Cobun Zweifel-Keegan, CIPP/US, CIPM
Cobun Zweifel-Keegan is the Managing Director of IAPP, Washington, D.C. Through this role, Cobun works to integrate the diverse voices of privacy professionals into the evolving tech policy conversation, engaging with business representatives, civil society, congressional leaders, and federal government stakeholders.
Prior to returning to IAPP, Cobun served as Deputy Director of Privacy Initiatives at BBB National Programs, where he advised independent mechanisms that bring accountability and transparency to business privacy practices through voluntary—but enforceable—frameworks like Privacy Shield and the Cross-Border Privacy Rules. Through this work, Cobun also facilitated the development of new programs to clarify best practices in emerging areas such as youth privacy and artificial intelligence.
Cobun first worked at IAPP as a Westin Research Fellow, focusing his research on the global spread of uniform data privacy norms with the advent of the privacy profession. On this topic, in collaboration with IAPP President and CEO J. Trevor Hughes, Cobun published a chapter in the Cambridge Handbook of Consumer Privacy, “Enter the professionals: organizational privacy in the digital age.”
Cobun is a graduate of the University of Colorado School of Law where he served as Executive Editor of the Colorado Technology Law Journal. While in law school, Cobun sought a broad range of privacy and communications law perspectives, interning at Hogan Lovells, the Federal Trade Commission, the Colorado Technology Association, and AT&T.
Named after a creek in West Virginia, Cobun became fascinated with privacy when he realized his unique name made his online presence easily trackable. He earned his undergraduate degree in psychology at Colorado College. This background in social science further inspired his interest in the design of mechanisms that spread privacy norms.
Contributions by Cobun Zweifel-Keegan
-
Navigating the privacy landscape: A look back at 2024 and what is to come
Web Conference Speaker -
The U.S. Privacy Patchwork: Practical Considerations for GDPR Companies
Speaker at IAPP Europe Data Protection Congress 2024 -
AI’s impact on the language industry
Web Conference Speaker -
US State AI Governance Legislation Tracker
Westin Research Center -
Compliance Kaleidoscope: Adapting to Big Shifts in U.S. Privacy
Moderator at IAPP Privacy. Security. Risk. 2024 -
Fight, Flight, or Comply: What’s Next for Privacy Enforcers?
Moderator at IAPP Privacy. Security. Risk. 2024 -
US State Privacy Crash Course: What Is New and What Is Next?
Speaker at IAPP Privacy. Security. Risk. 2024 -
Implementing Trans-Atlantic Transfers
Westin Research Center -
Fireside Chat on Updates to the Privacy and Security Regulatory Landscape
Speaker at In-Person New York KnowledgeNet: 20 Aug. 2024 -
What to expect when you’re acquiring data: New rules for data brokers
Web Conference Speaker -
American Privacy Rights Act cheat sheet
-
A view from DC: FCC geolocation orders show privacy's lost waypoint
United States Privacy Digest -
FISA Section 702's Reauthorization Era
The Privacy Advisor -
A view from DC: Will Maryland end the era of notice and choice?
United States Privacy Digest -
A view from DC: The gossip test for sensitive data
United States Privacy Digest -
Top takeaways from the draft American Privacy Rights Act
The Privacy Advisor -
US Institutions Privacy Stakeholder Map
-
Direct Insights from U.S. State Privacy Enforcers
Moderator at IAPP Global Privacy Summit 2024 -
A view from DC: The path to IAPP Global Privacy Summit 2024
United States Privacy Digest -
A view from DC: Restoring privacy to the skies
United States Privacy Digest -
A view from DC: US House ready to pass data broker bill
United States Privacy Digest -
A view from DC: Biden's State of the Union calls out children's privacy — yet again
United States Privacy Digest -
A new era of US privacy policy? National security restrictions on personal data transactions
The Privacy Advisor -
A view from DC: Is your privacy notice stuck in the '90s?
United States Privacy Digest -
A view from DC: Kids Online Safety Act could pass — and it applies to you
United States Privacy Digest -
A view from DC: FTC v. Kochava — License to litigate
United States Privacy Digest -
A view from DC: Can the private sector catch up with government privacy assessments?
United States Privacy Digest -
A view from DC: What if we had no word for privacy?
United States Privacy Digest -
A view from DC: Updating the map of location privacy safeguards
United States Privacy Digest -
A view from DC: Cyberspace was colonized; 2024 is AI's turn
United States Privacy Digest -
Biased AI systems face the music: Analyzing the FTC's Rite Aid enforcement
-
A view from DC: Is protecting kids worth the tradeoffs?
United States Privacy Digest -
Implications of the AI executive order for business
Westin Research Center -
CPPA's draft automated decision-making rules unpacked
The Privacy Advisor -
A view from DC: The fight over defining 'AI' is far from over
United States Privacy Digest -
A view from DC: FTC v. Kochava – Never say never again
United States Privacy Digest -
A view from DC: All the president’s ministers — an all-of-government AI response
United States Privacy Digest -
What's Next for AI Accountability: From Policy to Practice
Moderator at AI Governance Global 2023, an IAPP event -
A view from DC: State attorneys general allege addiction through data collection
United States Privacy Digest -
A view from DC: Sectoral rules make US AI governance policy leader
United States Privacy Digest -
Notes from the IAPP Managing Director, Washington DC, 6 Oct. 2023
United States Privacy Digest -
The Future of Biometrics: Everything Everywhere All at Once
Moderator at IAPP Privacy. Security. Risk. 2023 -
The State of U.S. Privacy Law
Speaker at IAPP Privacy. Security. Risk. 2023 -
A view from DC: FTC prepares for commissioner appointments, potential bipartisanship
United States Privacy Digest -
The Kids Are All Rights: The Conflict between Free Speech and Youth Privacy Laws
Westin Research Center -
A view from DC: White House preps a 'bridge' to AI regulation
United States Privacy Digest -
A view from DC: The professor and the politicos
United States Privacy Digest -
A view from DC: US Senate is back in session, tackling AI
United States Privacy Digest -
A view from DC: NIST proposes update to guidance on privacy learning programs
United States Privacy Digest -
A view from DC: Can there be accountability for web scrapers?
United States Privacy Digest -
A view from DC: Dramatic expansion of regulated consumer reports
United States Privacy Digest -
A view from DC: California is going after cars first, everyone else next
United States Privacy Digest -
A view from DC: Adtech is built on a privacy fault line
United States Privacy Digest -
A view from DC: Congress sprints to the starting line before August recess
United States Privacy Digest -
A view from DC: Senators audit tax prep privacy practices
United States Privacy Digest -
A view from DC: Who should do something about voice cloning?
United States Privacy Digest -
A view from DC: Celebrating privacy’s 50th birthday
United States Privacy Digest -
A view from DC: US intelligence agencies are purchasing consumer data
United States Privacy Digest -
A View from DC: Could the Senate act on AI before privacy?
United States Privacy Digest -
A view from DC: The FTC says ‘Let It Go,’ don’t hold that data anymore
United States Privacy Digest -
A view from DC: Sectoral privacy updates spread with strengthened student standards
United States Privacy Digest -
A View from DC: The FTC says, if it can be biometric data, it already is
United States Privacy Digest - Web Conference Speaker
-
A view from DC: A red wave of state privacy laws
United States Privacy Digest -
A view from DC: Die Another Day: FTC v. Kochava
United States Privacy Digest -
A view from DC: We need zero trust for privacy and AI
United States Privacy Digest -
How should mobile apps prepare for California's privacy scrutiny?
Westin Research Center -
A view from DC: Connecting the dots: The Global CBPR Forum grows
United States Privacy Digest -
A View from DC: HHS takes action on reproductive privacy
United States Privacy Digest -
Web Scraping: Understanding Compliance Risks and Hidden Costs
Moderator at IAPP Global Privacy Summit 2023 -
Oh, the Places We Might Go: US Privacy Law and Regulation
Speaker at IAPP Global Privacy Summit 2023 -
A view from DC: Should ChatGPT slow down?
United States Government -
A view from DC: A recap of the TikTok hearing
United States Privacy Digest -
A view from DC: Data deletion and the threat of ‘heinous crimes’
United States Privacy Digest -
A view from DC: Scandalous locations and ‘the privacies of life’
United States Privacy Digest -
A view from DC: In Utah, ‘parent over shoulder’ will be the new normal
United States Privacy Digest -
A view from DC: Can scraping challenges help limit the idea of public data?
United States Privacy Digest -
A view from DC: Crisis and compromise
United States Privacy Digest -
A healthy dose of consent: Takeaways from the FTC’s GoodRx case
The Privacy Advisor -
A view from DC: If you can’t beat social media, ban it?
United States Privacy Digest -
A view from DC: From consumer protection to innovation and data
United States Privacy Digest -
A view from DC: Equal data protection and the NTIA
United States Privacy Digest -
A view from DC: All the President’s tech policy
United States Privacy Digest -
A view from DC: Multilateralism is not dead
United States Privacy Digest -
Takeaways from Epic Games settlement: Teen privacy arrives at the FTC
The Privacy Advisor -
A view from DC: Elon Musk’s privacy lessons
United States Privacy Digest -
Text comparison of principles for commercial transfers: From Privacy Shield to DPF
-
A view from DC: Privacy compromise: As seen on TV
United States Privacy Digest -
A view from DC: 3 out of 5 attorneys general prefer data minimization
United States Privacy Digest -
A view from DC: Lame ducks and safe kids
United States Privacy Digest -
Perspectives on the Latest US Privacy Developments
Moderator at IAPP Europe Data Protection Congress 2022 -
A view from DC: Uncertainty reigns
United States Privacy Digest -
A view from DC: The school of hard notices
United States Privacy Digest -
A View from DC: The undiscovered country
United States Privacy Digest -
Youth Privacy: Lessons from gaming and beyond
Speaker at Virtual Washington D.C. KnowledgeNet: October 27, 2022 -
Maximize your minimization and other takeaways from the FTC’s Drizly case
The Privacy Advisor -
A view from DC: Privacy gets inclusive
United States Privacy Digest -
The Day After Tomorrow: What’s Next for U.S. Consumer Privacy?
Moderator at IAPP Privacy. Security. Risk. 2022 -
Building the next generation of security and privacy professionals
-
The future of youth privacy is here
The Privacy Advisor -
A view from DC: Is purpose-built privacy possible?
United States Privacy Digest -
A view from DC: What color are your patterns?
United States Privacy Digest -
Scope of the draft American Data Privacy and Protection Act
Privacy Bar Section -
A view from DC: The FTC eagerly awaits your comments
United States Privacy Digest -
A view from DC: September brainstorms bring April panels
United States Privacy Digest -
A view from DC: 'Dear Speaker Pelosi'
United States Privacy Digest -
A view from DC: The Kochava Gambit
United States Privacy Digest -
A view from DC: Is everything commercial surveillance?
United States Privacy Digest -
A view from DC: Does privacy care about truth?
United States Privacy Digest -
A view from DC: The US privacy trolley problem
United States Privacy Digest -
A view from DC: Is that a mirage or a real-life bipartisan privacy compromise?
United States Privacy Digest -
A view from DC: Don’t say anonymous unless you really mean it
United States Privacy Digest -
A view from DC: Considering what is defined as genetic data
United States Privacy Digest -
A view from DC: Reflections on federal privacy legislation, the Dobbs ruling, FTC rulemaking and more
United States Privacy Digest -
A view from DC: A look at the updated American Data Protection and Privacy Act
United States Privacy Digest -
Heard around DC — Reflection on the draft federal privacy legislation
United States Privacy Digest -
Understanding the scope of the draft American Data Privacy and Protection Act
The Privacy Advisor -
Heard around DC — Reflections on a potential US data privacy law
United States Privacy Digest -
Heard around DC — The latest on federal privacy legislation, FTC activity
United States Privacy Digest -
Heard around DC — FTC on edtech, federal legislation, biometrics and more
United States Privacy Digest -
A view from DC: Roundup & reflections for May 13, 2022
United States Privacy Digest -
Heard around DC — Roundup and reflections for May 6, 2022
United States Privacy Digest -
Heard around DC — Roundup and reflections for April 29, 2022
United States Privacy Digest -
Heard around DC – Roundup and reflections for April 22, 2022
United States Privacy Digest -
Heard around DC – Roundup and reflections for April 14, 2022
United States Privacy Digest -
Mapping a Path to Career Success in Privacy: Former IAPP Westin Fellow’s Insight
Speaker at IAPP Global Privacy Summit 2022 -
Heard Around DC — Roundup and reflections for April 8, 2022
United States Privacy Digest -
Heard around DC – Roundup and reflections for April 1, 2022
United States Privacy Digest -
Heard around DC — Roundup and reflections for March 25, 2022
United States Privacy Digest -
Hidden privacy lessons in the FTC’s CafePress security enforcement
The Privacy Advisor -
Heard around DC — Roundup and reflections for March 14, 2022
United States Privacy Digest -
A globalized CBPR framework: Peering into the future of data transfers
The Privacy Advisor -
Adapting GDPR/CCPA Data Rights Processes for CPRA, CDPA, ABCD, WXYZ and Beyond
Adapting GDPR/CCPA Data Rights Processes for CPRA, CDPA, ABCD, WXYZ and Beyond -
Deal or No Deal: How Brexit Could Affect Data Adequacy
Web Conference Speaker -
How independent dispute resolution fosters the exercise of data subject rights
Privacy Perspectives