In this article

Sign up for our newsletter

Share this article

Hello all, and happy Thursday!  

With all the buzz about AI, including the EU’s proposed AI Act and President Biden’s recent executive order, I can’t help but recall a similar environment surrounding data privacy at the launch of the GDPR. 

To an extent, governments were a bit behind the eight ball on data privacy—it took scandals, significant societal impact, and public outcry before truly effective data privacy regulation came about in the form of the GDPR. It seems like governments have learned from the experience and are attempting to get ahead of the curve when it comes to AI. 

I know everybody is tired of hearing about it, but AI truly does have the potential to radically change our society, just as the proliferation of personal data processing has. And although it’s certainly smart of governments to be proactive in regulating AI before it potentially wreaks havoc, I think there’s also an element of uncertainty here.

With the GDPR and other data privacy laws, we had the benefit of seeing exactly how wanton personal data processing had affected society. AI technology is still in its infancy—how can we know what effects it will have in the future as it matures, and therefore what form regulation should take? Looking at existing and proposed regulations can give us a clue as to what governments hope and fear for this nascent technology. 




Top Privacy Stories of the Week

Cisco Consumer Privacy Report Weighs in on DSAR Usage, AI 

According to the annual Cisco Consumer Privacy Survey, 2023 saw an increase in the use of data subject access requests, especially for consumers under the age of 45. Additionally, 60% of respondents say that the current use of AI by organizations has eroded trust, and a little over half said they were willing to share anonymized data with AI systems. 

Read more 

White House Tackles Artificial Intelligence with New Executive Order 

President Biden recently released a sweeping executive order that regulates AI technologies. Under the order, developers of AI systems will need to share the results of their safety tests with the federal government before they are released to the public. If developing AI models that pose national security, economic, or health risks, companies will be required to notify the federal government under the Defense Production Act. 

Read more 

CNIL Fines a TV Service Provider 600,000 Euros for DSAR Failures 

French data protection authorities fined a TV service provider for failing to follow proper DSAR processes, among other violations. Requests were misled and late, and some requests had been processed without notifying the data subject. The fine exemplifies how non-automated DSAR workflows can cause noncompliance. 

Read more 

ODPA Publish Latest Personal Data Breach Statistics 

Germany's Office of the Data Protection Authority (ODPA) has published a report with some interesting statistics on data breaches. 38 personal data breaches were reported to the ODPA between the beginning of July to the end of September 2023 with 46 underlying causes. These affected 77,321 people. The unusually high number of people affected is largely down to one particular self-reported breach involving the sending of an email to an incorrect recipient which contained a significant volume of personal data. 

Read more 

FTC Amends Safeguards Rule to Require Financial Institutions to Report Data Security Breaches 

Currently, the FTC’s Safeguards Rule requires certain types of non-banking financial institutions to establish comprehensive security programs to keep their customers’ information safe. The amendment will additionally require these institutions to notify the FTC as soon as possible, and no later than 30 days after discovery of certain security breaches. 

Read more 

Facebook and Instagram Launch a Paid Ad-free Subscription 

After initially floating the idea, Meta is launching a paid subscription that will remove ads from Facebook and Instagram in Europe as a move to address concerns by the European Union about Meta’s ad targeting and data collection practices. The service is available throughout the European Union and will be offered for around €9.99 per month on the web or €12.99/month on iOS and Android. 

Read more 

29 Countries Reach Agreement on AI Risks and Opportunities 

29 nations, including the U.S., the UK, the EU, and China have recently reached a ground-breaking agreement, known as the Bletchley Declaration. The Declaration sets forth a shared understanding of the opportunities and risks posed by AI and the need for governments to work together to meet the most significant challenges posed by the technology. 

Read more 

Osano Blog: Tennessee Information Protection Act (TIPA): What to Know 

Tennessee has joined the ranks of 12 other states and established a comprehensive data privacy law. Check out our blog to learn all you need to know about the TIPA. 

Read more 

If you’re interested in working at Osano, check out our Careers page

Schedule a demo of Osano today
Share this article