Search results

[…] 5.  The newly narrowed right to access now prohibits controllers from disclosing certain types of highly-sensitive information, such as social security numbers. The consumer right to access one’s personal data carries a tension between the ability to access the specific data that an entity has collected concerning oneself and the risk that one’s data, […]

The 2006 release by AOL of search queries linked to individual users and the re-identification of some of those users is one of the best known privacy disasters in internet history. Less well known is that AOL had released the data to meet intense demand from academic researchers who saw this valuable data set as […]

[…] in the context of regulatory sandboxes or certified under cybersecurity schemes may benefit from a presumption of conformity with certain AIA requirements. The CA is not a one-off exercise. Compliance must be maintained throughout the AI system’s lifecycle. Providers must ensure ongoing compliance by establishing a monitoring system that enables them to verify that […]

[…] Trustworthiness (AI Framework Act or Act).  The AI Framework Act was officially promulgated on 21 January 2025 and will take effect on 22 January 2026, following a one-year transition period to prepare for compliance. During this period, MSIT will assist with the issuance of Presidential Decrees and other sub-regulations and guidelines to clarify implementation […]

[…] parental consent to process child data. Operators must obtain either verifiable parental consent or consent from a teen to process teen data, unless the processing is for one of seven permitted purposes, such as conducting internal business operations or preventing security incidents.   Finally, Arkansas COPPA 2.0 limits retention of child or teen data to […]

[…] As part of AIPA, Utah established a regulatory sandbox program and created the Office of Artificial Intelligence Policy to oversee AI governance and innovation in the state. One of the AI Office’s early priorities has been assessing the role of AI-driven mental health chatbots in licensed medical practice. To address concerns surrounding these chatbots, […]

[…] utilizing the data they steward, a gap persists in applying these technologies and realizing their potential benefits.” Key findings outlined in the report include: PETs are not one-size-fits-all solutions but are evolving tools aimed at enabling the sustainable utility of data without sacrificing confidentiality or security.  There is a significant gap in technical knowledge […]

[…] of organizations that make data available for researchers. It  provides information about the company, the data, any access restrictions, and relevant links: Data Sharing for Research Tracker One of the most difficult, time-consuming, and expensive parts of the research process is collecting data, but using existing data can help researchers mitigate the time and […]

[…] rights: the LPPD expands regulation on previously recognized rights of access, rectification, suppression, and opposition, and adds new rights to portability and to block the processing of one’s data;  Additional lawful grounds for processing: the law introduces new legitimate bases for processing data as exceptions or alternatives to consent;  New obligations to controllers and […]

Most countries in the world have data protection or privacy laws and there is growing cross-border enforcement cooperation between data protection authorities, which might lead one to believe that the protection of global data flows and transfers is steadily advancing. However, instability and risks arising from wars, trade disputes, and the weakening of the […]