In a ruling published May, 4, the Federal District Court of Idaho granted defendant data broker Kochava’s motion to dismiss a complaint filed by the Federal Trade Commission (“FTC”). In its complaint, the FTC alleged that Kochava’s sale of precise consumer geolocation data constituted an unfair act or practice in violation of Section 5 of
Webinar Recording – Artificial Intelligence: An Overview of the U.S. and EU Regulatory Landscape
The emergence of tools like ChatGPT has demonstrated the tremendous business potential for artificial intelligence. At the same time, businesses need to be aware of the growing patchwork of laws and regulations in the U.S. and EU governing the development and use of AI. In this webinar, Ballard Spahr privacy & data security lawyers
Utah Poised to Pass Law Restricting Teen Access to Social Media
Utah Governor Spencer Cox is expected to signed SB 152, which was passed by both the House and Senate as of March 13, 2023. With this bill, Utah would join California in passing legislation designed to protect children from online harms. However, unlike the California Age-Appropriate Design Code, the Utah law will provide
Managing Legal Issues From the Use of ChatGPT and Generative AI
The AI application ChatGPT quickly became a household name, but already is morphing into a more advanced version of generative AI. At the same time, Microsoft’s redesigned Bing search engine will soon run on a new, next-generation OpenAI large language model. While these tools have demonstrated that generative AI has tremendous operational and business potential
California Enforcement Sweep Targets Mobile Apps – With a Focus on Honoring “Permission Slip” App
On Friday, January 27, California Attorney General Rob Bonta announced an investigative sweep of businesses that provide mobile apps, issuing warning letters to those that AG Bonta alleges failed to comply with the California Consumer Privacy Act (CCPA). This sweep focused specifically on “popular retail, travel, and food service industry apps” that failed to comply
2023 Privacy and Data Security Preview
2022 proved to be an historic year for privacy and data security. Connecticut and Utah joined the list of states that have now passed comprehensive data privacy laws, bringing the total to five (5) states. For the first time, federal privacy legislation advanced to a House Subcommittee, and though the American Data Privacy and Protection
FTC Requires Data Minimization in Drizly Enforcement Action
In a recent enforcement action against online alcohol delivery service Drizly and its CEO, James Rellas, the Federal Trade Commission (FTC) made clear its focus on data minimization and limitations on the secondary uses of data. Although the action arose out of a common security failure—the sort that has been the subject of numerous prior
CPPA Publishes Updated Draft CPRA Regulations
On October 17, the California Privacy Protection Agency (“CPPA”) published the first revisions to the CPRA regulations. This draft includes an extensive list of proposed changes in advance of the CPPA Board public hearing, scheduled to begin on October 21st. In addition to the newest draft regulations, the CPPA published a
CPRA’s Employee and B2B Exemptions Appear Destined to Sunset
The August 31 closing of the California legislative session likely marked the end of hopes for an extension of the limited exemptions for employee and business-to-business (B2B) data that have existed for the California Consumer Privacy Act (“CCPA”) since its inception. As a result, when the the California Privacy Rights Act (CPRA) goes into effect
New York Restricts Automated Decision Making in Employment
Businesses operating in New York City should be aware of a local law addressing the use of automated employment screening and decision-making tools coming into effect on January 1, 2023. This law applies broadly to employers and employment agencies operating in New York City that target New York City residents using what it refers to