Search results

[…] July 1, 2024.  The Colorado AG’s office closed applications for UOOM tools on November 6, 2023. After a public comment period, the Colorado AG announced that only one tool – the Global Privacy Control (GPC) – would be acknowledged on the exclusive public list of acceptable UOOMs in Colorado. The recognition of the GPC […]

[…] In this blog we highlight eight unique, ambiguous, or otherwise notable provisions that set S332 apart in the U.S. privacy landscape. 1. Private Right of Action Confusion One ongoing controversy regarding S332 is whether the law could provide the basis for a private right of action. S332 specifies that the New Jersey Attorney General […]

[…] reasons – like when you use social media, shop online, redeem digital coupons at the store, or browse the internet.  Sometimes, information is collected about you by one company and then shared or sold to another. While data collection can benefit both you and businesses – like connecting with friends, getting directions, or sales […]

[…] Framework (AI RMF). Developed under the aegis of the Singapore–U.S. Partnership for Growth and Innovation, the Crosswalk is a mapping document that guides users on how adopting one framework can be used to meet the criteria of the other. Similar to other crosswalk initiatives that NIST has done with other leading AI frameworks (such […]

[…] Trade Commission (“FTC”) have made clear that they are working together to ensure organizations protect sensitive health information. In particular, failure to establish proper agreements or safeguards between covered entities and AI vendors can constitute a violation of the HIPAA Privacy Rule when patient health information is shared without patient consent for purposes other […]

[…] Trade Commission (“FTC”) have made clear that they are working together to ensure organizations protect sensitive health information. In particular, failure to establish proper agreements or safeguards between covered entities and AI vendors can constitute a violation of the HIPAA Privacy Rule when patient health information is shared without patient consent for purposes other […]

[…] graduates who identify as LGBTQ+, to gather firsthand accounts of how student monitoring impacted their feelings of privacy and safety at school. Over the summer, we published one of our popular infographics examining age assurance technologies. The infographic’s authors unpacked the risks and potential harms associated with attempting to discern someone’s age online and […]

[…] e-Safety Commissioner Several participants found deficits in the length and scope of the public consultation available throughout the process Participants identified several potential benefits of an industry code beyond its intended scope Participants broadly opposed any approach that would require otherwise encrypted messaging services to utilize content hashing and/or client-side scanning  Many participants discussed […]

[…] and storage Purpose specification and limitation Third party management Meaningful notice and consent Data integrity User controls Privacy-enhancing technologies (PETs) 2. Evaluate best practices in regard to one another, as part of a coherent strategy. 3. Assess best practices on an ongoing basis to ensure they remain effective. fpf body related data risk framework […]

[…] the year that the public first experiences widespread enforcement of their new privacy rights? One structural reason for a lack of visible enforcement actions may be that Virginia, Colorado, Connecticut, and until recently, California all provide the ability for businesses to ‘cure’ many or all alleged violations of their privacy laws before a formal […]