On December 5, 2024, the Colorado Department of Law adopted amended rules to the Colorado Privacy Act (CPA).
The DOL had released the first set of the proposed amended rules—which relate to the interpretative guidance and opinion letter process, biometric identifier consent, and additional requirements for the personal data of minors—on September 13, 2024. The
Colorado has become the first state to pass legislation (SB24-205) regulating the use of artificial intelligence (AI) within the United States. This legislation is designed to address the influence and implications, ethically, legally, and socially, of AI technology across various sectors.
Any person doing business in Colorado, including developers or deployers of high-risk
On November 14, 2023, the Colorado Division of Insurance’s AI insurance regulations went into effect. Colorado is now the first state in the nation to adopt regulations specifically aimed at insurance algorithms.
Colorado’s regulation requires life insurance companies to report how they review AI models and use External Consumer Data and Information Sources (ECDIS), which
The Colorado Department of Law (“DoL”) has published a shortlist of potential universal opt-out mechanisms (“UOOMs”). Beginning on July 1, 2024, companies will be required to allow consumers to opt out of the sale of their personal data or use of their personal data for targeted advertising using any UOOMs that are ultimately included in
On March 15, the Colorado Attorney General’s Office finalized the Colorado Privacy Act regulations. The finalized regulations track the draft rules. The rules will go into effect July 1, 2023.
With Colorado joining California as the only other state with rules implementing a comprehensive privacy law, businesses and practitioners have been anxiously watching to see whether a California-compliant privacy policy would also be compliant with the Colorado Privacy Act (“CPA”). And, as the Colorado Attorney General has made clear, interoperability is an important guiding
On December 21, the Colorado Attorney General released a revised draft of the Colorado Privacy Act Rules.
We will be providing in-depth analysis in coming days and weeks, but at first review, the revised rules appear to represent a fine-tuning as opposed to a complete overhaul. Some of these changes – such as additional flexibility
With its draft rules, Colorado has set forth a new model for state privacy laws. While there are many areas that are interoperable with the California model, the Colorado draft rules include important differences, as well as rules on topics that have been notably absent from California’s draft rules. Ballard partners Phil Yannella and Greg
On October 1, 2022, the Colorado Attorney General‘s Office announced that it had submitted the first draft of its Rules implementing the Colorado Privacy Act.
The draft Colorado Rules run only 38 pages long—in notable contrast to the draft California regulations that run 66 pages (albeit in redline). Moreover, the draft Colorado Rules address
Colorado Attorney General Philip Weiser gave his first public comments since April last Thursday at Ballard Spahr LLP’s 2022 Annual Colorado Privacy Summit. In an hour-long fireside chat with Ballard Spahr’s Co-Chair of Privacy and Data Security Greg Szewczyk, AG Weiser discussed the rulemaking process under the Colorado Privacy Act. A recording of the interview