On August 5, 2024, Illinois Governor J.B. Pritzker signed into law SB 2979, significantly amending the state’s Biometric Information Privacy Act (BIPA). This update represents a considerable decrease in the potential for exorbitant financial liabilities for businesses that engage with biometric data while still maintaining the statute’s robust protections for individuals’ biometric data. The
Privacy
A Comparison of AI Regulatory Frameworks
CFPB Issues New Rule for Recognizing Open Banking Standards
The Consumer Financial Protection Bureau (CFPB) has launched the process for independent standard-setting bodies to receive formal recognition, as part of its efforts to shift towards open banking in the United States.
On June 5, 2024, the CFPB finalized a rule outlining the minimum attributes that standard-setting bodies must exhibit to issue standards in compliance…
Minnesota Legislature Sends Privacy Bill to Governor
Minnesota becomes the latest state to move to pass legislation regulating the processing and controlling of personal data (HF 4757 / SF 4782). If signed into law by Governor Tim Walz, the Minnesota Consumer Data Privacy Act, or MCDPA, would go into effect on July 31, 2025 and provide various consumer data privacy…
Colorado Passes AI Regulation
Colorado has become the first state to pass legislation (SB24-205) regulating the use of artificial intelligence (AI) within the United States. This legislation is designed to address the influence and implications, ethically, legally, and socially, of AI technology across various sectors.
Any person doing business in Colorado, including developers or deployers of high-risk…
Webinar Recording – Your Data, My Headache: Consumer Health Data Laws
43 AGs Urge FTC to Update Child Online Privacy Rules
On March 7, 2024, a bipartisan coalition of 43 state attorneys general sent to the Federal Trade Commission (“FTC”) a letter urging the FTC to update the regulations (“COPPA Rules”) implementing the Children’s Online Privacy Protection Act (“COPPA”).
Through regulations known as the “COPPA Rule,” state attorneys general are authorized to bring actions as parens…
California Attorney General Announces Settlement with DoorDash for CCPA and CalOPPA Violations
On February 21st, the California Attorney General (AG) Rob Bonta announced a settlement with DoorDash for violations of the California Consumer Privacy Act (CCPA) and the California Online Privacy Protection Act (CalOPPA) relating to its participation in a marketing co-operative. This action represents only the second public enforcement action since the CCPA went into effect…
Connecticut AG Issues Report to General Assembly on CTDPA
On February 1, 2024, the Connecticut Office of the Attorney General (“OAG”) submitted to the Connecticut General Assembly its report on the first six months of the Connecticut Data Privacy Act (“CTDPA”). While the report includes important information about its enforcement efforts to date, the most noteworthy aspect may be its recommendation to the legislature…
Webinar Recording – Financial Services 2024 Privacy and Cybersecurity Preview
In this month’s webcast, “Financial Services 2024 Privacy and Cybersecurity Preview,” Greg Szewczyk and Sarah Dannecker give an overview of how the privacy and cybersecurity landscape is evolving in the financial sector. From more specific data security reporting requirements to potential data subject rights to the use of artificial intelligence, the members of Ballard…