November was a whirlwind of regulatory updates – from EU AI Act revisions to ICO's stance on third-party cookies. Dive into the dynamic debates on AI exemptions, deep learning’s impact on AI, and the nuanced biometric surveillance discussions. Explore controversies around AI's use of copyrighted material and the ICO's stern warning to companies. Join the discourse on the ICO’s Clearview appeal and Italy's data protection authority's investigation into AI training. Stay ahead in the evolving data privacy landscape with our comprehensive coverage.
| |
On November 8, 2023, the CPPA published an updated draft of its cybersecurity audit regulations, intended, in part, to facilitate board discussion and public participation during the upcoming CPPA board meeting. The meeting is scheduled for December 8, 2023, at 9:00am PST, and is open to the public.
The new draft regulations focus on three main areas for cybersecurity auditing:
> Who the regulations will apply to.
> The threats that cybersecurity audits should identify.
> The scope of non-employee personnel’s involvement in audits.
| |
As the rest of the world continues to move forward with national data privacy legislation, the United States continues its well-established habit of proposing piecemeal data privacy laws that go nowhere. It is privacy virtue signaling at its best.
Read the blog to dive into the following selected legislation:
> "Stop Spying Bosses Act" & "No Robot Bosses Act"
> "Delete Act"
> "Data Privacy Act" and more....
| |
LEGISLATIVE & REGULATORY UPDATE | | |
|
USA: Bill on AI research, innovation, and accountability introduced to Senate
OneTrust DataGuidance
On November 15, 2023, U.S. Senators Amy Klobuchar, John Thune, Roger Wicker, John Hickenlooper, Shelley Moore Capito, and Ben Ray Luján introduced a bill for the Artificial Intelligence Research, Innovation, and Accountability Act of 2023. A link to the full text of the executive order can be found here.
| | |
|
US State Privacy Legislation Tracker
IAPP
In 2023, eight new states passed comprehensive data privacy legislation, joining California, Colorado, Connecticut, Virginia, and Utah, which already have data privacy laws in effect. The new states to pass such legislation include Delaware, Indiana, Iowa, Florida, Montana, Oregon, Tennessee and Texas.
| | |
Spotify fined $5M+ for GDPR violations
cybernews
The Swedish Privacy Authority (IMY) has fined the streaming platform 58 million Swedish kronor ($5.4 million) after investigating how Spotify handles customers' right to access their personal data.
| |
| |
Meta faces $600M competition damages claim in Spain as media owners pursue privacy breach lawsuit
TechCrunch+
Meta is facing a major legal challenge and damages claim in Spain that argues the adtech giant’s years of failing to have a valid legal basis for processing people’s data for ads under European Union data protection rules also constitutes a competition breach for which they should be compensated financially.
| |
| |
HBS Legal Trends: Legal Implications of Using AI in Your Business
Our most recent HBS Legal Trends podcast features Charlotte Partner Richard Sheinis and Tampa Of Counsel Jade Davis. Together, they discuss the legal implications of using artificial intelligence (AI) in your organization, including how AI can be used, the implementation of AI, developing internal AI policies and procedures, best practices, and much more.
You can listen to the full podcast below and learn more about the interview on the Business RadioX® website.
|
| |
Richard Sheinis
Rich is a Certified Information Privacy Professional (CIPP-US) and a Certified Information Privacy Technologist (CIPT) through the International Association of Privacy Professionals (IAPP). He works with companies to investigate and respond to HIPAA and other data breaches, advises on regulatory compliance including HIPAA, COPPA, PCI DSS, cross-border data transfer, the EU-US Privacy Shield, and other global privacy regulations.
| | |
Jade Davis
Jade provides strategic privacy and cyber-preparedness compliance advice, and defends, counsels, and represents companies on privacy, global data security compliance, data breaches, and investigations. She advises companies on best practices in privacy, cybersecurity, data, mobile, cloud storage, Ad Tech privacy, Internet of Things, and other areas of regulatory compliance.
| | |
If your company has experienced a data breach, contact us any time at Hall Booth Smith’s 24 hour data breach outreach email for assistance. | | | | |