Class Action Lawsuits Filed Against Major Companies Over Data Breaches

Consumers have initiated class action lawsuits against AT&T, Change Healthcare, GardaWorld, SouthState Bank, WellNow Urgent Care, The Aspen Group, Golden Corral, and American Vision Partners for alleged data breaches. These lawsuits claim the companies failed to prevent consumer data exposure, resulting in compromised personal and private information. Filed in U.S. federal courts, the lawsuits assert negligence in safeguarding data, with allegations ranging from inadequate cybersecurity measures to delayed notification of breaches. These legal actions highlight growing concerns over data protection and cybersecurity practices across various industries. Read more

General Motors Accused of Covertly Tracking Driver Data Without Consent

General Motors has been found to collect and sell data on drivers' behavior to insurance companies without informing the vehicle owners, affecting their insurance premiums. A reporter, after purchasing a Chevrolet Bolt, discovered their driving data had been shared with risk-profiling companies LexisNexis and Verisk without consent. Despite not enrolling in GM's OnStar Smart Driver service, it was later revealed that their vehicle was erroneously signed up due to a bug. Following backlash and lawsuits, GM discontinued the Smart Driver program and stopped sharing data with the mentioned companies. New internal policies and the hiring of a chief trust and privacy officer indicate GM’s shift towards enhancing customer trust and privacy. Read more

Connecticut passes its AI bill over Lamont’s objections

In a significant move, the Senate Democratic majority in Connecticut passed a bill focused on establishing state standards for artificial intelligence development and usage. The bill, which passed with a vote of 24-12 against party lines, aims to position Connecticut as a leader in setting AI regulations. Governor Ned Lamont had expressed reservations, suggesting the matter might be better handled at a federal or multi-state level, and voiced concerns about the bill’s potential negative impact on economic development. Despite adjustments made to the bill, it did not align sufficiently with the governor's concerns, leading to a rare public disagreement within the party. The bill now awaits further consideration in the House, where its future remains uncertain. Read more

CPPA Sets Schedule for Pre-Rulemaking Stakeholder Sessions on Privacy Regulations

The California Privacy Protection Agency (CPPA) will conduct three pre-rulemaking sessions across the state to introduce and gather feedback on proposed regulations regarding automated decision-making technology, risk assessments, and cybersecurity audits. These sessions are intended to inform the public and collect preliminary input prior to the commencement of the formal rulemaking process, which is expected to start later this year. The CPPA aims to clarify the contents of the draft regulations, answer questions, and explain participation methods during the forthcoming official comment period. Events are scheduled for May 13, 15, and 22 in Los Angeles, Fresno, and Sacramento, respectively, with the Sacramento session offering both in-person and virtual attendance options. Read more

Google Extends Timeline for Third-Party Cookie Phasing Out

Google announces yet another delay in the phasing out of third-party cookies in Chrome, citing ongoing industry feedback and the need for more time for regulatory review. Originally slated for the second half of Q4, the timeline now extends indefinitely, with hopes pinned on 2025. This marks the third postponement since the initial promise in 2020, with concerns from regulators and industry players contributing to the uncertainty. Despite reassurances, doubts persist regarding the feasibility of the deadline, prompting a mixed response from marketers and industry observers. Read more