iapp.org

The EU AI copyright playbook: The TDM exception and AI Act's transparency requirements

Artificial intelligence has uprooted traditional copyright protections, testing the limits of the current legal framework. This upheaval stems from the vast amount of information used to train AI ...
iapp.org

Data Act: Mapping the Interplays with the GDPR

This infographic is part of a series that maps different EU digital laws with the GDPR. The full series can be accessed here. The EU Data Act creates new rules on who can access and use data generated ...
iapp.org

What 2026 may bring for Canada's federal privacy reform efforts

Efforts to pass Canada's federal private-sector privacy law modernization bill were derailed last year by the resignation of former Prime Minister Justin Trudeau and a snap general election afterward ...
iapp.org

FTC policy statement signals COPPA enforcement flexibility around age verification practices

The U.S. Federal Trade Commission is signaling a notable shift in how it expects companies to approach children's privacy compliance, encouraging organizations' broad deployment of age verification ...
iapp.org

Data protection law in India and Vietnam: A discussion with Charmian Aw

While attending the IAPP U.K. Intensive 2026 in London, IAPP Editorial Director Jedidiah Bracy sat down with Hogan Lovells Partner Charmian Aw to discuss for this podcast the latest developments in ...
iapp.org

Notes from the IAPP Europe: A February in the lives of European privacy regulators

The IAPP is policy neutral. We publish contributed opinion pieces to enable our members to hear a broad spectrum of views in our domains. Artificial intelligence has been a well-established discussion ...
iapp.org

Personal data as dual-use technology: Privacy professionals face new export controls

A growing number of U.S. legal initiatives now treat personal data as a “dual-use” technology—an asset that can be exploited not only for commercial purposes but also for intelligence and national ...
iapp.org

Agentic AI and Automation Governance: Practical Controls for Data Risk

In enterprises environments, the biggest automation and AI risk is not “AI hype.” It is unmonitored Python running across endpoints and teams, quietly touching company data through internal APIs, ...
iapp.org

AI Governance Profession Report 2025

Take part in this year’s IAPP Governance Survey to share your experience and receive actionable insights you can use in your day-to-day role. This year’s survey looks at privacy governance, compliance ...
iapp.org

The half-baked future of cookies and other tracking technologies

Beware of the cookie! Accept all cookies. Functional or necessary cookies? Toggle analytics cookies. Death of the third-party cookie. Privacy professionals have been ...
iapp.org

EU Cyber Resilience Act: 101

This resource explores the EU Cyber Resilience Act, which establishes uniform cybersecurity requirements for products with digital elements across the EU. This resource is additionally part of a ...
iapp.org

European Commission proposes significant reforms to GDPR, AI Act

Less than a decade after the enactment of the European Union’s gold standard General Data Protection Regulation, the European Commission released its Digital Omnibus Regulation Proposal and Digital ...