On April 4, 2024, Kentucky became the fifteenth state to enact a comprehensive data privacy law, with Governor Andy Beshear signing the Kentucky Consumer Data Protection Act (KCDPA) into law. The Kentucky law will go into...more
6/3/2024
/ Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
Fair Credit Reporting Act (FCRA) ,
FERPA ,
General Data Protection Regulation (GDPR) ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Opt-In ,
Popular ,
Right of Access ,
Sensitive Personal Information ,
State Data Privacy Laws
On May 15, 2024, the Senate AI Working Group—Senate Majority Leader Chuck Schumer (D-NY) and Sens. Mike Rounds (R-SD), Todd Young (R-IN), and Martin Heinrich (D-NM)—issued their long-anticipated Roadmap for Artificial...more
5/17/2024
/ Artificial Intelligence ,
Cybersecurity ,
Data Privacy ,
Financial Services Industry ,
Fraud ,
General Elections ,
Healthcare ,
Innovation ,
Intellectual Property Protection ,
Investment ,
Machine Learning ,
National Security ,
NIST ,
Policies and Procedures ,
Proposed Legislation ,
Research and Development ,
Risk Mitigation
In September 2023, Delaware became the seventh state in 2023 to enact comprehensive privacy law with the Delaware Personal Data Privacy Act (DPDPA), joining Indiana, Iowa, Montana, Oregon, Tennessee and Texas. The DPDPA will...more
5/14/2024
/ Consumer Privacy Rights ,
Covered Entities ,
Data Privacy ,
Data Protection ,
Data Protection Acts ,
Data Security ,
EU ,
Exemptions ,
General Data Protection Regulation (GDPR) ,
Legislative Agendas ,
New Legislation ,
Personal Data ,
Privacy Laws ,
Regulatory Requirements ,
State and Local Government ,
State Privacy Laws
Effective May 1, 2024, companies must face new artificial intelligence (AI) disclosure requirements in Utah. The Utah AI Policy Act (AI Act) amends the Utah Consumer Privacy Act (UCPA) and Utah Consumer Sales Practices Act...more
Key Points - On Sunday, April 7, Senate Commerce Committee Chair Maria Cantwell (D-WA) and House Energy and Commerce (E&C) Committee Chair Cathy McMorris Rodgers (R-WA) struck a deal on a comprehensive federal bill, the...more
Welcome to the March edition of Akin Intelligence. This month, the EU AI Act was approved by the European Parliament, moving one step closer to becoming the first major AI law. In the U.S., the DOJ brought criminal charges...more
4/10/2024
/ Artificial Intelligence ,
Biden Administration ,
Commercial Litigation ,
Copyright ,
Corporate Governance ,
Cybersecurity ,
Data Privacy ,
Data Security ,
EU ,
Executive Orders ,
Healthcare ,
Innovative Technology ,
Intellectual Property Protection ,
Legislative Agendas ,
Life Sciences ,
Machine Learning ,
National Security ,
Regulatory Agenda ,
Regulatory Reform ,
Regulatory Requirements ,
State and Local Government ,
Technology Sector ,
UK
On February 9, 2024, California’s Third District Court of Appeals ruled that the California Privacy Protection Agency (CPPA) may begin enforcing its finalized data privacy regulations immediately, overturning the lower...more
On October 30, 2023, the Biden administration released a far-reaching executive order (EO) on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (AI). The EO issues directives related to the use...more
12/4/2023
/ Artificial Intelligence ,
Biden Administration ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Security ,
Executive Orders ,
Legislative Agendas ,
Machine Learning ,
National Security ,
New Legislation ,
NIST ,
Personal Information ,
Popular ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Reform ,
Regulatory Requirements ,
Risk Management ,
Technology Sector
On July 31, 2023, the California Privacy Protection Agency (CPPA) announced an enforcement review of the data privacy practices of connected vehicle (CV) manufacturers and technologies. This marks the first time the state’s...more
On August 7, 2023, the Commissioner of Data Protection of the Dubai International Financial Centre (the DIFC), a financial free-zone in the United Arab Emirates, issued the first adequacy decision regarding the California...more
8/18/2023
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Dubai ,
Information Governance ,
International Data Transfers ,
Personal Data ,
United Arab Emirates (UAE)
On May 11, 2023, Tennessee joined the rapidly growing ranks of U.S. states to enact a comprehensive data privacy law as Gov. Bill Lee (R-TN) signed the Tennessee Information Protection Act (TIPA) into law. Taking effect July...more
In a policy statement released on May 18, 2023, the Federal Trade Commission (FTC) warned of several consumer data privacy risks related to the increasing commercial use of biometrics technologies. The Commission unanimously...more
On June 18, 2023, Texas enacted the Texas Data Privacy and Security Act (TDPSA), joining the rapidly growing list of U.S. states with comprehensive data privacy laws.1 The statute will take effect on July 1, 2024, except for...more
As state-level data protection legislation steadily expands, one of the country’s early comprehensive privacy laws to be enacted, the Connecticut Data Privacy Act (CTDPA), will take effect on July 1, 2023. The CTDPA imposes...more
Key Points -
The FCC has launched a new “Privacy and Data Protection” Task Force to coordinate rulemaking and enforcement across the agency.
Chairwoman Rosenworcel called on her fellow Commissioners to finalize...more
On May 4, 2023, an Idaho federal judge ruled that the Federal Trade Commission (FTC) needs stronger assertions of consumer harm in order for its data privacy suit against data broker/mobile analytics provider Kochava Inc....more
On April 27, 2023, Washington Governor Jay Inslee signed the My Health My Data Act (the “Act”) into law, establishing new limits on the collection, use and sharing of “consumer health data” and creating numerous compliance...more
The Illinois Supreme Court issued a pair of decisions related to the Illinois Biometric Information Privacy Act (BIPA) that continue to ratchet up compliance pressure on businesses. On February 17, 2023, the Illinois Supreme...more
On March 29, 2023, Iowa Gov. Kim Reynolds signed into law Senate File 262, the Iowa Act Relating to Consumer Data Protection (ICDPA). Taking effect nearly two years from now on January 1, 2025, the ICDPA makes Iowa the sixth...more
The U.S. Department of Health and Human Services (HHS) continues to play a central role in helping health care organizations defend against cybersecurity threats, issuing cybersecurity briefs and a new cybersecurity framework...more
On March 15, 2023, the Colorado Attorney General (AG) finalized its set of regulations implementing the Colorado Privacy Act (CPA) – the Colorado Privacy Act Rules (“Colorado Rules”). The Colorado Rules clarify and expand...more
On April 19, 2023, the New York Attorney General (AG) published “Protecting Consumer’s Personal Information: Tips for Businesses to Keep Data Safe and Secure,” outlining data security best practices based on the AG’s...more
On March 30, 2023, the California Privacy Protection Agency (CPPA) announced that the California Office of Administrative Law (OAL) has approved the CPPA’s regulations and filed them with the Secretary of State, completing...more
Growing regulatory action to combat so-called “dark patterns” used in web design to influence consumer choice has resulted in hundreds of millions of dollars in fines, and promises to continue to be an area of enforcement in...more
The National Institute for Standards and Technology (NIST) recently unveiled the first version of its Artificial Intelligence Risk Management Framework (AI RMF 1.0, or “Framework”). This highly anticipated and detailed...more