On April 12, 2024, the UK Information Commissioner’s Office launched the third installment in its consultation series examining how data protection law applies to the development and use of generative AI.
Privacy & Information Security Law Blog
Global Privacy and Cybersecurity Law Updates and Analysis
Latest from Privacy & Information Security Law Blog
Connecticut Attorney General Issues Report on Privacy Law Enforcement Priorities
The Connecticut Attorney General’s Office (“OAG”) has released a Report on the status of Connecticut’s Data Privacy Act, which covers complaints, inquiries, and early enforcement activities under the CTDPA.…
White House Executive Order on AI Rulemaking Efforts Advances as NTIA and White House OMB Issue Reports and Guidance
On March 27, 2024, the National Telecommunications and Information Administration (“NTIA”) issued its AI Accountability Report, and, on March 28, 2024, the White House announced the Office of Budget and Management’s (“OMB’s”) government-wide policy on AI risk management.…
Kentucky Set to Enact Comprehensive State Privacy Law
On March 27, 2024, the Kentucky legislature passed a comprehensive data privacy bill, which was delivered to the Governor for signature. If H.B. 15 is enacted, Kentucky will join the growing list of states with comprehensive data privacy laws.…
UK ICO Publishes Priorities for Protecting Children’s Privacy Online
On April 3, 2024, the UK Information Commissioner’s Office published its 2024-2025 priorities for protecting children’s personal data online.…
Florida Enacts Legislation Restricting Social Media Accounts for Minors
On March 25, 2024, Florida Governor Ron DeSantis signed into law a bill prohibiting minors under the age of 14 from having accounts on social media platforms.…
U.S. and UK Sign AI Safety Memorandum of Understanding
On April 1, 2024, the U.S. and UK signed a Memorandum of Understanding that details how the U.S. and UK will work together to develop tests for advanced AI models.…
FTC Denies Parental Consent Application Pending NIST Report
On March 29, 2024, the Federal Trade Commission announced its decision to deny, without prejudice, an application for approval of a “Privacy-Protective Facial Age Estimation” mechanism for obtaining parental consent under COPPA.…
U.S. Cybersecurity and Infrastructure Agency Releases Proposed Rules on Breach Reporting Requirements
On March 27, 2024, the U.S. Cybersecurity and Infrastructure Agency released an unpublished Notice of Proposed Rulemaking (“NPRM”) pursuant that would require covered entities to report (1) qualifying cyber incidents, (2) ransom payments made in response to a ransomware attack,…
CNIL Publishes Latest Edition of Its Practice Guide for the Security of Personal Data
On March 26, 2024, the CNIL published the 2024 edition of its Practice Guide for the Security of Personal Data, which is intended to support organizations in their efforts to implement adequate security measures in compliance with their security obligations…