Listen to this post

On May 4, 2023, the Florida Senate and House of Representatives voted in favor of sending the Florida Digital Bill of Rights (“FDBR”) and other amendments related to government moderation of social media and protection of children in online spaces (S.B. 262) to Governor Ron DeSantis for signature. Unlike the other comprehensive state privacy laws that have been enacted, the FDBR applies to a much narrower subset of entities.

Continue Reading Florida Comprehensive State Privacy Law Sent to Governor for Signature
Listen to this post

On May 16, 2023, the French Data Protection Authority (the “CNIL”) announced its action plan on artificial intelligence (the “AI Action Plan”). The AI Action Plan builds on prior work of the CNIL in the field of AI and consists of a series of activities the CNIL will undertake to support the deployment of AI systems that respect the privacy of individuals.

Continue Reading CNIL Publishes Action Plan on AI
Listen to this post

On May 5, 2023, New York Attorney General Letitia James released proposed legislation that seeks to regulate all facets of the cryptocurrency industry. Entitled the “Crypto Regulation, Protection, Transparency, and Oversight (CRPTO) Act,” if enacted the bill would substantially expand New York’s oversight of crypto enterprises conducting business in the Empire State, including as to matters involving privacy and cybersecurity.

Continue Reading New York Attorney General Proposes Crypto Regulation, Protection, Transparency, and Oversight (CRPTO) Act
Listen to this post

On May 4, 2023, the Biden-Harris Administration announced new actions to promote responsible American innovation in artificial intelligence (“AI”). The Administration also met with the CEOs of Alphabet, Anthropic, Microsoft and OpenAI as part of the Administration’s broader, ongoing effort to engage with advocates, companies, researchers, civil right organizations, not-for-profit organizations, communities, international partners, and others on critical AI issues. These efforts build upon the steps the Administration has taken so far, including the Blueprint for an AI Bill of Rights issued by the White House Office of Science and Technology Policy (“OSTP”) and the  AI Risk Management Framework released by the National Institute of Standards and Technology (“NIST”). The Administration is also actively working to address national security concerns raised by AI, especially in critical areas like cybersecurity, biosecurity and safety. 

Continue Reading Biden-Harris Administration Announces New Actions to Promote Responsible Artificial Intelligence Innovation
Listen to this post

On May 11, 2023, at a plenary session, the European Parliament voted to adopt a resolution on the adequacy of the protection afforded by the EU-U.S. Data Privacy Framework (the “Framework”) which calls on the European Commission (the “Commission”) to continue negotiations with its U.S. counterparts with the aim of creating a mechanism that would ensure equivalence and provide the adequate level of protection required by EU data protection law.  The text was adopted with 306 votes in favor, 27 against and 231 abstaining. This resolution follows the draft motion (summary available here) which was published in February 2023 and urged the Commission not to adopt adequacy based on the Framework.

Continue Reading European Parliament Adopts EU-U.S. Data Privacy Framework Resolution
Listen to this post

On May 10, 2023, the Texas Senate passed H.B. 4, also known as the Texas Data Privacy and Security Act (“TDPSA”). The TDPSA now heads to a conference committee between the Texas Senate and House to rectify the differences between the Senate and House versions. If the TDPSA is signed into law, Texas could become the tenth state to enact comprehensive privacy legislation.

Continue Reading Texas Senate Passes Texas Data Privacy and Security Act
Listen to this post

On May 4, 2023, the California Privacy Protection Agency (“CPPA”) Board announced that it will hold a public meeting on May 15, 2023 to discuss California Privacy Rights Act of 2020 (“CPRA”) regulations proposals and priorities, and other CPPA activities.

Continue Reading CPPA Board to Hold Meeting to Discuss CPRA Regulations Proposals and Priorities
Listen to this post

On May 4, 2023, the Court of Justice of the European Union (“CJEU”) issued a judgment in the Österreichische Post case (C-300/21). In the decision, the CJEU clarified that a mere infringement of the EU General Data Protection Regulation (“GDPR”) is not sufficient to give data subjects the right to receive compensation under Article 82 of the GDPR. Article 82 provides that any person who has suffered material or non-material damage as a result of an infringement of this Regulation shall have the right to receive compensation from the controller or processor for the damage suffered.”

Continue Reading CJEU Determines that a Mere Infringement of the GDPR is not Sufficient to Require Compensation
Listen to this post

On April 25, 2023, officials from the Federal Trade Commission, Consumer Financial Protection Bureau (“CFPB”), Department of Justice’s Civil Rights Division (“DOJCRD”) and the Equal Employment Opportunity Commission (“EEOC”) released a Joint Statement on Enforcement Efforts against Discrimination and Bias in Automated Systems (“Statement”), also sometimes referred to as “artificial intelligence” (“AI”).

Continue Reading FTC, DOJ, CFPB and EEOC Release Joint Statement on Enforcement Against Unlawful Use of Automated Systems