On September 29, 2024, California Governor Gavin Newsom vetoed Senate Bill 1047, which would have enacted the Safe and Secure Innovation for Frontier Artificial Intelligence Models Act (the âActâ) to create a comprehensive regulatory framework for the development of artificial intelligence models. The veto embodies the dilemma that has emerged around the regulation of AI applications: how can laws prevent harms in the use and development of AI, while promoting innovation and harnessing the power…
âNeural dataâ is the newest addition to the ever expanding California Consumer Privacy Act (CCPA). Signed into law on September 28, 2024, SB 1223 amends the CCPA to add âpersonal information that reveals neural dataâ to the categories of personal information that constitute sensitive personal information. It further amends the CCPA to define âneural dataâ as âinformation that is generated by measuring the activity of a consumerâs central or peripheral nervous system, and that is…
In Brief On May 17, 2024 Colorado Governor Polis signed the landmark Colorado AI Act (Senate Bill 24-205) into law. Colorado is now the first US state with comprehensive AI regulation, adopting a classification system like the European Unionâs recent AI Act. The law will take effect February 1, 2026. The law exempts small employers (fewer than fifty full-time employees) from some of its requirements but otherwise requires companies to take extensive measures to protect…
On January 18, 2024, the New Hampshire legislature passed SB255, making the Granite State the 14th US state to pass a consumer privacy lawâand the second state to do so in January. Following enrolmentâa formality to excise clerical errorsâthe bill will move to Governor Chris Sununuâs desk for final enactment. If it becomes law, SB255 will go into effect on January 1, 2025, giving businesses less than one year to ensure compliance with the new…
28 January 2024 is Data Protection Day (or Data Privacy Day outside of Europe), which marks the anniversary of the Council of Europeâs Convention 108. Data Privacy Day encourages the global community to think about the importance of respecting privacy, safeguarding data, and enabling trust. In an increasingly connected and digitized world, where data protection, privacy and cybersecurity regulation are rapidly evolving, the work of the global data community is more vital, and more challenging,…
Sending a clear message, the Federal Trade Commission (FTC) announced the settlement of two separate enforcement actions against data brokers for selling precise location data that may be used to reveal sensitive information. On January 9, the FTC settled with Outlogic, LLC (formerly X-Mode Social) over allegations that it failed to obtain meaningful consent from consumers before collecting and selling data that could be used to track visits to sensitive locations like clinics and places of…
New Jersey is the 13th US State to Pass Comprehensive Consumer Privacy Legislation Consistent with our prediction that 2024 will bring a significant crop of new state consumer privacy laws, the New Jersey legislature recently became the 13th state to pass a comprehensive privacy statute. On January 8âthe final day of its 2022-2023 legislative sessionâthe Senate passed bill S332. Once enactedâeither with Governor Phil Murphy signing the bill or after 45 days if he takes…
On December 21, 2023 the Federal Communications Commission (FCC) issued updates to its Data Breach Notification Rule, which applies to telecommunications carriers, as well as to voice over internet protocol (VoIP) and telecommunications relay service (TRS) providers. The updated Data Breach Notification Rule marks the most significant changes to the Rule since its adoption 16 years ago and modernizes the FCC requirements by bringing them more closely in line with other breach reporting obligations. The…
This past year brought the rapid rise of ChatGPT and other generative AI platforms, accompanied by several noteworthy legal and regulatory developments. 2024 promises to continue with technology advances, making it a pivotal year for businesses navigating global data privacy and cybersecurity risks. Our Baker McKenzie Top 10 predictions for 2024 follow. As is evident, 2024 will be a critical year for global data privacy and cybersecurity. We welcome your thoughts and predictions. Please feel…
On October 30, 2023, President Biden issued a 63-page Executive Order to define the trajectory of artificial intelligence adoption, governance and usage within the United States government. The Executive Order outlines eight guiding principles and priorities for US federal agencies to adhere to as they adopt, govern and use AI. While safety and security are predictably high on the list, so too is a desire to make America a leader in the AI industry including…