2023 has seen a flurry of general state privacy laws, with twelve (12) such laws now on the books. The next one to “go live,” on December 31, 2023, is the Utah Consumer Privacy Act (UCPA). With no general federal privacy law in sight, the state privacy landscape continues to get more crowded and challenging
Working with Artificial Intelligence: Privacy Pitfalls (and Opportunities)
As consumer demand for new artificial intelligence (“AI”) tools continues to grow, businesses must be prepared to build tools with “privacy by design” principles in mind, and to remain educated about privacy best practices and risk mitigation strategies when working with AI. The following areas provide the greatest opportunities to manage data privacy risks and…
Executives Personally Sued for Data Privacy Incidents
If you manage a company that collects and otherwise processes personal data (which is just about every company, these days), you may need to protect your own pocketbook. As governments across the globe continue to enact and enforce data privacy, data protection, and cybersecurity laws, data becomes more readily available, and the volume of incidents…
The Current State of General State Privacy Laws
It’s a great time to be a privacy attorney. On October 17, 2022, the California Privacy Protection Agency (CPPA) released the next draft of the regulations under the California Privacy Rights Act of 2020 (CPRA) as well as a document explaining the proposed modifications. Two days of public hearings were recently held on October 21-22…
Is your organization ready for global privacy regulations?
The Internet Society’s Online Trust Alliance (OTA) released a report this week that measured 1200 U.S.-based organizations’ readiness for three major global privacy regulations: the General Data Protection Regulation (GDPR) in the European Union, the California Consumer Privacy Act (CCPA) in the United States that goes into effect January 1, 2020, and the Personal Information…
Email tracking services – are they really worth it?
As illustrated in this recent article in Wired, email tracking services and their counterparts, anti-tracking services, have been rapidly gaining ground on the web; to the point that 40% of all email being sent, and 99% of the majority of the emails you receive (newsletters, marketing materials, notifications and transactional emails) are now being…
The more people interact with AI, the more they like it – but that doesn’t diminish their privacy fears
According to a recent Genpact study:
- Nearly two-thirds of consumers (63%) are worried that Artificial Intelligence is going to make decisions that will impact their lives without their knowledge
- Less than one-third (30%) are at least “fairly comfortable” with the idea of companies using AI to access their personal data
- Almost three-quarters (71%) say
…
PIAs & DETERMINATION OF RISK UNDER GDPR – THE LATEST:
The Article 29 Working Party updated the Guidelines on PIAs and evaluation of risk guidance on October 4, 2017:
CNIL created a PIA Infography to outline the main principles. Keep…
Your Car and GDPR
CNIL, the French DPA, published a new Compliance Pack called “Connected Vehicles: A Compliance Pack for Responsible Data Use” on October 17, 2017. CNIL broke its guidance into three scenarios:
- Personal data remains in the car
- Personal data is transmitted externally to provide a service to the individual
- Personal data is transmitted outside
…
GDPR Data Breach & Profiling Guidelines and last chance to comment!
The Article 29 Working Party published two Guidelines related to GDPR:
Guidelines on Personal data breach notification under Regulation 2016/679, wp250
The Guidelines are open for comments until November, 28, 2017. Comments should be sent to JUST-ARTICLE29WP-SEC@ec.europa.eu and presidenceg29@cnil.fr.