As the 2024 elections approach and the window for Congress to consider bipartisan comprehensive artificial intelligence (AI) legislation shrinks, California officials are attempting to guard against a generative AI free-for-all—at least with respect to state government use of the rapidly advancing technology—by becoming the largest state to issue rules for state procurement of AI technologies.
What the Diversity in Faces Litigation Means for Biometric Technologies
In 2020, Illinois residents whose photos were included in the Diversity in Faces dataset brought a series of lawsuits against multiple technology companies, including IBM, Facefirst, Microsoft, Amazon, and Google alleging violations of Illinois’ Biometric Information Privacy Act.[1] In the years since, the cases against IBM and FaceFirst were dismissed at the agreement of
Congress Passes Bill Prohibiting Sharing or Selling Americans’ Sensitive Data to Entities Controlled by Foreign Adversaries
On April 24, 2024, President Biden signed into law H.R. 815, which includes the Protecting Americans’ Data from Foreign Adversaries Act of 2024 (“the Act”), a bill that passed the House 414-0 as H.R. 7520 on March 20. The Act is one of several recent actions by the U.S. government to regulate transfers of
FTC Issues Final Rule to Expand Scope of the Health Breach Notification Rule
On Friday, April 26, 2024, the Federal Trade Commission (“FTC”) voted 3-2 to issue a final rule (the “final rule”) that expands the scope of the Health Breach Notification Rule (“HBNR”) to apply to health apps and similar technologies and broadens what constitutes a breach of security, among other updates. We previously covered the proposed
Changes to the UK investigatory powers regime receive royal assent
On April 25, 2024, the UK’s Investigatory Powers (Amendment) Act 2024 (“IP(A)A”) received royal assent and became law. This law makes the first substantive amendments to the existing Investigatory Powers Act 2016 (“IPA”) since it came into effect, and follows an independent review of the effectiveness of the IPA published in June 2023.
The Maryland Online Data Privacy Act Set to Reshape the State Privacy Legislation Landscape with Stringent Requirements
Last month, the Maryland legislature passed the Maryland Online Data Privacy Act (“MODPA”). Pending Governor’s signature, Maryland will become the latest state to enact comprehensive privacy legislation, joining California, Virginia, Colorado, Connecticut, Utah, Iowa, Indiana, Tennessee, Montana, Oregon, Texas, Florida, Delaware, New
MHRA Outlines New Strategic Approach to Artificial Intelligence
On April 30, 2024, the UK Medicines and Healthcare products Regulatory Agency (“MHRA”) outlined its strategic approach (“Approach”) to artificial intelligence (“AI”). The Approach is a response to the UK Government’s white paper: a pro-innovation approach to AI regulation and subsequent Secretary of State letter of 1 February 2024, and is the culmination of 12
A Closer Look: Recent C.D. Cal. Decision Strengthens Defendants’ Arguments for CAFA Removal
Plaintiffs appear to be increasingly focused on keeping certain types of class actions, including cases brought under the California Invasion of Privacy Act (CIPA), in California state court, likely seeking to take advantage of less rigorous pleading and class certification requirements. Some plaintiffs are even bringing individual claims and affirmatively alleging that less than $75,000
March 2024 Developments Under President Biden’s Cybersecurity Executive Order, National Cybersecurity Strategy, and AI Executive Order
This is part of a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”). The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described the actions taken by various government agencies to implement