Welcome to the April-May edition of Akin Intelligence. This edition is a double header, covering both months as we prepare for the launch of our new AI Hub—a one-stop resource for AI coverage that will launch soon. Starting...more
6/14/2024
/ Artificial Intelligence ,
Bureau of Industry and Security (BIS) ,
CFTC ,
Department of Homeland Security (DHS) ,
Draft Guidance ,
Executive Orders ,
Federal Trade Commission (FTC) ,
Food and Drug Administration (FDA) ,
Know Your Customers ,
Machine Learning ,
Memorandum of Understanding ,
National Science Foundation ,
NIST ,
OMB ,
Risk Management ,
UK ,
USPTO
In May, the National Institute of Standards and Technology (NIST) issued updated recommendations for security controls for controlled unclassified information (CUI) that is processed, stored or transmitted by nonfederal...more
On April 4, 2024, Kentucky became the fifteenth state to enact a comprehensive data privacy law, with Governor Andy Beshear signing the Kentucky Consumer Data Protection Act (KCDPA) into law. The Kentucky law will go into...more
6/3/2024
/ Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
Fair Credit Reporting Act (FCRA) ,
FERPA ,
General Data Protection Regulation (GDPR) ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Opt-In ,
Popular ,
Right of Access ,
Sensitive Personal Information ,
State Data Privacy Laws
Key Points - Colorado's new Al law creates new obligations for developers and deployers of high-risk artificial intelligence (Al) systems. Similar to the EU Al Act, the law is risk-based and defines a "high-risk" Al system as...more
6/3/2024
/ Artificial Intelligence ,
Automated Decision Systems (ADS) ,
Bias ,
Colorado ,
Compliance ,
Disclosure Requirements ,
Governance Standards ,
High Risk Sectors ,
New Legislation ,
Penalties ,
Reporting Requirements ,
Risk Management ,
Transparency
On May 21, 2024, the European Union finalized the adoption of the groundbreaking EU Artificial Intelligence Act, a comprehensive and sector-agnostic legislation that extends globally. This 420-page Act aims to regulate the...more
6/3/2024
/ Artificial Intelligence ,
Automated Decision Systems (ADS) ,
Biometric Information ,
Code of Conduct ,
Compliance ,
Critical Infrastructure Sectors ,
Enforcement ,
EU ,
European Commission ,
Facial Recognition Technology ,
Information Governance ,
Machine Learning ,
Medical Devices ,
New Legislation ,
OECD ,
Penalties ,
Regulatory Standards ,
Risk Assessment ,
Risk Management ,
Supply Chain ,
Transparency ,
Voting Requirements
Key Points - Colorado’s new AI law creates new obligations for developers and deployers of high-risk artificial intelligence (AI) systems. Similar to the EU AI Act, the law is risk-based and defines a “high-risk” AI system as...more
5/28/2024
/ Algorithms ,
Artificial Intelligence ,
Colorado ,
Consumer Protection Laws ,
Disclosure Requirements ,
Documentation ,
Enforcement ,
EU ,
General Data Protection Regulation (GDPR) ,
Proposed Legislation ,
Risk Assessment ,
Risk Management ,
Transparency ,
Watershed
On 21 May 2024 the Council of the European Union (EU) announced the final approval of the landmark EU Artificial Intelligence Act (AI Act or Act). As previously highlighted (see our December 2023 alert), the AI Act is a first...more
5/24/2024
/ Artificial Intelligence ,
Data Collection ,
Enforcement ,
Ethics ,
EU ,
Facial Recognition Technology ,
Final Rules ,
Information Governance ,
OECD ,
Penalties ,
Risk Management ,
Sensitive Personal Information ,
Supply Chain ,
Transparency
Last week, the Securities and Exchange Commission imposed expanded privacy and cybersecurity obligations on fund managers and sponsors registered with the SEC as investment advisers. While many registered investment advisers...more
5/21/2024
/ Breach Notification Rule ,
Customer Information ,
Cybersecurity ,
Fund Managers ,
Incident Response Plans ,
Investment Adviser ,
Notice Requirements ,
Policies and Procedures ,
Privacy Laws ,
Private Funds ,
Recordkeeping Requirements ,
Regulation S-P ,
Securities and Exchange Commission (SEC) ,
Sponsors
On May 15, 2024, the Senate AI Working Group—Senate Majority Leader Chuck Schumer (D-NY) and Sens. Mike Rounds (R-SD), Todd Young (R-IN), and Martin Heinrich (D-NM)—issued their long-anticipated Roadmap for Artificial...more
5/17/2024
/ Artificial Intelligence ,
Cybersecurity ,
Data Privacy ,
Financial Services Industry ,
Fraud ,
General Elections ,
Healthcare ,
Innovation ,
Intellectual Property Protection ,
Investment ,
Machine Learning ,
National Security ,
NIST ,
Policies and Procedures ,
Proposed Legislation ,
Research and Development ,
Risk Mitigation
In September 2023, Delaware became the seventh state in 2023 to enact comprehensive privacy law with the Delaware Personal Data Privacy Act (DPDPA), joining Indiana, Iowa, Montana, Oregon, Tennessee and Texas. The DPDPA will...more
5/14/2024
/ Consumer Privacy Rights ,
Covered Entities ,
Data Privacy ,
Data Protection ,
Data Protection Acts ,
Data Security ,
EU ,
Exemptions ,
General Data Protection Regulation (GDPR) ,
Legislative Agendas ,
New Legislation ,
Personal Data ,
Privacy Laws ,
Regulatory Requirements ,
State and Local Government ,
State Privacy Laws
Effective May 1, 2024, companies must face new artificial intelligence (AI) disclosure requirements in Utah. The Utah AI Policy Act (AI Act) amends the Utah Consumer Privacy Act (UCPA) and Utah Consumer Sales Practices Act...more
On April 4, 2024, the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) officially published its Notice of Proposed Rulemaking (NPRM) detailing significant new cybersecurity...more
4/24/2024
/ Critical Infrastructure Sectors ,
Cyber Threats ,
Cybersecurity ,
Data Security ,
Department of Defense (DOD) ,
Department of Homeland Security (DHS) ,
Enforcement ,
Extortion ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Incident Response Plans ,
Notice of Proposed Rulemaking (NOPR) ,
Ransomware ,
Reporting Requirements
On April 12, 2024, the U.S. Supreme Court issued an important decision in the case of Macquarie Infrastructure Corp. v. Moab Partners, L.P., No. 22-1165. Justice Sotomayor, writing for a unanimous Court, ruled that “pure...more
Key Points - On Sunday, April 7, Senate Commerce Committee Chair Maria Cantwell (D-WA) and House Energy and Commerce (E&C) Committee Chair Cathy McMorris Rodgers (R-WA) struck a deal on a comprehensive federal bill, the...more
Welcome to the March edition of Akin Intelligence. This month, the EU AI Act was approved by the European Parliament, moving one step closer to becoming the first major AI law. In the U.S., the DOJ brought criminal charges...more
4/10/2024
/ Artificial Intelligence ,
Biden Administration ,
Commercial Litigation ,
Copyright ,
Corporate Governance ,
Cybersecurity ,
Data Privacy ,
Data Security ,
EU ,
Executive Orders ,
Healthcare ,
Innovative Technology ,
Intellectual Property Protection ,
Legislative Agendas ,
Life Sciences ,
Machine Learning ,
National Security ,
Regulatory Agenda ,
Regulatory Reform ,
Regulatory Requirements ,
State and Local Government ,
Technology Sector ,
UK
On March 12, 2024, the Department of Defense (DoD) finalized a rule to open its Defense Industrial Base (DIB) Cybersecurity (CS) Program to all defense contractors who own or operate an unclassified information system that...more
On February 9, 2024, California’s Third District Court of Appeals ruled that the California Privacy Protection Agency (CPPA) may begin enforcing its finalized data privacy regulations immediately, overturning the lower...more
Beginning May 11, 2024, non-banking financial institutions regulated by the Federal Trade Commission (FTC) will be required to submit notifications of data breaches or other security events that impact 500+ consumers. The FTC...more
On January 16, 2024, New Jersey became the first state to enact a comprehensive data privacy law in the new year, with Gov. Phil Murphy (D-NJ) signing the New Jersey Privacy Act (NJPA) (SB 332) into law. The New Jersey law...more
2/14/2024
/ Confidential Information ,
Consent ,
Data Collection ,
Data Protection ,
Data Security ,
DPPA ,
EU ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Minors ,
New Jersey ,
Opt-In ,
Opt-Outs ,
Sensitive Personal Information ,
State Privacy Laws ,
Subcontractors
On January 18, 2024, the Federal Trade Commission (FTC) discussed its long-anticipated proposed changes for the Children’s Online Privacy Protection Rule (COPPA) in an open meeting. Released in a notice of proposed...more
2/14/2024
/ Biometric Information ,
COPPA ,
Data Retention ,
Data Security ,
Disclosure Requirements ,
Federal Trade Commission (FTC) ,
Minor Children ,
Notice of Proposed Rulemaking (NOPR) ,
Opt-In ,
Personal Information ,
Proposed Rules ,
Third-Party
2024 is shaping up to be a busy year in Washington for telecom, media and technology (TMT) companies. A number of notable topics will require public comment this year, including net neutrality, digital discrimination, data...more
2/9/2024
/ Artificial Intelligence ,
Broadband ,
Consumer Protection Laws ,
FCC ,
Federal Aviation Administration (FAA) ,
NDAA ,
Outer Space ,
Public Comment ,
Regulatory Requirements ,
Spectrum ,
Technology Sector ,
Telecommunications
On February 1, 2024, the Federal Trade Commission (FTC) announced that it had reached a proposed settlement with that would require Blackbaud Inc. (“Blackbaud”) to delete personal data it does not need to retain and upgrade...more
2/7/2024
/ Certifications ,
Cyber Attacks ,
Cyber Incident Reporting ,
Data Deletion ,
Data Management ,
Data Protection ,
Data Retention ,
Data Security ,
Federal Trade Commission (FTC) ,
Personal Data ,
Ransomware ,
Settlement ,
Third-Party
On January 29, 2024, the Department of Commerce’s Bureau of Industry and Security (BIS) issued a proposed rule (the Proposed Rule) that would impose significant know-your-customer (KYC), monitoring and reporting obligations...more
2/2/2024
/ Biden Administration ,
Cloud Service Providers (CSPs) ,
Enforcement ,
Executive Orders ,
Foreign Jurisdictions ,
Infrastructure ,
Know Your Customers ,
Penalties ,
Proposed Rules ,
Reporting Requirements ,
Verification Requirements
Welcome to the January edition of Akin Intelligence. Artificial Intelligence (AI) remains a key area for state and federal legislators in the new year. State executives and legislators continue to propose AI-related...more
1/29/2024
/ Artificial Intelligence ,
Automated Decision Systems (ADS) ,
Biden Administration ,
Cyber Attacks ,
Employment Discrimination ,
Executive Orders ,
FCC ,
Federal Trade Commission (FTC) ,
Machine Learning ,
OMB ,
Request For Information ,
Software Developers ,
Trump Administration
The California Consumer Privacy Protection Agency (CPPA) issued draft rulemaking on automated decision-making technologies as part of its implementing regulations under the California Consumer Privacy Act (as revised, CCPA). ...more