New Hampshire’s governor has signed into law the second state comprehensive privacy law of 2024. The law takes effect on January 1, 2025 – the same day as Iowa and Delaware (with New Jersey going into effect two weeks later).
Eye On Privacy
Timely Updates and Analysis on Privacy and Cybersecurity Issues
Latest from Eye On Privacy
ICO Has Concerns Over Facial Recognition Use
Earlier this month the UK privacy office put a stop to several related entities’ use of facial recognition technologies and fingerprint monitors for their employees. The UK Information Commissioner’s Office found that the companies were using the tools to monitor…
Out in the Open: HHS’s New AI Transparency Rule
The Department of Health & Human Services through the Office of the National Coordinator for Health Information Technology recently updated the process for certification of health information technology. Some of the modifications are intended to address use of artificial intelligence…
FTC Seeks Comments on AI Impersonation Rules
Earlier this month, accompanying an update to a rule prohibiting the impersonation of businesses and governments, the FTC sought comments on extending the rule to prohibit impersonation of individuals. The agency indicated that it is considering expanding the rule as…
Sheppard Mullin Creates Privacy Law Resource Center
Sheppard Mullin is pleased to announce the creation of its new Privacy Law Resource Center to help companies navigate the increasing complexity of privacy and data security laws. We know that companies are struggling to keep track of and address…
The Landscape of GIPA Litigation in Illinois
Class action litigation has exploded in cases involving violations of Illinois’ Biometric Information Privacy Act (“BIPA”). Less known and litigated is Illinois’s Genetic Information Privacy Act (“GIPA”) – enacted in 1998. But recent trends may portend an increase in GIPA filings…
NIST Expands Cybersecurity Framework with Release of Version 2.0
In its first major overhaul since 2014, the National Institute of Standards and Technology (NIST) updated its Cybersecurity Framework (CSF) on February 26, 2024. The updated 27-page CSF version 2.0 builds on version 1.1 and provides guidance to industry, government…
DPA 101: Do You Know Where Your Data Is?
As more and more states enact laws that mirror aspects of GDPR, and as companies begin to get used to the EU’s new standard contractual clauses, now may be a good opportunity for a refresh on data sharing agreements. As…
AI-Generated Voice Calls: New Tech, Old Rules
The FCC reminded companies this month that calls containing “artificial or prerecorded voices” are regulated by TCPA. And, that the FCC considers AI-generated voices to be just the kind of “artificial” that fall within the TCPA’s regulations. This announcement was…
EDPB Provides Guidance on Determining Primary Supervisory Authority
This month the EDPB shed light on the question of lead supervisory authorities. The issue arose in response to a question late last month from the French supervisory authority. Some background. As most international organizations are aware, GDPR provides for…