E12: GDPR Article 22 and Automated Decision Making
Minnesota was the nineteenth state to pass a comprehensive data privacy law, the Minnesota Consumer Privacy Act (H.F. 4757) (MCPA), which becomes effective on July 31, 2025. While we continue to see more of these laws...more
What is profiling and what are our clients doing about it in the US and abroad? Personal information: •This is the analysis of information about/regarding a person. •The definition is broad, so if it’s attributable to a...more
On November 27, 2023, the California Privacy Protection Agency (CPPA) unveiled draft automated decisionmaking technology (ADMT) regulations that would set forth new consumer protections related to the profiling of consumers...more
On November 27, 2023, the California Privacy Protection Agency (CPPA) released draft regulations for automated decision-making technology (ADMT). While the CPPA has not officially begun the formal rulemaking process, the...more
The rapid spread of Artificial Intelligence (AI) systems in recent years has overlapped with the enactment of comprehensive privacy laws by multiple U.S. states. Aside from being generally applicable to AI systems in the...more
As part of the health budget bill signed by Governor Hochul in early May, New York has amended its General Business Law, introducing a prohibition on geofencing of health care facilities that goes into effect on July 2, 2023...more
On December 21, 2022, the Colorado Attorney General (“AG”) issued its latest set of draft regulations for the Colorado Privacy Act, which takes effect on July 1, 2023. The draft regulations revise an earlier set published on...more
On September 15, 2022, California Governor Newsom announced his signing of A.B. 2273, the California Age-Appropriate Design Code Act, which the legislature passed on August 30. The law – modeled after the United Kingdom...more
On August 30, 2022, the California Legislature passed A.B. 2273, the California Age-Appropriate Design Code Act. The bill – which is modeled after the United Kingdom Information Commissioner’s Office code of practice for age...more
Data Protection Commission Ireland has issued a report on the responses it received to its public consultation on its guidance on children’s rights. Of particular note is the careful consideration the commission gave the...more
Colorado passes its own omnibus state privacy law. Although there are overlaps with the California and Virginia privacy laws, the Colorado Privacy Act has its own distinctions and variations, namely a longer cure period and...more
After undergoing several rounds of revisions to the 2019 draft specifications, the new Information Security Technology-Personal Information Security Specifications (GB/T35273-2020) (New Personal Information Specifications)...more
With stay at home orders causing an upsurge in social media usage, the ability to navigate the variety of online platforms and identify, detect, and assess risk has never been more important for professional investigators....more
A new California privacy ballot initiative has been introduced by real estate developer and privacy rights advocate, Alastair Mactaggart. This new ballot initiative, titled The California Privacy Rights and Enforcement Act of...more
In late May the U.S. Department of Education (the “Department”) announced several changes to its College Scorecard, a tool that is intended to help students and their families make informed decisions about post-secondary...more
We previously cautioned that telephone companies sell customer data to third parties, including location data. Last year, the telecom industry pledged to stop the practice after pressure by members of Congress....more
Spoiler Alert: Behavioral advertising companies will find some bad news in the guidance. The Article 29 Working Party (WP29) advisory group, which will soon become the more transparently-named (and very powerful) European...more
On May 25, 2018, the EU General Data Protection Regulation (GDPR) will come into effect requiring companies that process personally identifiable information of EU residents to comply with a significant number of enhanced...more