Privacy News

The EU Artificial Intelligence Act (AI Act) will be the first comprehensive legislation to regulate AI broadly in Europe and beyond. Read more

Canada’s Artificial Intelligence Data Act (AIDA) was introduced as part of Bill C-27 in June 2022 but will not likely be in force until 2025. While there are obvious challenges in establishing regulations for rapidly and perpetually evolving technology, privacy authorities in Canada saw a need to provide some immediate direction about generative AI in particular. Read more

By Jonathan Tam A patchwork of online privacy laws accord special protections to children and teenagers in California, and the regulatory landscape is quickly evolving. At the federal level, the Children's Online Privacy Protection Act ("COPPA") and related regulations govern the online collection, use, disclosure and other processing of personal information from children under 13. COPPA only applies to operators of online services that are directed to children and operators that have actual knowledge that they process personal information from… Read more

By Kate Aishton The FTC’s proposed updates for the Children’s Online Privacy Protection Act hit the Federal Register on January 11, starting the clock on its 60-day comment period. The Notice of Proposed Rulemaking for COPPA does not impact the underlying law but provides updated implementation and enforcement guidance while COPPA 2.0 and the Kids Online Safety Act, two legislative efforts for updating the now 25 year old law, remain blocked in Congress. Several changes promise big impacts for companies… Read more

The  civil action taken by the Security Exchange Commission (SEC) against SolarWinds and its Chief Information Security Officer (CISO) underscores the evolving landscape of liability concerns for CISOs. In the October 2023 suit filed in New York federal court, the SEC charged SolarWinds with failing to disclose the company’s cybersecurity weakness during a massive hack in its supply chain to investors. Read more

In 2018, Interactive Advertising Bureau Europe (IAB Europe) released the Transparency and Consent Framework (TCF) to provide guidance to parties in the digital advertising chain regarding compliance with GDPR and the ePrivacy Directive when obtaining and managing user consent for online advertising purposes.  Read more

As 2024 begins, we look back on the year 2023’s legislative session and the four privacy legislation that wound their way through the Assembly and Senate. On July 14, 2023, the California Privacy Protection Agency (CPPA) unanimously voted to show their support for all four legislation because each “supports the CPPA’s mission of protecting the privacy rights of Californians.” Below is a brief summary of each legislation and their status. Read more

On October 1, 2023, 23andMe, the personal genomics and biotechnology company, initially learned of a cyber threat after confirming user information was for sale on the dark web. 23andMe subsequently investigated the hacker’s claims that 4 million genetic profiles of UK customers were leaked. Read more

On November 16, 2023, the California State Bar released the Practical Guidance For the Use of Generative Artificial Intelligence in the Practice of Law, which the Bar states should be considered “as guiding principles rather than as ‘best practices.” The guidance comes at a time of accelerated development and use of generative artificial intelligence (GenAI). The legal profession particularly has been the subject of articles for years that speculate the replacement of attorneys with AI, such as six years ago and this year. However, attorneys are adapting and using GenAI in their legal practice. Read more

On November 27, 2023, the California Privacy Protection Agency (CPPA) released the draft automated decisionmaking technology regulations (ADTR) aiming to regulate consumer facing corporate use of artificial intelligence (AI). Along with the ADTR, CPPA also released an overview of the proposed framework for automated decisionmaking technology and key topics for their board meeting which was to be held on December 10, 2023. Read more