In this article

Sign up for our newsletter

Share this article

Hello all, and happy Thursday!  

In case you missed it, last week, the European Parliament’s voted to approve its draft rules for the AI Act. Ever since ChatGPT exploded in popularity at the start of 2023, it seems like we’ve had a story about AI in each newsletter, and for good reason; the overlap between AI and data privacy is massive. AI needs access to data to function, which raises a lot of questions: 

  • Where does that data come from, and who owns it?  
  • If we exclude personal information entirely from AI training sets, can AI still be useful?  
  • Is there an approach to anonymize training data and still retain its utility? 

It’s fitting, then, that the same region that pioneered data privacy regulation with the GDPR is gearing up to pioneer AI regulation. Nowadays, the impact of the GDPR is felt far and wide, but before 2018, not many could have guessed at the proliferation of data privacy laws across the globe. One has to wonder if within ten years or so, we’ll be contending with multiple AI laws across the globe, each with their own idiosyncrasies. 

It’s likely that the act won’t come into force for several years as it is revised and re-revised to contend with the rapid advancements in AI technology. Keeping a close eye on its development will likely bear fruit—not only will AI impact society drastically, but the regulations around AI and AI training data may be equally impactful. 




Top Privacy Stories of the Week


Google, One of AI’s Biggest Backers, Warns Own Staff About Chatbots 

Google parent has advised employees not to enter confidential materials into AI chatbots, including its own Bard chatbot, as well as to not directly use code generated by AI chatbots.  

Read more 

Privacy and Kids’ Safety Are Dominating State Tech Rules in 2023 

Issues surrounding privacy and children’s data have been at the forefront of recent legislation this year. As federal regulation on these issues stalls, the states are functioning as laboratories for what makes successful legislation in this space. 

Read more 

U.S. House and Senate Members Introduce Bipartisan Legislation Regulating International Data Brokers 

U.S. Senator Ron Wyden, D-Ore., and Sen. Cynthia Lummis, R-Wyo, have introduced legislation to regulate when and how data brokers can sell U.S. citizens’ data to entities in other nation. The bill also includes new protections against foreign-owned companies like TikTok accessing U.S. data from abroad. 

Read more 

Grindr's Ex-Privacy Chief Accuses Company of Prioritizing "Profit Over Privacy" in Wrongful Termination Suit 

Former head of privacy at Grindr has filed a wrongful termination suit against the LGBTQ+ dating and social networking app, claiming that he was fired after voicing his concerns over a delay in fixing a bug that reset users’ data consent settings and exposed their personal information. 

Read more 

Five Big Takeaways From Europe’s AI Act 

With the European Parliament’s vote to approve its draft rules for the AI Act, many are curious about the specifics of what will likely be the global standard for AI regulation. Though the final rules will likely be vastly different from the current draft rules, there are some themes that will likely persist. 

Read more 

UK Government Commits to the Establishment of the UK-U.S. Data Bridge 

The UK and U.S. have reached to a commitment in principle on a UK-U.S. data bridge, which will protect data transfers between the two countries. Specifically, UK and U.S. stakeholders have agreed to key pillars of the data bridge, how it will interact with other data transfer mechanisms, what technical work still needs to be done, what the timeline for the data bridge looks like, and more. 

Read more 

FTC Takes Action Against Amazon for Enrolling Consumers in Prime Without Consent and Sabotaging Their Attempts to Cancel 

In a recently filed complaint, the FTC charges that Amazon knowingly duped millions of consumers into enrolling in Amazon Prime through manipulative design practices. Furthermore, Amazon made it intentionally difficult to cancel once subscribed to Prime. 

Read more 

Osano Blog: The Colorado Privacy Act (CPA): Requirements, Enforcement, and More 

With the CPA going into effect July 1, time is running out to get compliant with Colorado’s new data privacy law. Check out our blog to learn about the major facts of the CPA. 

If you’re interested in working at Osano, check out our Careers page! We might have the perfect opportunity for you. 

Schedule a demo of Osano today
Share this article