On March 8, 2024, the California Privacy Protection Agency (“CPPA”) Board voted to advance to formal rulemaking proposed regulations under the California Consumer Privacy Act, as amended, regarding risk assessments, automated decisionmaking technology, and certain updates to existing regulations. The formal rulemaking action will begin when the CPPA publishes a proposed action in the California […]
Artificial Intelligence
NYDFS Releases Circular Letter on Use of AI in Insurance Underwriting and Pricing
On January 17, 2024, the New York State Department of Financial Services (“NYDFS”) issued a proposed circular letter for comment regarding the “Use of Artificial Intelligence Systems and External Consumer Data and Information Sources in Insurance Underwriting and Pricing” (the “Circular Letter”). The Circular Letter details NYDFS’ expectations and guidelines for the use of artificial […]
National Cyber Security Centre Forecasts Upcoming Cyber Threats with AI Use for Attacks
On January 24, 2024, the U.K.’s National Cyber Security Centre (NCSC) released a new report, The near-term impact of AI on the cyber threat, detailing how Artificial Intelligence (AI) will impact the effectiveness of cyber operations for 2025 and beyond. According to the report, threat actors are already using AI in cyber attacks and the […]
Making (Brain) Waves: New Colorado Legislation Poised to Protect Privacy of Neural Data
Neurotechnology, like wearable EEG headbands and invasive brain implants, collects information from electrical nerve impulses and brain waves derived from your brain, spinal cord, or nervous system. This information, or neurodata, is valuable, unique, potentially individually identifiable, and has the potential to provide access to a person’s memories, biases, and intentions. (For more information, see […]
EU’s Highest Court Issues Major AI Decision With Wide-Reaching Impact
On 7 December 2023, the Court of Justice of the European Union (CJEU) issued an important decision on how the GDPR governs AI-assisted decisions. The case arose in the financial services context, with the court holding that the GDPR’s AI rules apply when banks use credit scores to make consumer credit decisions. But, the decision […]