Privacy News: January 26

State and federal privacy regulation, facial recognition, what's on tap for 2023 ... and more!

A red and orange neon sign with the word "news"

State and federal privacy regulation, facial recognition, what's on tap for 2023, a failed experiment with Mastodon ... and more!

This Year’s Must-Read Privacy Papers to be Honored at Capitol Hill Event

Future of Privacy Forum (

Future of Privacy Forum (FPF) does an annual list of Privacy Papers for Policymakers (PPPM) Awards.  Here's this year's winners:

And the best student papers:

Congrats to all the winners ... and wow, what a great reading list!

Facial recognition

She was denied entry to a Rockettes show — then the facial recognition debate ignited

Manuela López Restrepo on NPR (

It's a good article, with quotes from Evan Greer of Fight for the Future, law professor Hannah Bloch-Wehba, and Albert Fox Cahn of Surevillance Technology Oversight Project, but the framing is kind of weird

When a lawyer was denied entry to a Rockettes show, it became a flashpoint in the debate over facial recognition technology. Does it keep people safe, or risk further harm?

The fight over facial recognition technology's been going on for a long time ... and how does keeping a lawyer who's sued the Rockettes' parent company from seeing one of their shows actually keep people safe?  Still, like I say, a good article!

South Korea privacy watchdog warns against public facial recognition deployments

Alessandro Mascellino on (

The warning comes amidst a plan to introduce an access control system in government buildings designed to bind civil servant ID cards to face biometrics.

State privacy legislation

US State Privacy Legislation Tracker

Anokhy Desai, CIPP/US, CIPT on

This useful tool tracks proposed comprehensive US state privacy bills.  

Potential Rulemaking on the Horizon: CPPA Board Announces February Public Meeting

Alan L. Friel on The National Law Review (

The California Privacy Protection Agency Board announced it will hold a public meeting on February 3, 2023.

A very encouraging first step: My Health My Data’s first hearing

Jon Pincus on The Nexus of Privacy (

You'd think that there would be more coverage of a health data bill that responds to over 50% of the people in the US losing their rights ... but as far as I can tell, almost nobody wrote about My Health My Data's first hearing.  Interesting.  


Federal privacy legislation

Webinar: The Future of Data Privacy and Security in the 118th Congress

Today at 1:00 PM Pacific time

Tim Kurth, Chief Counsel, Innovation, Data, and Commerce Subcommittee, House Energy & Commerce Committee – Majority
Lisa Hone, Chief Counsel, Innovation, Data, and Commerce Subcommittee, House Energy & Commerce Committee – Minority

– [Moderator] Cristiano Lima, Reporter, The Washington Post
Alexandra Reeve Givens, President & CEO, Center for Democracy and Technology
Brandon Pugh, Director and Senior Fellow, Cybersecurity & Emerging Threats, R Street Institute
Cameron F. Kerry, Ann R. and Andrew H. Tisch Distinguished Visiting Fellow, Governance Studies, Center for Technology Innovation at The Brookings Institution

Webinar: What Will It Take for Congress to Pass Bipartisan Privacy Legislation?

on Innovation Technology and Information Forum (itiforg)

Another webinar, this one hosted by a tech industry trade assocation, on Tuesday, February 7, 2023 at 11:00 am Pacific time (2:00 Eastern).  Representative Jan Schakowsky (D-IL) will speak, and then Ashley Johnson of ITIF will moderate a panel with Eric Null of Center for Democracy & Technology and Divya Sridhar of SIIA (the security industry trade assocation)

Privacy in 2023

A look at what to expect for privacy in 2023 with Omer Tene

on International Association of Privacy Professionals (

IAPP Editorial Director Jedidiah Bracy sat down with former IAPP Managing Director Omer Tene to discuss what he thinks will be some of the biggest developments in privacy in 2023.

Global Privacy State of Play: What to Pay Attention to in 2023

Dr. Gabriela Zanfir-Fortuna on

What to pay attention to this year in privacy?  Enforcement; the race to AI Regulation; intertwining  of competition and data drotection law; regulatory movements in India, Argentina, Australia, Canada, and South Korea

Organizations Must Brace for Privacy Impacts This Year

J. Trevor Hughes on Dark Reading (

Expect more regulatory and enforcement action in the US and around the world.


We tried to run a social media site and it was awful

Bryce Elder on the Financial Times

Financial Times' Alphaville blog set up a Mastodon server a couple months ago and opened up registration to everybody. What could possibly go wrong?  Compliance, security, operational, and especially legal risks – and a lot more work than they expected.

[T]o summarise, Mastodon has proved more hassle than it’s worth.

So they're announcing the shutdown of (although giving people three months to migrate to another site). Easy come, easy go.

And ...

TikTok’s New Defense in Washington: Going on the Offense

Cecilia Kang, Sapna Maheshwari and David McCabe on the New York Times  (

Keeping its head down has not paid off for the company, which now faces regulatory pressure on many fronts. So it is starting to speak out.

Head of Israeli Cyber Firm NSO Group Reaffirms Company Commitment to Spyware

Byron Tau and Dustin Volz on The Wall Street Journal (

Yaron Shohat acknowledges past mistakes, but says the technology is vital for law-enforcement and intelligence agencies.

Amazon’s Trickle-Down Monopoly

Moira Weigel on Data & Society (

Hidden intermediaries have played key roles in making Amazon one of the most powerful corporations in the world, while remaining mostly invisible to customers: third-party (3P) sellers.

Defending Data: Privacy Protection, Independent Researchers, and Access to Social Media Data in the US and EU

Caitlin Vogus on Center for Democracy and Technology (

Legal requirements that social media companies make data available to independent researchers should not inadvertently become tools for unjustified and increased law enforcement surveillance of social media users. This report examines existing legal protections for stored social media data in the US and EU and how they might be impacted by researcher access to social media data.

AI governance and human rights

Kate Jones on Chatham House – International Affairs Think Tank (

Resetting the relationship

How to hide from drones and swerve everyday surveillance

Serena O’Sullivan on (

Biometric cameras collect your facial data everywhere, from mall cameras to flying drones. Not sure how to hide from drones? Use these tips.

Protect independence of privacy watchdog, EU Parliament to tell Greece

Sarantis Michalopoulos on EURACTIV (

Reality Check: How is the EU ensuring data protection in XR Technologies?

Sebastião Barros Vale on The Digital Constitutionalist  (

Extended reality (XR) technologies rely on large quantities of varied data about users and their environment, creating risks to their fundamental rights. e of their important role in enabling immersive experiences, which promise…

The year in UK GDPR regulatory enforcement action

Richard Jeens, Ross O’Mahony and Alex Buchanan on Privacy Laws & Business (

The ICO’s approach to enforcement is still risk-based, but increasingly targeted

Why universities need to build a culture around data and privacy

on EdScoop (

On the Cutting EDge podcast, the Rochester Institute of Technology’s Ben Woelk previews his new Educause workshop on data and privacy.

5 iPhone features you should enable for better privacy

Jim Martin on Tech Advisor (

Apple provides many ways to protect your privacy, but are you using them? Here’s how to check.

Data Privacy Day: 15 Tips to Keep in Mind for the Coming Year

Odia Kagan on JD Supra (

Data Privacy Day is this weekend. Here are some tips and pointers individuals and businesses should keep in mind going forward.

EU Takes Step Toward Approval of EU-US Data Privacy Framework

David Aaron on JD Supra (

As U.S.-based companies await a decision by the European Union (EU) regarding data transfers, the European process for approving the EU-U.S. data privacy framework has progressed a step.

#DataPrivacyWeek: Data Privacy Breeds Trust – Here’s Why

Russell Howe on Infosecurity Magazine (

Respecting your customers data choices can have big commercial benefits

Image credit: Daquella manera on Flickr via Wikipedia Commons.  licensed under the Creative Commons Attribution 2.0 license.