy rights. In taking a more cautious First Amendment stance, the Supreme Court signaled the general viability of privacy and online safety laws.

    • Consumer Privacy

    • Data Protection

    • International Privacy Laws

    • Platform Accountability & Governance

    • Privacy Laws

    • The First Amendment

    • U.S. Privacy Laws

    • Analysis

  • What is Real Time Bidding?

    January 15, 2025

    Real Time Bidding (RTB) is an online advertising auction that uses sensitive personal information to facilitate the process to determine which digital ad will be displayed to a user on a given website or application. It happens 178 trillion times every year across the U.S. and Europe.

    • Consumer Privacy

    • Data Brokers

    • Data Protection

    • Online Advertising & Tracking

    • Analysis