Privacy for All

Privacy should be a right for everyone, everywhere. Join our global movement for privacy rights.

Why is data privacy the foundation of trustworthy AI?

At Mozilla, we have worked hard for decades to protect your privacy online. But what does our privacy look like in a world increasingly dominated by AI? Our online footprint can reveal a lot about us – everything from our live location or child’s school to our personal dating preferences and political affiliations. AI is making it even easier to extract sensitive inferences from our personal data, making this data an increasingly valuable digital currency for companies to ruthlessly exploit for profit. A lack of comprehensive privacy laws in key markets like the U.S. means that there’s nothing to stop companies from maximizing their data collection efforts to build AI systems and secure a competitive advantage.

Today’s AI is built on massive amounts of data. Our data. To regulate AI meaningfully, we therefore have to address how companies collect, retain and sell on this data. Policymakers around the world, alarmed by the “datafication” of our lives, are increasingly realizing that AI and privacy are inextricably linked. The EU’s landmark AI Act, for example, makes over 30 references to its existing privacy regulations - the General Data Protection Regulation (GDPR). Data privacy laws are the foundation of effective AI regulation.

null
pr:vacy for a//

AI posing as a human being when interacting with me is increasingly obnoxious and dishonest but is considered an inevitable and legit avenue of "progress"

—survey respondent

But such privacy protections do not exist everywhere. The global movement for consumer privacy rights that began with the passage of GDPR in 2016 has had very different impacts around the world. Some countries adopted almost identical replicas of the GDPR, without the same resourcing or enforcement infrastructure. And in the U.S., political gridlock at the federal level has resulted in a patchwork of state-level protections of varying strengths.

The lack of privacy laws in the U.S. and other large markets means that people around the world remain unprotected – even if they live somewhere with a privacy law. For example, in 2022 alone there were over 1,800 data breaches in the U.S., affecting over 400 million people worldwide. The reality is, weak or nonexistent privacy laws in one part of the world mean that everyone is vulnerable.

That is why the movement for data privacy must be relentless until we truly have “privacy for all.” This is a global movement to take back our power and ensure privacy is a right for everyone, regardless of where they live. This means establishing privacy laws where they do not exist, and where they do exist, making sure they remain strong, protected and enforced. Otherwise, we can expect large, multinational companies to set the agenda – either by supporting weak laws, negotiating down their obligations, or pushing limited enforcement of regulations on AI.

We believe the most important place to start is the U.S., as its combination of large AI companies and weak federal standards on privacy are creating conditions that are ripe for exploiting people's privacy. By passing a strong federal privacy bill, Americans and people around the world won't be dependent on an inconsistent patchwork of state-level protections.

A company must share with me all data they have about me and be willing and able to make corrections.

—survey respondent

null

See how you can Take Action now

Demand Privacy for All: Support a Federal Privacy Law in the U.S.

* indicates a required field









Why is data privacy the foundation of trustworthy AI?

At Mozilla, we have worked hard for decades to protect your privacy online. But what does our privacy look like in a world increasingly dominated by AI? Our online footprint can reveal a lot about us – everything from our live location or child’s school to our personal dating preferences and political affiliations. AI is making it even easier to extract sensitive inferences from our personal data, making this data an increasingly valuable digital currency for companies to ruthlessly exploit for profit. A lack of comprehensive privacy laws in key markets like the U.S. means that there’s nothing to stop companies from maximizing their data collection efforts to build AI systems and secure a competitive advantage.

Today’s AI is built on massive amounts of data. Our data. To regulate AI meaningfully, we therefore have to address how companies collect, retain and sell on this data. Policymakers around the world, alarmed by the “datafication” of our lives, are increasingly realizing that AI and privacy are inextricably linked. The EU’s landmark AI Act, for example, makes over 30 references to its existing privacy regulations - the General Data Protection Regulation (GDPR). Data privacy laws are the foundation of effective AI regulation.

null
pr:vacy for a//

AI posing as a human being when interacting with me is increasingly obnoxious and dishonest but is considered an inevitable and legit avenue of "progress"

—survey respondent

But such privacy protections do not exist everywhere. The global movement for consumer privacy rights that began with the passage of GDPR in 2016 has had very different impacts around the world. Some countries adopted almost identical replicas of the GDPR, without the same resourcing or enforcement infrastructure. And in the U.S., political gridlock at the federal level has resulted in a patchwork of state-level protections of varying strengths.

The lack of privacy laws in the U.S. and other large markets means that people around the world remain unprotected – even if they live somewhere with a privacy law. For example, in 2022 alone there were over 1,800 data breaches in the U.S., affecting over 400 million people worldwide. The reality is, weak or nonexistent privacy laws in one part of the world mean that everyone is vulnerable.

That is why the movement for data privacy must be relentless until we truly have “privacy for all.” This is a global movement to take back our power and ensure privacy is a right for everyone, regardless of where they live. This means establishing privacy laws where they do not exist, and where they do exist, making sure they remain strong, protected and enforced. Otherwise, we can expect large, multinational companies to set the agenda – either by supporting weak laws, negotiating down their obligations, or pushing limited enforcement of regulations on AI.

We believe the most important place to start is the U.S., as its combination of large AI companies and weak federal standards on privacy are creating conditions that are ripe for exploiting people's privacy. By passing a strong federal privacy bill, Americans and people around the world won't be dependent on an inconsistent patchwork of state-level protections.

A company must share with me all data they have about me and be willing and able to make corrections.

—survey respondent

null

See how you can Take Action now