De-Identification Should be Relevant to a Privacy Law, But Not an Automatic Get-Out-of-Jail-Free Card

Stakeholders recommend exempting de-identified data, which includes anonymized, pseudonymized, and aggregated information, from the scope of privacy legislation. However, completely exempting these types of data is not just untenable; it is dangerous. In some cases de-identification fails to hide individual identities, and does not always prevent harms to groups of people. So what is the policy solution? In this post, we make three key recommendations.

Read More

The GDPR's Impact on Innovation Should Not Be Overstated

Protecting individuals’ privacy is far too often pitted against innovation and economic interests. However, this doesn’t have to be the case: strong privacy laws can establish clearer ground rules that level the playing field for businesses large and small and protect individuals from unfair, surprising, and privacy-invading practices. Thus far, the evidence that GDPR has hurt small- and medium-sized businesses is anecdotal and ultimately inconclusive.

Read More

Three Lessons in Content Moderation from New Zealand and Other High-Profile Tragedies

Details about how tech companies handled the shooter’s video and written manifesto, in combination with the public discourse on and reaction to the attacks, have made clear three fundamental facts about content moderation: automated content analysis is not a magic wand; the scale, speed, and iterative nature of online content is enormous; and we need much greater transparency.

Read More

Pennsylvania Is Taking Election Security Seriously

This time last year, Pennsylvania received a horrible grade in the Center for American Progress report on Election Security in All 50 States. Over the last year, the state has made significant improvements. More states can benefit from the approach that Pennsylvania took to developing its election security plan. Convening a diverse panel of experts to adapt industry best practices for local needs, and then codifying them into a series of recommendations, provides lawmakers with a blueprint for developing a long-term strategy.

Read More

What EU Lawmakers Mean When They Talk About Copyright (Hint: They Don’t Mean Your Copyright)

There is just no way for any online content sharing service provider (OCSSP) to even identify all rightsholders whose content may appear on their site, much less enter into licensing negotiations with them. Article 13 will lead the EU and all OCSSPs who wish to operate there toward a closed web, dominated by the works of major rightsholders and putting independent creators at a disadvantage. We urge MEPs reject the proposed text on Article 13.

Read More

Balancing the Scale of Student Data Deletion and Retention in Education

Deleting data is harder than you might think, and we’ve created some guidance about how to manage this complex task in an education context. We hope that the tools we provide can serve as starting points for practitioners to build robust data management in their own organizations, so that they can get the most out of their data while protecting their students.

Read More