Recently, the European Data Protection Board (EDPB) adopted an opinion addressing key data protection concerns arising from the use of Artificial Intelligence (AI) models. The opinion specifically focuses on how GDPR...more
1/3/2025
/ Anonymization ,
Artificial Intelligence ,
Cybersecurity ,
Data Processing Rules ,
Data Processors ,
Data Protection ,
Data Protection Impact Assessments (DPIAs) ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Impact Assessments ,
Personal Data
The New York State Department of Financial Services (NYDFS) and the Attorney General’s office have recently imposed significant fines totalling $11.3 million on Geico and Travelers for data breaches that compromised the...more
12/10/2024
/ Breach Notification Rule ,
Corporate Fines ,
Cybersecurity ,
Data Breach ,
Enforcement Actions ,
Financial Services Industry ,
GEICO ,
Incident Response Plans ,
Insurance Industry ,
NYDFS ,
Personally Identifiable Information ,
Privacy Laws ,
Risk Mitigation ,
Security and Privacy Controls ,
Sensitive Personal Information ,
State Privacy Laws ,
Travelers Property Casualty Co.
This month, an interim report on artificial intelligence in the financial sector was published for public comment. The report was written by the Ministries of Justice and Treasury, the Competition Authority, the Securities...more
11/25/2024
/ Artificial Intelligence ,
Cybersecurity ,
Discrimination ,
Financial Institutions ,
Financial Regulatory Agencies ,
Financial Services Industry ,
Fraud ,
Information Reports ,
Insurance Industry ,
Investment Adviser ,
Israel ,
Portfolio Managers ,
Risk Assessment ,
Risk Mitigation ,
Underwriting
The Israeli Privacy Protection Authority recently published a binding directive addressing the board of director’s responsibilities for the fulfillment of a company’s obligations prescribed in the Privacy Protection...more
The Knesset Constitution, Law, and Justice Committee has approved an amendment to the Israeli Privacy Protection Law (PPL). The amendment proposes extensive changes to the PPL, including granting additional enforcement powers...more
7/23/2024
/ Amended Legislation ,
Consent ,
Consumer Privacy Rights ,
Data Controller ,
Data Processors ,
Data Protection Authority ,
Enforcement ,
Israel ,
Notice Requirements ,
Personal Data ,
Privacy Laws ,
Registration Requirement ,
Sensitive Personal Information
The Dutch Data Protection Authority (AP) has recently issued new guidance on data scraping. The guide highlights the significant legal risks it poses to personal data and the restrictions required under the GDPR....more
On April 7, 2024, a draft of the American Privacy Rights Act was introduced. Bringing forth this bipartisan-supported bill represents a significant step toward privacy regulation in the United States. The proposed act brings...more
5/2/2024
/ California Privacy Rights Act (CPRA) ,
Consent ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Data Protection ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Legislation
The French Data Protection Authority (CNIL) recently imposed a EUR 310,000 fine, representing 1% of its turnover, on FORIOU, a telemarketing company promoting loyalty programs. The fine stemmed from FORIOU’s use of...more
3/27/2024
/ CNIL ,
Corporate Fines ,
Customer-Loyalty Programs ,
Data Brokers ,
Data Collection ,
Enforcement Actions ,
EU ,
France ,
General Data Protection Regulation (GDPR) ,
Personal Data ,
Regulatory Violations ,
Telemarketing ,
Website Design ,
Websites
On March 13, 2024, the European Parliament approved the AI Act regulating the use of artificial intelligence in the Union. This is groundbreaking legislation and the first of its kind in the world, aimed at creating effective...more
A California court recently ruled that enforcement of the California Privacy Protection Act (CPPA/CPRA) regulations should begin immediately, following a stay of enforcement proceedings by the court....more
During 2023, privacy protection and artificial intelligence regulation continued apace and their implications continued to be a major focus in Israel and around the world. In Israel, this was reflected in a number of...more
1/29/2024
/ Artificial Intelligence ,
Cyber Attacks ,
Data Privacy ,
Data Protection ,
Data Security ,
Employee Monitoring ,
Enforcement ,
EU ,
European Economic Area (EEA) ,
Facebook ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Israel ,
New Guidance ,
Privacy Framework ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Authority ,
Remote Working ,
Surveillance ,
TikTok ,
UK GDPR
Examining AI tools: Before deciding to purchase and implement AI tools in an organization, one must consider various aspects, including privacy issues, discrimination, copyright protection, and suppliers and contracts. The...more
The Regional Labor Court in Tel Aviv recently ruled that an employer that installed surveillance cameras in the workplace caused a tangible adverse change in its employee’s employment conditions. The employee resigned from...more
The Israel Police’s use of AI tools was criticized by the District Court recently, in light of the police’s claim that the AI system operates like a “black box” without human supervision or monitoring. The court ruling...more
In September 2023, the UK Online Safety Bill, which seeks to increase online safety and security, particularly child safety when using various online platforms, passed its final parliamentary debate. On October 26, the bill...more
A few days ago, United States President Joe Biden signed the “Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence.” The purpose of the executive order is to determine the US...more
Working from home requires heightened attention to compliance with privacy protection and data security laws. The basis for such compliance, inter alia, is the Israeli Privacy Protection Authority’s guidelines, “Emphases for...more
The Israeli Privacy Protection Authority recently published a draft directive regarding boards of directors’ role in fulfilling obligations pursuant to the Privacy Protection (Data Security) Regulations. The directive states...more