If passed, SB-1047, the California Safe and Secure Innovation for Frontier Artificial Intelligence Model Act, would introduce product safety, documentation and reporting obligations on developers of AI systems. Currently awaiting passage in the state Assembly, the bill would be a landmark regulation for the burgeoning AI industry. The law as currently written would mainly target larger AI projects developed by companies with extensive resources, rather than smaller startups. However, operators of data centers would also…
The United States Securities and Exchange Commission surprised the crypto community on May 23, 2024, when it effectively approved the sale of spot Ether Exchange-Traded Funds (ETFs). First, some historical context. In 2013, Gemini founders Tyler and Cameron Winklevoss first sought to launch a Bitcoin ETF. The SEC rejected that application and, for about 10 years, rejected all other applications to list spot Bitcoin ETPs (an Exchange Traded Fund is the most common type of…
In the past year, news coverage on generative artificial intelligence has dominated headlines. Generative AI offers dominant functionality and opportunities to leverage incredibly powerful algorithms to make new content. One area that business leaders and research and development teams may think to use generative AI is in the realm of new inventions. However, while generative AI offers great potential, it also comes with risk. Below, we discuss patent and other IP considerations related to using…
On January 7, 2024, Chinaâs Cyberspace Administration (âCACâ) closed the public consultation period for its new cybersecurity incident reporting rules, which were released in December. If the draft rules are adopted as written, companies would be required to report certain cybersecurity incidents to the relevant Chinese regulator within one hour. The relevant regulator depends on the nature of the IT system compromised, the industry, and other factors and may be the local CAC, the public…
The California Privacy Protection Agency (âCPPAâ) held a public board meeting on December 8, 2023. As discussed in our previous article, the CPPA is in the process of preparing Draft Regulations on Cybersecurity Audits, Risk Assessments and Automated Decision-Making Technology. The Rules Subcommittee provided updates on these regulations, and Board members provided their feedback on the drafts. Key Takeaways Regarding CCPA Cybersecurity Audit Regulations Key Takeaways Regarding CCPA Risk Assessment Regulations Key Takeaways Regarding CCPA…
The Colorado Privacy Act is enforceable since July 1, 2023. Just as the California Attorney General has done through several sweeps (see here and here), the Colorado Attorney General, Phil Weiser, has announced through letters sent to business that enforcement of the Colorado Privacy Act has begun. The initial round of letters are meant to educate businesses on their new obligations, with particular emphasis on the collection and use of sensitive data and related prior…
The Information Commissionerâs Office (ICO) has published an update confirming its plans to cease enforcement of certain breaches of regulation 5A of the Privacy and Electronic Communications Regulations 2003 (PECR) against public electronic communications service providers (CSPs). Regulation 5A PECR requires CSPs to notify the ICO within 24 hours of becoming aware of a personal data breach. The ICO initially published a statement on 20 January 2023 which stated that it had decided to stop…
In recent years, CDA 230 has come under scrutiny for its alleged impact on freedoms of speech, online safety, and misinformation. We describe recent examples of lawmakers and authorities seeking to impose more onerous content moderation restrictions or obligations on digital platforms.
Children now spend a lot of time playing games online, but the gaming industry has received less scrutiny than social media or streaming platforms over privacy concerns. As gaming grows, the scale of user vulnerability increases as well. Many young people do not understand the data risks posed by online games. Luckily, privacy regulators are increasingly focusing efforts toward protecting childrenâs safety and autonomy online. Young people enjoy online games because they allow for play, learning and…
El Parlamento Europeo aprobĂł el 5 de julio el articulado final del Reglamento de Servicios Digitales (DSA) y del Reglamento de Mercados Digitales (DMA). Estas normas regulan la posiciĂłn jurĂdica de proveedores de servicios digitales de intermediaciĂłn (p. e. plataformas como marketplace, motores de bĂșsqueda, redes sociales, servicios de hosting, etc.) y, consecuentemente, afectan tambiĂ©n a todos los demĂĄs players (usuarios y empresas de todos los tamaños) que interactĂșan a travĂ©s de sus servicios.