International Privacy

  • EPIC Urges European Commission to address surveillance gaps in First Periodic Review of EU-US Data Privacy Framework

    September 5, 2024

    EPIC filed comments with the European Commission urging the Commission to address surveillance gaps in the EU-US Data Privacy Framework and protect the privacy rights of EU residents.

    • Data Protection

    • FISA Section 702

    • International Privacy

    • Surveillance Oversight

    • Updates

  • It’s Time for Courts to Tackle AI Harms with Product Liability

    July 25, 2024

    After this past Supreme Court term, federal agencies' ability to regulate AI is up in the air. But AI regulatory efforts in Europe show us that agencies aren't the only way to regulate this technology. Our courts have a role to play too, and product liability may just be a path forward.

    • AI Policy

    • Artificial Intelligence and Human Rights

    • Commercial AI Use

    • Data Protection

    • International Privacy

    • Analysis

  • EPIC and 48 Civil Society Organizations Send Joint Statement to New EU Presidency to Withdraw CSA Regulation that Would Break Encryption.

    July 2, 2024

    EPIC and 48 civil society organizations sent a joint statement to the new president of the EU reiterating our concerns over the proposed

    • Cybersecurity

    • Data Protection

    • Encryption

    • International Privacy

    • Updates

  • EPIC Awards the Tire Meu Rosto da Sua Mira Campaign as EPIC International Privacy Champions

    May 29, 2024

    • Data Protection

    • Democracy & Free Speech

    • Face Surveillance & Biometrics

    • International Privacy

    • International Privacy Laws

    • Privacy & Racial Justice

    • Privacy in Public

    • Privacy Laws

    • Surveillance Oversight

    • Updates

  • Generating Harms

    May 14, 2024

    • Access to Information

    • AI in the Criminal Justice System

    • AI Policy

    • Artificial Intelligence and Human Rights

    • Big Data

    • Children's Privacy

    • Commercial AI Use

    • Communications Privacy

    • Competition and Privacy

    • Consumer Privacy

    • Cybersecurity

    • Data Brokers

    • Data Protection

    • Data Security

    • Democracy & Free Speech

    • Election Security

    • Enforcement of Privacy Laws

    • Government AI Use

    • Government Records & Privacy

    • Health Privacy

    • International Privacy

    • International Privacy Laws

    • Online Harassment

    • Privacy Laws

    • Proposed U.S. Legislation

    • Robocalls

    • Screening & Scoring

    • Social Media Privacy

    • Student Privacy

    • U.S. Privacy Laws

    • U.S. State Privacy Laws

    • Web Scraping

    • Workplace Privacy

  • Comments of EPIC to the Office of the Privacy Commissioner of Canada Regarding the Update to Guidance on Handling Biometric Information

    May 1, 2024

    By notices published October 11, 2023, the Office of the Privacy Commissioner of Canada (“OPC”) has solicited input on its guidance for both public1 and private2 sector organizations handling biometric information, to close on January 12, 2024.3 These guidance documents are intended to update the biometrics guidance first published in 2011 and address evolutions in biometric technology and use as well as addressing how both the Personal Information Protection and Electronic Documents Act (“PIPEDA”) and the Privacy Act intersect with biometric information processing. Pursuant to the request for input on the updated guidance documents, the Electronic Privacy Information Center (“EPIC”) submits the following comments. 

    • Data Protection

    • Face Surveillance & Biometrics

    • International Privacy

    • Surveillance Oversight

    • Comments

  • EPIC Urges UK ICO to Prohibit “Consent or Pay” Business Models

    April 22, 2024

    On April 17, EPIC submitted comments to the UK ICO on its call for views relating to “Consent or Pay” business models. In its comments, EPIC urged the ICO to prohibit the use of the facially illegal business model due to the clear violation of the UK GDPR’s definition of consent.

    • Big Data

    • Consumer Privacy

    • Data Protection

    • International Privacy

    • International Privacy Laws

    • Privacy Laws

    • Updates

  • EPIC Comments to DOJ Regarding ANPRM on Access to Americans’ Bulk Sensitive Personal Data and Government Related Data by Countries of Concern

    April 22, 2024

    The Electronic Privacy Information Center (EPIC) submits these comments in response to the Department of Justice’s (DOJ) Advance Notice of Proposed Rulemaking (ANPRM) on Provisions Regarding Access to Americans' Bulk Sensitive Personal Data and Government-Related Data by Countries of Concern, published on March 5, 2024,1 which responds to President Biden’s Executive Order on Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern (EO 14117).2

    • Consumer Privacy

    • Data Brokers

    • Data Protection

    • Intelligence Surveillance

    • International Privacy

    • Location Tracking

    • Surveillance Oversight

    • APA Comments

  • EPIC Comments to UK ICO Call for Views on “Consent or Pay” Business Models

    April 22, 2024

    By notice published March 6, 2024, the United Kingdom’s Information Commissioner’s Office (“UK ICO” or “the ICO”) has called for views regarding “consent or pay” business models (hereinafter “the Consultation”) to close on April 17, 2024.[1] This Consultation is intended to address an emerging business model where individuals are blocked from accessing a website unless they consent to their personal information being processed for the purpose of targeted advertising, or, as the ICO puts it, “pay a fee and not be tracked.”

    • Consumer Privacy

    • Data Protection

    • International Privacy

    • International Privacy Laws

    • Privacy Laws

    • Web Scraping

    • Comments

  • What U.S. Regulators can Learn from the EU AI Act

    March 22, 2024

    On March 13, the European Union Parliament passed the Artificial Intelligence Act (“AI Act” or “the Act”), taking the penultimate step in a years-long legislative process. Originally proposed in early 2021, the sweeping, harms-based Act categorizes artificial intelligence systems by preconceived risks to fundamental rights, public safety, and public health into prohibited, high-risk, or low or no-risk systems.

    • AI Policy

    • Artificial Intelligence and Human Rights

    • Data Protection

    • Face Surveillance & Biometrics

    • International Privacy

    • Surveillance Oversight

    • Analysis