Data Privacy Highlights: May 29
Jodi Daniels
Practical Privacy Advisor / Fractional Privacy Officer / WSJ Best Selling Author / Keynote Speaker
This Week in Data Privacy, we're covering a variety of topics, including...
?? Evolving COPPA: Expanding Protections for Teens?
?? What You Need to Know About the Colorado AI Act
???? California Judge Dismisses Consumer-Privacy Lawsuit Against OpenAI and Microsoft
?? Minnesota Passes Consumer Data Privacy Law
?? NYDFS Issues Cybersecurity Compliance Template for Small Businesses
?? FCC Proposes AI Disclosure in Political Ads
?? Strategies for Minimizing Risks in Vendor Relationships
?? How marketers are adapting to the new realities of data privacy
and...
?? Privacy and Security Defenses for Cloud Software w/ Michael Moore
———
Evolving COPPA: Expanding Protections for Teens
For over 25 years, the Children’s Online Privacy Protection Act (COPPA) has safeguarded U.S. children's data. Despite updates, gaps remain. The FTC proposes COPPA Rule updates, and policymakers like Sen. Ed Markey push for COPPA 2.0 to extend protections to teens. This includes teens' consent for data collection, banning targeted ads, and introducing an "eraser button" for data deletion. Meanwhile, the American Privacy Rights Act (APRA) adds complexity with differing protections.
Read the full article?here .?
What You Need to Know About the Colorado AI Act
This month, Colorado enacted several new privacy and AI laws, including the pioneering Colorado AI Act, a first-of-its-kind cross-sectoral AI governance law covering the public sector. Signed by Gov. Jared Polis, the Act's key provisions take effect in February 2026, though revisions are anticipated. This law addresses high-risk AI systems, focusing on automated decision-making and algorithmic discrimination, and imposes duties on developers and deployers to ensure transparency and accountability. Violations could result in significant penalties, marking a significant step forward in consumer protection.
Read the full article?here .?
California Judge Dismisses Consumer-Privacy Lawsuit Against OpenAI and Microsoft
A California federal judge dismissed a class-action lawsuit alleging OpenAI and Microsoft used stolen personal data to train AI systems like ChatGPT. Judge Chhabria cited the complaint's excessive length and irrelevant content, urging plaintiffs to file an amended version. The plaintiffs' attorney plans to amend concisely. OpenAI and Microsoft haven't commented. The case highlights ongoing concerns over AI and data usage, with other copyright owners also suing tech giants. While acknowledging societal concerns, the judge emphasized the need for legal precision. Stay tuned for updates on this evolving legal landscape.
Read the full article?here .
Minnesota Passes Consumer Data Privacy Law
On May 19, 2024, Minnesota passed the MCDPA, set to be law by July 31, 2025. Apply if you've handled data from over 100,000 Minnesota consumers or 25,000 with 25% revenue from data sales. Exemptions include certain entities like financial institutions. Controllers must ensure data minimization, security, and provide clear privacy notices. Consumers gain rights like data access, correction, deletion, and opt-outs. Sensitive data includes health, biometric, and child info.?
Read the full article?here .
领英推荐
NYDFS Issues Cybersecurity Compliance Template for Small Businesses
The New York State Department of Financial Services (NYDFS) released a compliance template to help small businesses adhere to its cybersecurity regulations. Initially set in 2017 and amended in 2023, these rules mandate financial institutions to enhance risk assessments and governance. The template guides businesses in creating cybersecurity programs, conducting risk assessments, managing third-party provider security, and complying with reporting obligations. It targets entities with fewer than 20 employees or independent contractors, less than $7.5 million in New York revenue, or under $15 million in total assets.
Read the full article?here .
FCC Proposes AI Disclosure in Political Ads
FCC Chair Jessica Rosenworcel seeks to mandate disclosure of AI-generated content in political ads on radio and TV, addressing concerns of misleading information ahead of elections. The proposed rule covers candidate and issue advertisements, requiring both on-air and written disclosures. While the FCC lacks authority over internet and social media ads, it aims to combat deceptive AI use in political communications. The move follows previous actions against misleading AI in robocalls. With AI's increasing role in political messaging, transparency becomes crucial for informed decision-making. Stay informed about evolving regulations shaping political advertising. Read the full article?here .?
Strategies for Minimizing Risks in Vendor Relationships
In today’s data-driven world, managing vendor relationships is crucial for safeguarding company and consumer data. Here are five key strategies to minimize risks:
Establish Internal Data Governance
Identify Potential Vendor Risks
Assess Vendor Risk Levels
Mitigate Vendor Risk
Plan for Off-boarding
By following these steps, businesses can effectively manage vendor risks and protect their valuable data. Read the full article?here .
How Marketers are Adapting to New Data Privacy Realities
As of May 2024, 17 U.S. states have enacted data privacy laws, creating a fragmented regulatory landscape for marketers. With California’s CCPA in its fourth year and more states following suit, the risk of fines has escalated, making data privacy a top trend. Marketers now prioritize transparency, compliance, and ethical data practices, elevating privacy experts to key roles. Emphasizing trust and privacy, they partner with reliable data providers and adopt clear disclosure policies. This proactive approach not only mitigates risks but also strengthens consumer trust in an evolving data-driven market.
Privacy and Security Defenses for Cloud Software w/ Michael Moore
In this episode of the She Said Privacy/He Said Security Podcast, Jodi and Justin Daniels are joined by Michael Moore , the Chief Privacy Officer at Lacework , to discuss security and privacy for the cloud. They discuss the modern concerns, how Lacework helps companies, the increasing threats companies face, and Michael’s personal privacy tips for anyone and everyone.
Here’s a glimpse of what you’ll learn:
Listen to the full podcast?here .?
Award Winning Global Privacy Expert, Speaker & Media Commentator | Bestselling Author, Podcast Host & Career Coach | I Help Mid Career Professionals Become Confident, Capable & Credible World-Class Privacy Experts
5 个月It's encouraging to see steps such as the evolving COPPA and new state laws being taken.?It's evident that more comprehensive measures are being implemented, which is a positive sign for us all.? How do you think we as individuals and businesses can proactively contribute to enhancing data privacy for our youth?
I save companies from evil cyber villains | Bridging humanity and technology | The hype person YOU need in your life | High ENERGY speaker!!!
5 个月Jodi!!! I FREAKING LOVE this post!!!!!!!!! Your ability to simplify complex concepts is an absolute game-changer!!!!!!! Your dedication to sharing knowledge and empowering others is truly inspiring!!!!!!!!!