California Remains a Privacy Bellwether
Hello all, and happy Thursday!Read Now
June 22, 2023
Hello all, and happy Thursday!
In case you missed it, last week, the European Parliament’s voted to approve its draft rules for the AI Act. Ever since ChatGPT exploded in popularity at the start of 2023, it seems like we’ve had a story about AI in each newsletter, and for good reason; the overlap between AI and data privacy is massive. AI needs access to data to function, which raises a lot of questions:
It’s fitting, then, that the same region that pioneered data privacy regulation with the GDPR is gearing up to pioneer AI regulation. Nowadays, the impact of the GDPR is felt far and wide, but before 2018, not many could have guessed at the proliferation of data privacy laws across the globe. One has to wonder if within ten years or so, we’ll be contending with multiple AI laws across the globe, each with their own idiosyncrasies.
It’s likely that the act won’t come into force for several years as it is revised and re-revised to contend with the rapid advancements in AI technology. Keeping a close eye on its development will likely bear fruit—not only will AI impact society drastically, but the regulations around AI and AI training data may be equally impactful.
Google parent has advised employees not to enter confidential materials into AI chatbots, including its own Bard chatbot, as well as to not directly use code generated by AI chatbots.
Issues surrounding privacy and children’s data have been at the forefront of recent legislation this year. As federal regulation on these issues stalls, the states are functioning as laboratories for what makes successful legislation in this space.
U.S. Senator Ron Wyden, D-Ore., and Sen. Cynthia Lummis, R-Wyo, have introduced legislation to regulate when and how data brokers can sell U.S. citizens’ data to entities in other nation. The bill also includes new protections against foreign-owned companies like TikTok accessing U.S. data from abroad.
Former head of privacy at Grindr has filed a wrongful termination suit against the LGBTQ+ dating and social networking app, claiming that he was fired after voicing his concerns over a delay in fixing a bug that reset users’ data consent settings and exposed their personal information.
With the European Parliament’s vote to approve its draft rules for the AI Act, many are curious about the specifics of what will likely be the global standard for AI regulation. Though the final rules will likely be vastly different from the current draft rules, there are some themes that will likely persist.
The UK and U.S. have reached to a commitment in principle on a UK-U.S. data bridge, which will protect data transfers between the two countries. Specifically, UK and U.S. stakeholders have agreed to key pillars of the data bridge, how it will interact with other data transfer mechanisms, what technical work still needs to be done, what the timeline for the data bridge looks like, and more.
In a recently filed complaint, the FTC charges that Amazon knowingly duped millions of consumers into enrolling in Amazon Prime through manipulative design practices. Furthermore, Amazon made it intentionally difficult to cancel once subscribed to Prime.
With the CPA going into effect July 1, time is running out to get compliant with Colorado’s new data privacy law. Check out our blog to learn about the major facts of the CPA.
If you’re interested in working at Osano, check out our Careers page! We might have the perfect opportunity for you.
Arlo Gilbert is the CEO & co-founder of Osano. An Austin, Texas native, he has been building software companies for more than 25 years in categories including telecom, payments, procurement, and compliance. In 2005 Arlo invented voice commerce, he has testified before congress on technology issues, and is a frequent speaker on data privacy rights.