The California Privacy Protection Agency (CPPA) staff has posted updated draft rules implementing the California Privacy Rights Act (CPRA). The CPPA Board will discuss the updated draft rules during two virtual public meetings on Friday, October 21 and Saturday, October 22. Agency staff and counsel will also be present at these meetings, which could follow
Latest from Inside Privacy - Page 2
Artificial Intelligence & NYC Employers: New York City Seeks Public Comment on Proposed Rules That Would Regulate the Use of AI Tools in the Employment Context
Many employers and employment agencies have turned to artificial intelligence (“AI”) tools to assist them in making better and faster employment decisions, including in the hiring and promotion processes. The use of AI for these purposes has been scrutinized and will now be regulated in New York City. The New York City Department of Consumer
President Biden Signs Executive Order to Implement EU-U.S. Data Privacy Framework
On October 7, 2022, President Biden signed an Executive Order directing the steps that the United States will take to implement its commitments under the new EU-U.S. Data Privacy Framework. The framework was announced by the U.S. and the EU Commission in March 2022, after reaching a political agreement in principle (see our blog post
Colorado Attorney General Releases Draft CPA Rules
On October 10, 2022 the draft rules implementing the Colorado Privacy Act (“CPA”) were officially published in the Colorado Register. Written comments on the draft rules are due by November 7, 2022. The CPA draft rules share some similarities with the draft rules set forth by the California Privacy Protection Agency (“CPPA”) interpreting the California
European Commission Publishes Directive on the Liability of Artificial Intelligence Systems
On September 28, 2022, the European Commission published its long-promised proposal for an AI Liability Directive. The draft Directive is intended to complement the EU AI Act, which the EU’s institutions are still negotiating. In parallel, the European Commission also published its proposal to update the EU’s 1985 Product Liability Directive. If adopted, the proposals
EU Adopts Digital Services Act
On October 4, 2022, the EU adopted the Digital Services Act (“DSA”), which imposes new rules on providers of intermediary services (e.g., cloud services, file-sharing services, search engines, social networks and online marketplaces). The DSA will enter into force on November 16, 2022 — although it will only fully apply as of February 17, 2024.
European Commission publishes its Proposal for a European Media Freedom Act
On September 16, 2022, the European Commission published its Proposal for a European Media Freedom Act (“Proposed MFA”). The Proposed MFA is broadly designed to protect media pluralism and independence in the EU. It does so by setting a common set of rules “for all EU media players,” in particular, providers of “media services.” The
The Digital Markets Act for Privacy Professionals
This post is the first of a series of blog posts about the Digital Markets Act (“DMA”), which was adopted on July 18, 2022, and it deals specifically with those provisions of the DMA that are relevant to organizations’ privacy programs.
White House Releases Blueprint for AI Bill of Rights
On September 4th, the White House Office of Science and Technology Policy (“OSTP”) released its Blueprint for an AI Bill of Rights (“Blueprint”), which identifies five principles to minimize potential harms stemming from certain applications of AI. The Blueprint recognizes the “extraordinary benefits” that AI can provide, and the Blueprint states that harms stemming from
Colorado Attorney General Issues Draft Rules Under the Colorado Privacy Act
The Colorado Department of Law issued draft rules implementing the Colorado Privacy Act. The proposed draft rules will be published in the Colorado Register and available for comment on October 10, 2022.