On April 4, 2024, the Kentucky Governor Andy Brashear signed HB 15, enacting the Kentucky Consumer Data Protection Act (“KCDPA” or the “Act”), to make Kentucky the 15th US state to adopt a comprehensive privacy law. Kentucky joins New Hampshire and New Jersey in a trifecta of states that have enacted privacy legislation in the opening months of 2024. In the days since the KCDPA’s signing, the consumer privacy stakes have been raised, with the…
Background On February 28, 2024, California State Senator Dave Min proposed Senate Bill (SB) 1394, a new measure aimed at preventing vehicular data from being used to perpetuate domestic violence. Under the proposal, automobile manufacturers would be required to disable access to remote vehicle technologies upon the request of a victim of domestic violence. The bill arrives amid increasing reports of incidents of domestic abusers exploiting vehicular location tracking features to stalk and harass victims…
In brief Surrounded by an improbable retinue of country music stars and state lawmakers, on March 21, 2024 Tennessee Governor Bill Lee signed HB 2091, which amends the state’s right of publicity statute to create the Ensuring Likeness, Voice, and Image Security Act of 2024 (the “ELVIS Act”). The ELVIS Act is billed as the first law to protect “songwriters, performers, and music industry professionals’ voice from the misuse of artificial intelligence.” The ELVIS Act…
On February 8, 2024, the Federal Communications Commission (FCC) unanimously adopted a declaratory ruling deeming telephone calls using AI-generated voices subject to Telephone Consumer Protection Act (TCPA) restrictions on calls containing an “artificial or prerecorded voice”. According to the ruling, § 227 of the TCPA, which prohibits the initiation of “any telephone call to any residential telephone line using an artificial or pre-recorded voice to deliver a message without the prior express consent of the…
It would be an understatement to say that generative AI is taking the business world by storm. Companies are racing to find ways to integrate AI into their daily processes, and software companies are no exception. Generative AI has demonstrated a high level of compatibility with day to day software development tasks, especially those processes that are more routine. CEOs of some of the biggest tech companies in the world have even expressed that junior…
On January 18, 2024, the New Hampshire legislature passed SB255, making the Granite State the 14th US state to pass a consumer privacy law—and the second state to do so in January. Following enrolment—a formality to excise clerical errors—the bill will move to Governor Chris Sununu’s desk for final enactment. If it becomes law, SB255 will go into effect on January 1, 2025, giving businesses less than one year to ensure compliance with the new…
28 January 2024 is Data Protection Day (or Data Privacy Day outside of Europe), which marks the anniversary of the Council of Europe’s Convention 108. Data Privacy Day encourages the global community to think about the importance of respecting privacy, safeguarding data, and enabling trust. In an increasingly connected and digitized world, where data protection, privacy and cybersecurity regulation are rapidly evolving, the work of the global data community is more vital, and more challenging,…
Sending a clear message, the Federal Trade Commission (FTC) announced the settlement of two separate enforcement actions against data brokers for selling precise location data that may be used to reveal sensitive information. On January 9, the FTC settled with Outlogic, LLC (formerly X-Mode Social) over allegations that it failed to obtain meaningful consent from consumers before collecting and selling data that could be used to track visits to sensitive locations like clinics and places of…
New Jersey is the 13th US State to Pass Comprehensive Consumer Privacy Legislation Consistent with our prediction that 2024 will bring a significant crop of new state consumer privacy laws, the New Jersey legislature recently became the 13th state to pass a comprehensive privacy statute. On January 8—the final day of its 2022-2023 legislative session—the Senate passed bill S332. Once enacted—either with Governor Phil Murphy signing the bill or after 45 days if he takes…
On December 21, 2023 the Federal Communications Commission (FCC) issued updates to its Data Breach Notification Rule, which applies to telecommunications carriers, as well as to voice over internet protocol (VoIP) and telecommunications relay service (TRS) providers. The updated Data Breach Notification Rule marks the most significant changes to the Rule since its adoption 16 years ago and modernizes the FCC requirements by bringing them more closely in line with other breach reporting obligations. The…