Feb. 5, 2025
Feb. 5, 2025
AI Meets GDPR: EDPB Weighs In on AI Models
Responding to a request from the Irish Data Protection Commission, the European Data Protection Board (EDPB) issued an opinion late last year addressing data protection concerns in the development and deployment of AI models (Opinion). In its densely packed Opinion, the EDPB reviewed whether AI models trained with personal data can be considered anonymous, notably not taking a hard line on the answer, and instead emphasizing the need for a case-by-case assessment. This first article in a two-part series, including insights from Bird & Bird, McDermott Will & Emery, Morrison Foerster and Steptoe, examines the Opinion’s key determinations and their implications for entities subject to the GDPR. Part two will address legal risks and best practices for controllers related to the processing of personal data in the context of AI development and deployment. See “Can GDPR Hinder AI Made in Europe?” (Jul. 10, 2019). Read full article …
California’s Pending Automated Decision-Making Technology Regulations Will Further Focus Consumers’ Attention on AI
Legislators, including in California, had a busy 2024, enacting laws intended to get ahead of some of the negative consequences of widespread use of AI. Several state AGs have been busy issuing AI-related guidance to their residents and businesses as well. In California, less than two weeks into the new year, AG Rob Bonta issued two legal advisories reminding California’s consumers of their rights and reminding businesses that develop or use AI about their legal obligations under California law. Only a few weeks before Bonta issued the advisories, the California Privacy Protection Agency initiated the formal rulemaking process for proposed regulations for insurance, cybersecurity audits, risk assessments and automated decision-making technology. In this guest article, Thompson Coburn partner Luke Sosnicki examines the advisories and proposed regulations, discusses what businesses can expect when the drafts are made final, and offers practical advice to help businesses assess and prepare to comply with the final rules. See “Navigating Ever-Increasing State AI Laws and Regulations” (Jan. 15, 2025). Read full article …
How the 2025 Cybersecurity Executive Order Affects Business
On January 16, 2025, then-President Biden signed Executive Order 14144 on Strengthening and Promoting Innovation in the Nation’s Cybersecurity (EO). It calls for cybersecurity enhancements in government and business and its intent is to use the power of public procurements to encourage businesses to boost precautions. The EO was issued just before the start of the current administration but was not among those revoked by President Trump in his opening days. This article examines the EO with insights from industry, law firms and government. See “Preparing to Comply With the Protecting Americans’ Data From Foreign Adversaries Act” (Jun. 5, 2024). Read full article …
Cybersecurity Partner Joins Nelson Mullins in Washington, D.C.
Nelson Mullins has welcomed Kenya Dixon as a partner in its cybersecurity & data breach response and litigation practices in Washington, D.C. Dixon joins from TechCentrics. Read full article …
Most-Read Articles
-
Jan. 8, 2025
How to Adjust to the FTC’s Crackdown on Sensitive Location Data -
Jan. 8, 2025
Website Privacy Compliance Statistics and Practical Takeaways -
Jan. 15, 2025
Children’s Privacy Grows Up: Examining New Laws That Now Protect Older Teens -
Jan. 15, 2025
Five Steps for Effective Board Oversight on Cybersecurity Breach Response -
Jan. 15, 2025
Navigating Ever-Increasing State AI Laws and Regulations