Legitimate Processing Invented here in the U.S.
Privacy law began in the United States when Congress enacted the Federal Fair Credit Reporting Act (“FCRA”) in 1970. While framed as a consumer protection law, it was most certainly fair processing legislation. FCRA established rights of access, correction, and accuracy, but most importantly it created the concept of permissible purpose. The concept of permissible purpose is the seed for international concepts such as legal basis to process and legitimate use.
In writing the IAF’s response to the U.S. Government’s request for comments on “Developing the Administration’s Approach to Consumer Privacy,” the IAF reached back to those early concepts
, and applied them more broadly to the observational world we live in today.
You may find the IAF comments here.
The IAF as a research organization will continue to participate in the development of a U.S. privacy framework that creates guiderails for data driven innovation and prosperity, encourages fair processing, and is interoperable with global approaches.