Latest Posts
Search for:
Author

Justine Phillips

Browsing
In Artificial Intelligence

Biden’s Wide-Ranging Executive Order on Artificial Intelligence Sets Stage For Regulation, Investment, Oversight and Accountability

by , , , , , , , , , , , , , , , , , , , , , , and 6 Mins Read

On October 30, 2023, President Biden issued a 63-page Executive Order to define the trajectory of artificial intelligence adoption, governance and usage within the United States government. The Executive Order outlines eight guiding principles and priorities for US federal agencies to adhere to as they adopt, govern and use AI. While safety and security are predictably high on the list, so too is a desire to make America a leader in the AI industry including…

In California Privacy Law

United States: California strengthens privacy protections for specific data types concerning citizenship and reproductive healthcare

by , , and 7 Mins Read

In brief On October 8, 2023, California Governor Gavin Newsom signed two bills into law amending the California Consumer Privacy Act (CCPA). AB 947 classifies citizenship and immigration status as “sensitive personal information” subject to special protections under the CCPA, while AB 1194 strengthens reproductive privacy rights. Both bills carried the unanimous endorsement of the California Privacy Protection Agency. Details for each bill are described below followed by actionable guidance businesses can take to prepare…

In California Privacy Law

Key Takeaways from CPPA’s Public Meeting Discussing Risk Assessments and Cybersecurity Audits

by and 3 Mins Read

As we previously covered in a post earlier this month, the California Privacy Protection Agency (“CPPA”) has published draft regulations on risk assessments and cybersecurity audits required by the California Consumer Privacy Act (“CCPA”), as amended by the California Privacy Rights Act (“CPRA”). On September 8, the CPPA held a public board meeting that included discussion of select portions of the regulations. Prior to the meeting, the board circulated copies of the draft regulations for…

In Artificial Intelligence

First Look at California Privacy Protection Agency’s Proposed Regulations on Risk Assessments

by , , and 3 Mins Read

On August 29, 2023, the California Privacy Protection Agency (“CPPA”) published draft regulations on risk assessments and cybersecurity audits required by the California Consumer Privacy Act (“CCPA”), as amended by the California Privacy Rights Act (“CPRA”). The CPPA will discuss the draft regulations at the upcoming public meeting on September 8, 2023. The draft regulations make clear that the CPPA has not yet begun formal rulemaking, and that the draft regulations are “intended to facilitate…

In Artificial Intelligence

Check Yourself Before You Wreck Yourself: New York and Other States Have Big Plans For Employer Use of AI and Other Workplace Monitoring Tools

by , , , , , and 6 Mins Read

New York may soon restrict employers and employment agencies from using fully-automated decision making tools to screen job candidates or make other employment decisions that impact the compensation, benefits, work schedule, performance evaluations, or other terms of employment of employees or independent contractors. Draft Senate Bill 7623, introduced August 4, aims to limit the use of such tools and requires human oversight of certain final decisions regarding hiring, promotion, termination, disciplinary, or compensation decisions. Senate Bill…

In Cybersecurity

SEC Adopts Final Cybersecurity Rules

by , , , , , , , , , , , , , , , , , , , and 8 Mins Read

In brief On July 26, 2023, the U.S. Securities and Exchange Commission (“SEC”) approved the final rules for Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure (“Final Rules”). As previously reported, the SEC first proposed amendments to its rules on disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies on March 9, 2022 (“Proposed Rules”). Similar to the Proposed Rules, the Final Rules, broadly speaking, require (i) issuers to make disclosures…