The use of artificial intelligence by a company can be a gamechanger. But it also could impact employees and customers in ways that one doesn’t imagine. And it could be irreversible....more
The White House wants to promote “Responsible AI Innovation that Protects Americans’ Rights and Safety.”
•Here are some key points from the announcement:
•Ex Ante Check: When it comes to AI, we must place people and...more
Washington Governor Jay Inslee has signed the My Health, My Data Act into law.
Here are some key takeaways.
Approach to privacy: The people of Washington regard their privacy as a fundamental right and an essential...more
Are you hiring or promoting employees with the assistance of some sort of automated tool? Do you do business in New York City? Starting July 5, 2023, here is what you need to do:
1. Determine whether you hire or promote...more
A new bill to regulate AI is working its way through committees in the California legislature.
Here are a few points of the proposed law (AB331), which would impact business with 25 or more employees, unless the tool...more
The GDPR journey has not been wonderful.
NOYB has 800 cases out and the enforcement process is difficult because procedural law is different in different countries....more
The UK’s Information Commissioner’s Office has issued guidance on the scope of age appropriate design code, and they want public comment. This is very important for companies subject to the already passed California Age...more
The Federal Trade Commission Act’s prohibition on deceptive or unfair conduct can apply if you make, sell or use a tool that is effectively designed to deceive – even if that’s not its intended or sole purpose....more
Why is the new noyb action against websites and data brokers regarding cookie-based authentication important for compliance with the new U.S. privacy laws?...more
The European Data Protection Board (EDPB) has issued a long-awaited opinion on the EU-US Data Privacy Framework.
Here are some key takeaways:
The scope of the exemptions to the adherence to the principles, including on the...more
“The times they are a-changin’,” Bob Dylan sang almost 60 years ago. And when it comes to consumers’ reasonable expectations of privacy, they are still a-changin.
I recently participated in a panel hosted by Usercentrics...more
A new bill filed in Washington, D.C. aims to regulate algorithmic decision making tools.
The bill, which comes on the heels of another one filed in New jersey and a law already in effective in New York City, could have far...more
Here is a look at some of the data privacy issues President Joe Biden outlined in his 2023 State of the Union.
Protect Kids Online-
•Platforms and other interactive digital service providers should be required to...more
The California Privacy Protection Agency (CPPA) has issued a Final Statement of Reasons for amended California Consumer Privacy (CCPA) regulations.
Key Points:
The amendments were “necessary” (used 135 times), just...more
What do you need to know about the latest revisions to the Colorado CPA Rules?
Some key points:
Universal Opt-Out Mechanism (UOOM)-
•The Universal Opt-Out Mechanism does not need to be tailored only to Colorado or refer...more
Data Privacy Day is this weekend. Here are some tips and pointers individuals and businesses should keep in mind going forward.
1. Transparency is front and center for regulators in the United States and Europe, so if...more
The Virginia legislature is considering looking at amending the state’s Consumer Data Protection Act to expand protections related to children’s data. Some key points in the bill:
•Child defined as under 18, not 13-...more
A new Washington State bill works to close the gap between consumer knowledge and industry practice by providing stronger privacy protections for all Washington consumers’ health data....more
It’s six days into the new year and we already have four new comprehensive privacy bills from: New York, Kentucky, Tennessee and Oklahoma.
There are a lot of moving pieces here and you can go cross-eyed trying to comply with...more
Colorado Attorney General Phil Weiser has published revisions to the Colorado Privacy Act rules, as well as some additional questions for public feedback.
His questions include:
What are the pros and cons of using IP...more
If your website, app or game targets kids (or sort of targets kids) and you haven’t been taking your obligations under the Children’s Online Privacy Protection Act of 1998 seriously, then maybe this will be the wake-up call...more
The United States is adequate, at least according to a draft opinion on the EU-U.S. Data Privacy Framework. Here is a look at what the opinion says, and what U.S. companies involved in EU-U.S. transfers should be doing now....more
The European Data Protection Supervisor (EDPS) has submitted comments to FTC Rulemaking on commercial surveillance.
Here are some key takeaways.
IOT devices:
•It is important that data from the Internet of Things are...more
You need a data retention plan. No really.
And not just in the European Union. In California too.
Commission Nationale de l’Informatique et des Libertés (CNIL) has fined messaging platform Discord 800,000 EUR for (non...more
For deidentification under the traditional laws like HIPAA, removal of identifiers qualifies.
That was a key facet of what I discussed last week on an anonymization panel during the IAPP Europe Data Protection Congress...more