On Aug. 1, 2024, the EU Artificial Intelligence Act (AI Act) entered into force and will gradually take effect over the next 36 months. This marks not only the end of yet another legislative saga within the European Union but
Privacy & Data Security
#StatusUpdate on Social Media, Apps, and Children’s Privacy
Regulations impacting children’s use of social media continues to be a space in motion the past few months. There have been developments at both the state level, as well as with the FTC. And there is no sign of slowing…
FAR ‘Controlled Unclassified Information’ Rule Clears Regulatory Review After 14 Years: What This Means For Federal Contractors
On Oct. 21, 2024, the OMB Office of Information and Regulatory Affairs (OIRA) concluded its regulatory review of the long-awaited Federal Acquisition Regulation Controlled Unclassified Information Rule (FAR CUI Rule), clearing the proposed rule’s path for publication in the Federal…
Massachusetts Supreme Court Narrows Scope of State’s Wiretapping Law
The Supreme Judicial Court of Massachusetts issued its decision in Vita v. New England Baptist Hospital, rejecting a plaintiff’s attempt to pin Wiretap Act liability on two hospitals that used pixel technology on their websites. This is a major win…
UK Brings Forward Bill to Reform UK Privacy Laws
In October 2024, the UK government introduced the Data (Use and Access) Bill (the Data Bill) to Parliament. The Data Bill represents a third attempt by UK ministers to bring about reforms to the UK’s data protection and ePrivacy regimes.…
UK: Data (Use and Access) Bill: newcomer or a familiar face?
Déjà vu in the world of UK data law: the Labour government has proposed reforms to data protection and e-privacy laws through the new Data (Use and Access) Bill (“DUAB”). The DUAB follows the previous government’s unsuccessful attempts to…
CFPB Releases Final Open Banking Rules: Key Takeaways for Fintech Companies
On October 22, 2024, the Consumer Financial Protection Bureau (CFPB) announced its long-awaited final rule on “Personal Financial Data Rights” (the Final Rule). The Final Rule implements Section 1033 of the Dodd-Frank Act, which provides consumers the right to access…
FTC Issues Final “Click-to-Cancel” Rule
On October 16, the Federal Trade Commission (“FTC”) announced a final “click-to-cancel” rule that amends the previous Negative Option Rule to “make it as easy for consumers to cancel their enrollment as it was to sign up.” The Rule also…
NYDFS Warns Against the Threat of Accidentally Hiring North Korean Remote IT Workers
Keypoint: The New York State Department of Financial Services (NYDFS) issued an industry letter outlining the threats posed to U.S. companies who hire remote technology workers linked to North Korea and may embezzle funds from their new employers.
On November…
DOJ Issues Notice of Proposed Rulemaking to Restrict Flow of Bulk Sensitive Personal Data to China and other Countries of Concern
On October 29, 2024, the Department of Justice (“DOJ”) published its Notice of Proposed Rulemaking (“NPRM”) to implement President Biden’s Executive Order 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern.”…