Search results

[…] Frameworks and Ensuring Compliance STAGE 2 Organizations need to understand existing laws in order to maintain legal compliance. Collecting, using, or transferring body-related data may implicate a number of issues under current U.S. privacy law. However, most existing regulations were not drafted with immersive technologies in mind. It can therefore sometimes be unclear how […]

[…] federal privacy legislation once again languishing in Congress, state-level activity on privacy dramatically accelerated in 2023. As the dust from this year settles, we find that the number of states with ‘comprehensive’ commercial privacy laws swelled from five to twelve (or, arguably, thirteen), a new family of health-specific privacy laws emerged in Democratic-led states […]

[…] Project-Related Publications Received “Best Student Paper” Awards This Year In addition to building the eponymous online tool, the PrivaSeer project grant has supported the publication of a number of papers by researchers involved in the privacy field. First, an effort to systematically identify and discuss issues within the privacy research community titled “Researchers’ Experiences […]

[…] of guidance and standards for AI auditing, generative AI authentication, and privacy-enhancing technologies (PETs).  Similarly, of the state EOs, California is the most prescriptive and includes a number of specific mandates and reports tailored to different agencies, such as the creation of procurement guidelines, assessments on the effect of generative AI on infrastructure, and […]

[…] towards children. Not all of these measures may immediately apply to all industry stakeholders. For instance, enhanced transparency requirements may be more applicable to certain onl ine service providers and application developers than to other data fiduciaries and in any case, must be grounded in the notice obligations under the DPDPA. In fact, most […]

[…] is required to undergo a third-party conformity assessment pursuant to that legislation * Irrespective of whether an AI system is placed on the market or put into service independently from the product. A product covered by the Union harmonization legislation listed in Annex II The product is required to undergo a third-party conformity assessment […]

[…] YES Q2 Is it a ‘high-risk’AI system? YES Q3 Am I the provider? YES NO Material scope: Art 2 Is it an ‘AI system’ as per Art 3(1)? See Table 1 Classification of High-risk AI systems under the AIA AI systems that are safety components of products  or are themselves products that fall under Annex II AI Systems that belong to the use cases of Annex III  + (EC) the output of the system is not  purely accessory & is likely to lead to significant  risks / (EP) significant risk of harm. NO Article 3(e) product manufacturer / distributor / importer /  user / third-party responsible to perform the CA Step 2 When to perform a CA? EX ANTE Before placing the AI system on the EU market or putting it into service (definitions in Art 3(9,11)) EX POST IF Afer placing the AI system on the EU market or putting it into service: Substantial modification to the AI system• NEW AI system • NEW CA required IF reasons of public security or the protection of life and health of  persons, environmental protection, and the protection of key industrial  and infrastructural assets  high-risk AI system placed on the market without a prior CA. (Art 47) Continued overleaf AI system that continues to learn +  pre-determined changes documented  in the initial CA no new CA required. 1200 Abernathy Rd NE, Building 600 | Atlanta, Georgia | United States | 30328 Atlanta | London | Bangalore | Melbourne | Denver| Seattle | San Francisco | New York | São Paulo | Munich | Paris | Hong Kong | Bangkok As society redefines risk and opportunity, OneTrust empowers tomorrow’s leaders to succeed through trust and impact with the Trust Intelligence Platform. The market-defining Trust  Intelligence Platform from OneTrust connects privacy, GRC, ethics, and ESG teams, data, and processes, so all companies can collaborate seamlessly and put trust at the center of their  operations and culture by unlocking their value and potential to thrive by doing what’s good for people and the planet. Copyright © 2023 Future of Privacy Forum and OneTrust LLC.   Please contact Future of Privacy Forum or OneTrust for questions about commercial use of this publication. Step 3 What body is conducting the CA? INTERNAL CA THIRD-PARTY CA […]

[…] children’s privacy settings and exercise privacy rights.  5. Set account settings as “privacy friendly” by default.  6. Limit advertising to children. 7. Maintain the functionality of a service at all times, considering the best interests of children. 8. Adopt policies to limit the collection and sharing of children’s data.  9. Consider all risks of […]

[…] others are still being reviewed by the FTC. The idea of age assurance, on the other hand, is relatively new in the U.S., and there are a number of actors considering the possibility of deploying age assurance methods in the states. Key considerations for exploring the use of age assurance technology in the U.S. […]

[…] to encourage submission of PI •Louisiana (HB 61)•Prohibits online services from allowing U18s to sign up for accounts without parental consent; •Allows parents to cancel the terms-of- service contracts their children signed for existing accounts; •Gives parents the ability to monitor their children’s accounts; •Companies must prohibit adults from messaging minors with whom they […]