Privacy & Cyber Regulatory Enforcement

NIST Releases Updated Draft Guidelines regarding AI Use in Identity Systems

September 20, 2024 By Seol Namgoong and Kim Peretti

On August 21, 2024, the National Institution of Standards and Technology (“NIST”) released the second draft of its Digital Identity Guidelines, which provides federal agencies with a framework for identity proofing and authentication of external employees, government contractors, and individuals accessing government information systems and services. Building on the first draft of the guidance, the […]

California Joins the Neural Data Bandwagon

September 12, 2024 By Sara Pullen

On August 31, the California assembly passed SB1223, which amends the CCPA/CPRA to include “neural data” as a type of sensitive data. SB1223, which is likely to become law, defines “neural data” as “information that is generated by measuring the activity of a consumer’s central or peripheral nervous system, and that is not inferred from […]

Department of Justice Intervenes in Cybersecurity Qui Tam Action Against Georgia Tech

August 30, 2024 By Kim Peretti, Andrew Liebler and Andrew Rice

On Thursday, August 22, 2024, the United States Department of Justice (“DOJ”) filed a Complaint-In-Intervention in the case of United States of America ex rel. Christopher Craig and Kyle Koza, v. Georgia Tech Research Corp. and Board of Regents of the University System of Georgia (d/b/a the Georgia Institute of Technology) (United States v. Georgia […]

California Passes Generative AI “Training Transparency” Bill

August 30, 2024 By Daniel Felz, Jennifer Everett and Dorian Simmons

On August 27, 2024, the California state legislature passed Assembly Bill 2013 and sent it to Governor Gavin Newsom for signature. If passed, AB 2013 would require companies that make generative AI systems and services publicly available to Californians to post documentation on their website about the data used to train such AI systems and […]