And Then There Were Five…

Just last summer, in July of 2021, Colorado joined California and Virginia, and became the third U.S. state with a comprehensive consumer privacy law. The Colorado Privacy Act is set to take effect in July 2023.

Hot on its heels, and within just two months of each other, first Utah in March of 2022, now Connecticut in May of 2022, passed privacy bills which will become effective in 2023.

So far, California remains the only state which allows for a private right of action in connection with its privacy bill. For more information, please see our comparison of the current U.S. state consumer privacy laws below.

For our unofficial redline of the CPRA, click here.

Follow these links for the official text of the CPRA, CPA, CTDPA, UCPA, and VCDPA.

To view and download a PDF version of this chart, click here.

Speaker card for Lily Li, Founder & President of Metaverse Law Corporation. Enter the Metaverse event will take place 2nd-3rd December 2021. Sponsored by: Alien Worlds and Tafi.

Metaverse Law to Speak at TechCircus’ Enter the Metaverse event.

Metaverse law is set to speak at the world’s premier metaverse online event – Enter the Metaverse!

This brand new exciting event will unpack the technologies that underpin the #metaverse, and the myriad of possibilities unlocked. The online event will take place December 2 & 3. Day one will focus on creating the metaverse and day two will look at the impact of the metaverse. Metaverse Law will speak as part of a panel at 6am PST (2:00 pm – 3:00 pm GMT) on December 3. The panel will discuss IP, Licensing and the Legalities of the Metaverse.

Check out the Enter the Metaverse website now to find out more and register https://www.enterthemetaverse.io/

Human hand holding a smartphone. AI machine in the background working on the phone.

Guidance on Artificial Intelligence and Data Protection

Image by geralt from Pixabay.

For many of us, Artificial Intelligence (“AI”) represents innovation, opportunities, and potential value to society.

For data protection professionals, however, AI also represents a range of risks involved in the use of technologies that shift processing of personal data to complex computer systems with often opaque processes and algorithms.

Data protection and information security authorities as well as governmental agencies around the world have been issuing guidelines and practical frameworks to offer guidance in developing AI technologies that will meet the leading data protection standards.

Below, we have compiled a list* of official guidance recently published by authorities around the globe.

Canada:

  • 1/17/2022 – Government of Ontario, “Beta principles for the ethical use of AI and data enhanced technologies in Ontario”
    https://www.ontario.ca/page/beta-principles-ethical-use-ai-and-data-enhanced-technologies-ontario
    The Government of Ontario released six beta principles for the ethical use of AI and data enhanced technologies in Ontario. In particular, the principles set out objectives to align the use of data enhanced technologies within the government processes, programs, and services with ethical considerations being prioritized.

China:

  • 9/26/2021 – Ministry of Science and Technology (“MOST”), New Generation of Artificial Intelligence Ethics Code
    http://www.most.gov.cn/kjbgz/202109/t20210926_177063.html (in Chinese)
    The Code aims to integrate ethics and morals into the full life cycle of AI systems, promote fairness, justice, harmony, and safety, and avoid problems such as prejudice, discrimination, privacy, and information leakage. The Code provides for specific ethical requirements in AI technology design, maintenance, and design.
  • 1/5/2021 – National Information Security Standardisation Technical Committee of China (“TC260”), Cybersecurity practice guide on AI ethical security risk prevention
    https://www.tc260.org.cn/upload/2021-01-05/1609818449720076535.pdf (in Chinese)
    The guide highlights ethical risks associated with AI, and provides basic requirements for AI ethical security risk prevention.

E.U.:

  • European Telecommunication Standards Institute (“ETSI”) Industry Specification Group Securing Artificial Intelligence (“ISG SAI”)
    https://www.etsi.org/committee/1640-sai
    The ISG SAI has published standards to preserve and improve the security of AI. The works focus on using AI to enhance security, mitigating against attacks that leverage AI, and securing AI itself from attack.
  • 4/21/2021 – European Commission, “Proposal for a Regulation of the European Parliament and of the Council Laying Down Harmonised Rules on Artificial Intelligence (Artificial Intelligence Act) and Amending Certain Union Legislative Acts”
    https://ec.europa.eu/newsroom/dae/document.cfm?doc_id=75788
    The EU Commission proposed a new AI Regulation – a set of flexible and proportionate rules that will address the specific risks posed by AI systems, intending to set the highest global standard. As an EU regulation, the rules would apply directly across all European Member States. The regulation proposal follows a risk-based approach and calls for the creation of a European enforcement agency.

France:

Germany:

Continue Reading Guidance on Artificial Intelligence and Data Protection
1 2 3