Skip to content

7. Privacy & Applicable Laws

Jump to bottom
Bolaji Ayodeji edited this page Sep 3, 2024 · 12 revisions

Note

Indicator Requirement: "Digital public goods must be designed and developed to comply with privacy and other applicable laws."

For this indicator, you must provide a link to the privacy policy, terms of service, or other relevant legal documentation of your digital solution. As more and more social and economic activities take place online, the importance of privacy and data protection is increasingly recognized. Of equal concern is the collection, use and sharing of personal information with third parties without notice or consent of consumers. Applicants are encouraged to provide a list of the relevant laws that the digital solution complies with, in the relevant jurisdiction. A good way to provide evidence of this is to:

  • Visit the data protection and privacy legislation worldwide website.
  • Select the country of choice in the dropdown menu.
  • Click on the plus (+) icon to get more details.
  • Choose the "data protection and privacy laws" category.
  • Identify all laws applicable to you.
  • State any privacy laws you comply with in your application.
  • Provide a link to your project's or organization's privacy policy (you can use this tool to generate one), which should make mention of the laws complied with.

Example Laws

Below are some privacy and applicable law recommendations.

Data Protection and Privacy Laws
  • General Data Protection Regulation (GDPR): Applies to businesses that handle the personal data of EU residents.
  • California Consumer Privacy Act (CCPA): Protects the privacy rights of residents of California.
  • Health Insurance Portability and Accountability Act (HIPAA): For products handling healthcare data in the U.S.
  • Children’s Online Privacy Protection Act (COPPA): Governs the online collection of personal information from children under 13 in the U.S.
Intellectual Property Laws
  • Copyright Law: Protects original works of authorship such as software code, images, and written content.
  • Trademark Law: Protects brand names, logos, and other identifiers.
  • Patent Law: Protects inventions and certain types of software innovations.
Consumer Protection Laws
  • Federal Trade Commission (FTC) Act: Prohibits unfair or deceptive practices in commerce in the U.S.
  • Electronic Commerce (EC Directive): Provides a legal framework for online services in the EU.
  • Consumer Rights Directive: Enhances consumer rights in the EU, particularly with regard to digital content and distance selling.
Accessibility Laws
  • Web Content Accessibility Guidelines (WCAG): Provides guidelines to ensure digital products are accessible to all users, often mandated by law.
  • European Accessibility Act (EAA): Requires all public sector websites and mobile apps to comply with WCAG 2.1 Level AA standards.
  • Americans with Disabilities Act (ADA): Requires web and mobile applications to be accessible to people with disabilities in the U.S.
Security Standards and Regulations
  • Payment Card Industry Data Security Standard (PCI DSS): For companies that handle credit card information.
  • Cybersecurity Information Sharing Act (CISA): Encourages sharing of internet security threats among U.S. companies and government.
Telecommunications and Electronic Communications Laws
  • CAN-SPAM Act: Regulates commercial email in the U.S.
  • EU Directive on Privacy and Electronic Communications: Addresses issues such as spam and cookies in the EU.
Digital Rights Management and Licensing

Digital Millennium Copyright Act (DMCA): Provides legal protection for digital rights management (DRM) and addresses copyright infringement.

Industry-Specific Regulations
  • Financial Industry Regulatory Authority (FINRA): For products dealing with financial services in the U.S.
  • Food and Drug Administration (FDA): For digital products related to health and wellness in the U.S.
International Trade Regulations
  • Export Administration Regulations (EAR): Controls the export of certain software and technology from the U.S.
  • EU Regulations on the Export of Dual-Use Items: Similar controls within the EU.
Advertising and Marketing Laws
  • Advertising Standards Authority (ASA): Regulates advertising in the UK.
  • FTC Advertising Guidelines: Ensures truth in advertising in the U.S.

Tip

Here's a collection of extra resources and helpful links curated by the DPGA and the DPG community you can explore or contribute to.

Digital Public Goods (DPGs) are open-source software, open data, open AI systems, and open content collections that adhere to privacy and other applicable laws and best practices, do no harm, and help attain the Sustainable Development Goals (SDGs). If you have any questions regarding the DPG application process or anything else, you can ask directly to the DPG Community for guidance or send us an email; we're available to help you.


Digital Public Goods Badge
Clone this wiki locally