What are the top 5 data privacy concerns for my clients the past couple of months?
Here are some notes I recently compiled for a meeting of Fox Rothschild’s national Privacy Law Practice Group.
Patchwork Paralysis
- How do you address the new laws popping up in Kentucky, Maryland, and Vermont?
- How do you get ready for private right of action in Vermont?
- What are state regulators thinking? Are they looking to each other for enforcement examples? Regulations? Are they considering complaints made by competitors? (Per a recent update at the IAPP Global Privacy Summit, the answers are: “Yes”, “Yes” and “Yes.”)
Federal Privacy Law?
- What should we know about the APRA?
- Is it likely to pass? (State AGs are voting: Floor not ceiling.)
Children’s Information
- New lawsuits are putting edtech companies on notice
- States, including Maryland and Vermont, are passing age appropriate design codes with many new obligations.
- New obligations for under 18’s (not just under 16’s as before)
Health information
- The FTC has been hard at work with two new enforcements.
- The OCR is also not resting with its guidance that applies to online trackers.
AI
- FTC says no carve out for AI.
- Colorado passed the Colorado Artificial Intelligence Act, with a lot of obligations and a focus on algorithmic bias.
- The OMB passes details memo with obligations for state agencies and government contractors.
- Illinois proposes amendment re: employee profiling using AI.