Inside Privacy
Website:
https://www.insideprivacy.com/
Latest from Inside Privacy - Page 3
Singapore Issues Governance and Security Guidance for Agentic AI
As agentic AI systems move from research labs to enterprise workflows, regulators worldwide are grappling with how to address the potential risks these systems may pose (as discussed in prior blog posts here and here). In January 2026, Singapore’s Infocomm Media Development Authority (“IMDA”) launched a non-binding Model AI Governance Framework for Agentic AI…
Spain’s Supervisory Authority Issues New Guidance on AI‑Based Voice Transcription
On April 20, 2026, the Spanish Data Protection Agency (AEPD) has published new guidance on how to comply with the GDPR when using AI‑powered voice transcription tools. The guidance builds on earlier AEPD guidance on this topic from January 2026. This blog post sets out the key takeaways of both guidance documents, which are…
New EDPB Guidelines on the Use of Personal Data in Scientific Research
On April 15, 2026, the European Data Protection Board (EDPB) published draft Guidelines 1/2026 on the processing of personal data for scientific research purposes (Guidelines). The Guidelines are open for public consultation until 25 June 2026. They aim to clarify how the GDPR applies to academic, public‑sector, and commercial research, including research that relies on…
FTC Alleges OkCupid Data Sharing Amounted to a Deceptive Practice
The Federal Trade Commission (FTC) announced a settlement with dating app operator OkCupid and its affiliate Match Group Americas (Match), resolving allegations that the company had violated Section 5 of the FTC Act by sharing users’ personal information with a third party in a manner that was not disclosed in the company’s privacy notice. Specifically,…
FTC Seeks Comment by May 18 on Food Delivery Pricing and Fees
On April 14, 2026, the Federal Trade Commission (“FTC” or “Commission”) announced an Advanced Notice of Proposed Rulemaking (“ANPRM”) seeking public comment on whether a new rule is needed to address fee practices by online food and grocery delivery platforms that may obscure total pricing or impede consumers’ ability to compare prices across services. Comments…
Alabama Enacts Comprehensive Privacy Law
On April 17, 2026, the Governor of Alabama signed HB 351, Alabama Personal Data Protection Act (ALDPA), into law. The law resembles Connecticut’s data privacy statute, but omits certain requirements, such as a data protection impact assessment. Alabama follows Oklahoma as the second state to enact a comprehensive privacy law this year. The law…
Seventh Circuit Holds that BIPA Amendment Applies Retroactively
On April 1, 2026, the Seventh Circuit in Clay v. Union Pacific Railroad Company held that an amendment to the Illinois Biometric Information Privacy Act (BIPA), limiting damages to a per-person basis, applies retroactively to cases pending when the amendment was enacted in 2024. This decision limits the potential statutory damages plaintiffs may obtain for…
Utah and South Dakota Enact Genetic Privacy Laws as Other States Advance Bills
At the state level, genetic privacy remains a fast-moving topic, and states continue to introduce and advance bills regulating genetic data.…
Oklahoma Enacts Comprehensive Privacy Law
The Governor of Oklahoma signed SB 546 into law (OKDPA), which closely tracks the Virginia Consumer Data Protection Act (“VCDPA”). The law will take effect January 1, 2027.
- Scope and Applicability. OKDPA applies to controllers and processors that conduct business in Oklahoma or target Oklahoma residents and annually either (a) process or control the personal
…