On May 19, 2025, President Trump signed the bipartisan TAKE IT DOWN Act into law. The Act criminalizes the publication of nonconsensual intimate visual depictions of individuals, including AI-generated deepfakes. Threats to...more
On January 16, 2025, the Federal Trade Commission (FTC) issued a Final Rule updating the Children’s Online Privacy Protection (COPPA) Rule, significantly expanding compliance obligations for online services that collect, use,...more
The Department of Justice’s (DOJ) final rule implements President Biden’s Executive Order 14117 of February 28, 2024, on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data...more
2/24/2025
/ Compliance ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Justice (DOJ) ,
Due Diligence ,
Executive Orders ,
Final Rules ,
Food and Drug Administration (FDA) ,
Foreign Entities ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
National Security ,
NIST ,
Personal Data ,
Sensitive Personal Information
The Department of Justice’s (DOJ) final rule implements President Biden’s Executive Order 14117 of February 28, 2024, on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data...more
2/20/2025
/ Compliance ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Justice (DOJ) ,
Executive Orders ,
Final Rules ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
National Security ,
Regulatory Requirements ,
Sensitive Personal Information
The California Privacy Protection Agency (CPPA) announced the formal public comment period for its latest proposed rulemaking package, which includes updates to existing regulations and introduces new guidelines for automated...more
1/13/2025
/ Artificial Intelligence ,
Automated Decision Systems (ADS) ,
California ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Insurance Industry ,
Personal Information ,
Privacy Laws ,
Regulatory Requirements ,
Risk Assessment ,
Rulemaking Process
During the course of any lending transaction, lenders will conduct a due diligence review of the borrower, including reviewing any relevant “know-your-customer” information. In the context of a fund finance transaction, this...more
10/10/2024
/ Borrowers ,
California Consumer Privacy Act (CCPA) ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Due Diligence ,
EU ,
Financial Institutions ,
Firewalls ,
General Data Protection Regulation (GDPR) ,
Investors ,
Lenders ,
Multi-Factor Authentication ,
SaaS
On April 4, 2024, Kentucky became the fifteenth state to enact a comprehensive data privacy law, with Governor Andy Beshear signing the Kentucky Consumer Data Protection Act (KCDPA) into law. The Kentucky law will go into...more
6/3/2024
/ Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
Fair Credit Reporting Act (FCRA) ,
FERPA ,
General Data Protection Regulation (GDPR) ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Opt-In ,
Popular ,
Right of Access ,
Sensitive Personal Information ,
State Data Privacy Laws
In September 2023, Delaware became the seventh state in 2023 to enact comprehensive privacy law with the Delaware Personal Data Privacy Act (DPDPA), joining Indiana, Iowa, Montana, Oregon, Tennessee and Texas. The DPDPA will...more
5/14/2024
/ Consumer Privacy Rights ,
Covered Entities ,
Data Privacy ,
Data Protection ,
Data Protection Acts ,
Data Security ,
EU ,
Exemptions ,
General Data Protection Regulation (GDPR) ,
Legislative Agendas ,
New Legislation ,
Personal Data ,
Privacy Laws ,
Regulatory Requirements ,
State and Local Government ,
State Privacy Laws
Welcome to the March edition of Akin Intelligence. This month, the EU AI Act was approved by the European Parliament, moving one step closer to becoming the first major AI law. In the U.S., the DOJ brought criminal charges...more
4/10/2024
/ Artificial Intelligence ,
Biden Administration ,
Commercial Litigation ,
Copyright ,
Corporate Governance ,
Cybersecurity ,
Data Privacy ,
Data Security ,
EU ,
Executive Orders ,
Healthcare ,
Innovative Technology ,
Intellectual Property Protection ,
Legislative Agendas ,
Life Sciences ,
Machine Learning ,
National Security ,
Regulatory Agenda ,
Regulatory Reform ,
Regulatory Requirements ,
State and Local Government ,
Technology Sector ,
UK
On February 9, 2024, California’s Third District Court of Appeals ruled that the California Privacy Protection Agency (CPPA) may begin enforcing its finalized data privacy regulations immediately, overturning the lower...more
On October 30, 2023, the Biden administration released a far-reaching executive order (EO) on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (AI). The EO issues directives related to the use...more
12/4/2023
/ Artificial Intelligence ,
Biden Administration ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Security ,
Executive Orders ,
Legislative Agendas ,
Machine Learning ,
National Security ,
New Legislation ,
NIST ,
Personal Information ,
Popular ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Reform ,
Regulatory Requirements ,
Risk Management ,
Technology Sector
On July 31, 2023, the California Privacy Protection Agency (CPPA) announced an enforcement review of the data privacy practices of connected vehicle (CV) manufacturers and technologies. This marks the first time the state’s...more
On May 11, 2023, Tennessee joined the rapidly growing ranks of U.S. states to enact a comprehensive data privacy law as Gov. Bill Lee (R-TN) signed the Tennessee Information Protection Act (TIPA) into law. Taking effect July...more
In a policy statement released on May 18, 2023, the Federal Trade Commission (FTC) warned of several consumer data privacy risks related to the increasing commercial use of biometrics technologies. The Commission unanimously...more
On June 18, 2023, Texas enacted the Texas Data Privacy and Security Act (TDPSA), joining the rapidly growing list of U.S. states with comprehensive data privacy laws.1 The statute will take effect on July 1, 2024, except for...more
As state-level data protection legislation steadily expands, one of the country’s early comprehensive privacy laws to be enacted, the Connecticut Data Privacy Act (CTDPA), will take effect on July 1, 2023. The CTDPA imposes...more
On May 4, 2023, an Idaho federal judge ruled that the Federal Trade Commission (FTC) needs stronger assertions of consumer harm in order for its data privacy suit against data broker/mobile analytics provider Kochava Inc....more
The Illinois Supreme Court issued a pair of decisions related to the Illinois Biometric Information Privacy Act (BIPA) that continue to ratchet up compliance pressure on businesses. On February 17, 2023, the Illinois Supreme...more
On March 29, 2023, Iowa Gov. Kim Reynolds signed into law Senate File 262, the Iowa Act Relating to Consumer Data Protection (ICDPA). Taking effect nearly two years from now on January 1, 2025, the ICDPA makes Iowa the sixth...more
The U.S. Department of Health and Human Services (HHS) continues to play a central role in helping health care organizations defend against cybersecurity threats, issuing cybersecurity briefs and a new cybersecurity framework...more
On March 15, 2023, the Colorado Attorney General (AG) finalized its set of regulations implementing the Colorado Privacy Act (CPA) – the Colorado Privacy Act Rules (“Colorado Rules”). The Colorado Rules clarify and expand...more
On April 19, 2023, the New York Attorney General (AG) published “Protecting Consumer’s Personal Information: Tips for Businesses to Keep Data Safe and Secure,” outlining data security best practices based on the AG’s...more
On March 30, 2023, the California Privacy Protection Agency (CPPA) announced that the California Office of Administrative Law (OAL) has approved the CPPA’s regulations and filed them with the Secretary of State, completing...more