Ireland’s DPC Issues Employee Data Protection Guidance
Ireland’s Data Protection Commission announced fresh employer guidance on handling the data of current, former and prospective employees. The DPC said the guidance is aimed at standard data collection, including employees’ names and contact information, but added employers need to also consider nontraditional data like “information on occupational health, sick leave, performance reviews or disciplinary actions.” The guidance also includes guidelines for employee monitoring and tracking.
White House Takes Aim at AI Risk Mitigation
U.S. President Joe Biden announced a series of actions to “further promote responsible American innovation in artificial intelligence and protect people’s rights and safety.” The administration said the U.S. National Science Foundation will allocate $140 million to fund seven new National AI Research Institutes. Additionally, the White House will conduct evaluations of generative AI systems independent from providers while federal agencies will be “leading by example on mitigating AI risks and harnessing AI opportunities.” Biden also met with Alphabet, Anthropic, Microsoft and OpenAI to “emphasize the importance of driving responsible, trustworthy, and ethical innovation with safeguards.”
US Senators Reintroduce COPPA 2.0
U.S. Senators Bill Cassidy and Ed Markey reintroduced the Children and Teens’ Online Privacy Protection Act 2.0, which they said updates online privacy protections for children and teens for the 21st century. The bill prohibits internet companies from collecting personal data of users aged 13-16 without consent, bans targeted advertising to children and teens, covers platforms “reasonably likely to be used” by children, and establishes a “Digital Marketing Bill of Rights for Teens” as well as a Youth Marketing and Privacy Division at the U.S. Federal Trade Commission.
Florida Lawmakers Pass Privacy Bill
Florida lawmakers passed Senate Bill 262, legislation that would give consumers access to information collected about them by companies and the right to have some data deleted. If signed by Gov. Ron DeSantis, it would also require companies to allow consumers to opt out of targeted ads based on non-pseudonymous data but does not require opt-outs for targeted ads based on pseudonymous data. Consumer Reports said the bill applies “to only the very largest tech companies” and would “leave Florida consumers’ personal information unprotected in a wide variety of contexts.”
Texas Legislature Finalizes Comprehensive Privacy Bill
The Texas Legislature signed off on the final text for a proposed comprehensive privacy bill, HB 4, following a resolution struck between chambers in a conference committee. The bill carries unique applicability standards and requires covered entities to honor universal opt-out signals, perform data protection assessments and establish data processing agreements. The law’s effective date is July 1st, 2024. Following approval by the Texas House and Senate, Gov. Greg Abbott, R-Texas, has 10 days upon transmission to act on the bill, with a definitive veto the only way it will not become a law.
US Intelligence Community Presses for FISA Section 702 Reauthorization
Officials from U.S. intelligence agencies backed the reauthorization of Section 702 of the Foreign Intelligence Surveillance Act ahead of a U.S. Senate subcommittee hearing Tuesday. One official characterized a potential lapse or “unusable” modifications to Section 702 as “grave national security risks.” The support for full reauthorization came as 21 advocacy groups joined on a letter urging reform of Section 702. Meanwhile, the Office of the Director of National Intelligence issued a report regarding purchases of commercially available personal information by the U.S. intelligence community.
Nigerian President Approves Data Protection Bill
President Bola Tinubu signed the Nigeria Data Protection Bill, 2023 into law June 14th, ITEdge Nigeria reports. The law creates the Nigeria Data Protection Commission headed by a national commissioner tasked with regulating how entities process personal information. One of the mandates the NDPC is assigned includes facilitating “the development of personal data protection technologies, in accordance with recognized international good practices.”
State Attorneys General Call for Federal AI Regulation
Twenty-three U.S. state attorneys general, including California Attorney General Rob Bonta, wrote the U.S. National Telecommunications and Information Administration urging action on artificial intelligence policies. The attorneys general proposed the NTIA consider “independent standards for AI transparency, testing, assessments, and audits” while allowing states “concurrent enforcement authority” in a federal AI regulatory regime.
Texas’ Comprehensive Privacy Bill Signed Into Law
Governor Greg Abbott, signed HB 4, the Texas Data and Privacy Security Act, into law on June 18th. The majority of the law takes force on July 1st 2024 while provisions for recognition of universal opt-out mechanisms take effect on January 1st, 2025. “Our goal from the onset was to maximize the utility of consumers’ rights and minimize the compliance costs for businesses,” said State Representative Giovanni Capriglione.
US Senator Schumer Introduces SAFE Innovation Framework
U.S. Senator Chuck Schumer is attempting to rally his colleagues around a new initiative. Schumer introduced his base plan for AI regulation that involves a new legislative process for arriving at the strongest and most balanced rules possible. Speaking at the Center for Strategic and International Studies, Schumer unveiled a two-part strategy to move us forward on AI with one part framework, one part process. The former component of the strategy is the “Securities, Accountability, Foundations, Explain and Innovation Framework,” which Schumer characterized in a formal outline as “a policy response that invests in American ingenuity” and “ensures AI is developed and deployed in a responsible and transparent manner.”
New Zealand Privacy Commissioner Asks for Submissions for Draft Data Product Bill
New Zealand Privacy Commissioner Michael Webster is encouraging citizens to weigh in on the draft Data Product Bill, which creates a consumer data right. If passed, the bill would make it easier for individuals to share their information with trusted businesses once the individual has given their explicit consent.