NIST has put its privacy framework (PDF) up for comment again.

Current controversy circles around whether the framework appropriately handles the relationship between privacy and security. Should the framework, for example, even be separate from the cybersecurity framework, or a sub/superset?

Also worth considering is how it will fare with an expansion of the IoT market and the adoption of artificial intelligence.