On December 8, 2023, the California Privacy Protection Agency (CPPA) Board discussed a draft of its forthcoming artificial intelligence (AI) regulations on automated decision making technology (ADMT). The proposed regulations, published earlier on November 27, 2023, would impose significant new requirements on businesses subject to the California Consumer Privacy Act (CCPA) that use ADMT for
The Data Advisor
Unique Insights on Privacy and Data Protection Worldwide
Blog Authors
Latest from The Data Advisor
EU Lawmakers Reach Political Agreement on the AI Act
On December 8, 2023, the EU finally agreed on the world’s first comprehensive legal framework on AI: the AI Act. EU lawmakers reached a political agreement on a series of controversial issues after record-long negotiations. They are expected to formally adopt the agreed text within the next couple of months. If adopted, the AI Act…
Weaponization of Data Subject Access Requests in the EU
Individuals are increasingly making use of their right to access their personal data under applicable privacy laws in the EU.
It can be a challenge for companies to handle such requests, and in particular, if a request concerns a complex data set, there are a high number of requests, or the right is exercised for…
10 Things You Should Know About the EU Artificial Intelligence Act
FTC Amends Safeguard Rule with Requirement for Non-Banking Financial Institutions to Report Data Security Breaches
On October 27, 2023, the Federal Trade Commission (FTC) announced it is amending the Safeguards Rule of the Gramm-Leach-Bliley Act (GLBA) to include a requirement for non-bank financial institutions to report certain data breaches and other security events to the agency.…
New Proposed Rules Published for Cyber Incident Reporting and Cybersecurity Requirements Will Have Major Impacts on Federal Contractors
Reflective of the Government’s increasing focus on cybersecurity, on October 3, 2023, the Federal Acquisition Regulation Council (FAR Council) released two new proposed rules that will have major impacts on federal contractors. These rules implement the May 2021 Executive Order on Improving the Nation’s Cybersecurity.1 One rule applies to any federal contractor that uses…
Coalition of States Sues Meta for Alleged Harms to Children and Teens, and Alleged COPPA Violations
On October 24, 2023, a bipartisan coalition of 33 states’ attorneys general filed suit against Meta Platforms, Inc., alleging in a lengthy complaint that Meta’s social media platform features are unsafe and designed to induce young users’ compulsive and extended use.[1] According to the complaint, which is currently heavily redacted, Meta engaged in a…
California Enacts One-Stop Mechanism for Data Broker Deletion Requests
California residents may soon be able to click “backspace” on data brokers doing business in the state. On October 10, 2023, California Governor Gavin Newsom signed Senate Bill 362, colloquially known as the Delete Act, into law. The statute amends the state’s existing data broker registration law and builds on the state’s primary privacy law,…
CFPB Announces Proposed Rules to Accelerate Open Banking
On October 19, 2023, the Consumer Financial Protection Bureau (CFPB) announced its long-awaited proposed rule regulating “Personal Financial Data Rights” (the proposed rule). The proposed rule implements Section 1033 of the Dodd-Frank Act, which provides consumers the right to access and port their financial information between banks and other financial entities. CFPB Director Rohit Chopra …
FTC Seeks Comments on Proposed Rule Requiring Disclosure of Fees in Consumer Goods and Services
Last week, the Federal Trade Commission (FTC) announced a proposed rule that would regulate a broad range of “junk fees” in consumer goods and services, from resort fees associated with travel and lodging, to delivery fees associated with meal and grocery delivery, to convenience fees associated with financial services (the proposed rule). The proposed rule…