Top News - U.S. Senate Releases AI Roadmap Prioritizing Innovation and Regulation; Illinois House Passes Amendment to Biometric Privacy Law and more
U.S. Senate Releases AI Roadmap Prioritizing Innovation and Regulation
A U.S. Senate working group unveiled the "Driving U.S. Innovation in Artificial Intelligence" roadmap, emphasizing AI innovation and regulatory guidance. The 31-page document recommends an annual investment of at least $32 billion in AI and suggests examining existing regulations for AI applications. Key proposals include federal privacy law and protections for personal likeness. The roadmap, led by Senate Majority Leader Chuck Schumer and others, aims to stimulate bipartisan AI legislation. It calls for public transparency in AI systems, content provenance in AI products, and safeguarding against unauthorized use of personal data. The roadmap also addresses workforce concerns and recommends the CREATE AI Act to support national AI research. Read more
Vermont Nears Groundbreaking Privacy Law with Private Right of Action
The Vermont General Assembly has passed House Bill 121, introducing a comprehensive privacy framework including a private right of action (PRA). The bill requires data minimization, protects children's and consumer health data, mandates user opt-out mechanisms, and requires data protection assessments. The PRA allows lawsuits against large data holders and data brokers, set to take effect in 2027. The bill is pending review and approval by Governor Phil Scott, with an effective date of July 1, 2025. This legislation marks a significant step for privacy advocates and sets a precedent for other states. Read more
Colorado Legislature Passes Bill on Children's Online Data Privacy
On May 14, 2024, Senate Bill 24-041 on Privacy Protections for Children's Online Data was signed by the Colorado House Speaker and State Senate President. The bill, now awaiting the Governor's signature, aims to amend the Colorado Privacy Act by adding protections for minors' online activities. It applies to data controllers operating in Colorado or targeting Colorado residents and defines minors as individuals under 18. The bill outlines a "heightened risk of harm to minors," including unfair treatment, financial or reputational injury, and unauthorized data disclosures. Data controllers must use reasonable care to mitigate such risks, with a rebuttable presumption in enforcement actions by the Attorney General. Read more
Irish DPC Investigates Dell Data Breaches
Ireland’s Data Protection Commission (DPC) is investigating two recent data breaches involving Dell customer information. Dell notified regulators and affected customers that the breaches exposed the names, physical addresses, phone numbers, email addresses, and order information of EU customers. The breaches were executed by a threat actor named Menelik, who exploited vulnerabilities in two different Dell portals. The DPC, known for enforcing GDPR, is assessing the situation. Companies violating GDPR can face fines of up to 4% of their annual global revenue. Read more
Illinois House Passes Amendment to Biometric Privacy Law
The Illinois House passed legislation to amend the state's biometric privacy law, limiting potential damages. The original 2008 law requires consent for collecting biometric data and allows individuals to sue for violations. The amendment specifies that violations occur only once per instance of data collection without consent instead of each time data is used. The bill passed with an 81-30 vote and now awaits Governor J.B. Pritzker’s decision. This move follows the Illinois Supreme Court’s 2023 suggestion to address excessive damage awards in biometric privacy cases. Read more
Comments