Related Insights

CDT’s Comment on Apprehension, Processing, Care, and Custody of Alien Minors and Unaccompanied Alien Children

Data collected for the purpose of assessing the suitability of a sponsor should not be repurposed for enforcement; a program designed to focus on child welfare should not be co-opted for enforcement. Parents and family members are put in an impossible position: choose separation from your child or relative, or risk alerting ICE to you and your housemates’ presence.

Read More

Comments to LADOT on Privacy & Security Concerns for Data Sharing for Dockless Mobility

We wrote to urge the Los Angeles Department of Transportation (LADOT) to further evaluate and implement safeguards for its data sharing requirements for dockless mobility permit holders. The current Mobility Data Specification gives LADOT access to highly sensitive and potentially identifiable location info, both historically and in real time to a greater degree than the existing General Bikeshare Feed Specification.

Read More

CDT Comments to National Telecommunications and Information Administration (NTIA) on Advancing Consumer Privacy

We appreciate the NTIA’s recognition that companies should embrace longstanding Fair Information Practice Principles (FIPPs), as well as internal accountability and risk management efforts, but the administration must advance a legislative proposal for a federal privacy framework that additionally prohibits intrusive and unfair data collection and use.

Read More

Signals of Trustworthy VPNs – Questions for VPN Services

A list of questions that a trustworthy VPN service should be able to answer honestly, clearly, and thoroughly, signaling the provider’s commitment to earning user trust. The goal of these questions is to improve transparency among VPN services and to provide a way for users to easily compare privacy, security, and data use practices.

Read More

Unedited Answers: Signals of Trustworthy VPNs

CDT has been working with a number of VPNs to promote better practices. Below is a list of questions that a number of VPN services have answered, and we are publishing unedited, in regards to their corporate accountability and business models, privacy practices, and security protocols and protections. The VPNs that have agreed to contribute to this project are: ExpressVPN, IVPN, Mullvad, TunnelBear, and VyprVPN.

Read More

CDT Comments to FTC: Boosting Privacy by Design and Data Security Guidance

The following comments to the FTC address (1) how the Commission can use its Section 5 authority to address the role of design in privacy, (2) the Commission’s rulemaking and enforcement under COPPA, (3) the tools and resources necessary for the Commission to effectively hold industry accountable, and (4) recommendations for developing the Commission’s data security regime.

Read More