Latest Posts
Search for:
Author

Helena Engfeldt

Browsing
In California Privacy Law

Off to the Races: California Advances CCPA Regulations on Cyber, Risk & AI

by , , , and 4 Mins Read

On Friday, November 8, 2024, the California Privacy Protection Agency board voted 4-1 to commence the formal rulemaking process for the draft regulations on Automated Decisionmaking Technology (ADMT), Risk Assessments, Cybersecurity Audits, and Insurance Companies. The formal rulemaking process will begin with a 45-day public comment period. During this time, CPPA staff will gather and analyze public comments, which will inform potential amendments and revisions to the regulations. The period will likely be extended to…

In Artificial Intelligence

The Legal Playbook for AI in HR: Five Practical Steps to Help Mitigate Your Risk

by , , and 7 Mins Read

By and large, HR departments are proving to be ground zero for enterprise adoption of artificial intelligence technologies. AI can be used to collect and analyze applicant data, productivity, performance, engagement, and risk to company resources. However, with the recent explosion of attention on AI and the avalanche of new AI technologies, the use of AI is garnering more attention and scrutiny from regulators, and in some cases, employees. At the same time, organizations are…

In California Privacy Law

Dark Pattern Prohibitions the Subject of New Enforcement Advisory in California

by and 2 Mins Read

The California Privacy Protection Agency has issued an Enforcement Advisory on the topic of dark patterns. The California Consumer Privacy Act uses the term “dark patterns” to refer generally to user interfaces that subvert or impair consumers’ autonomy, decisionmaking, or choice when asserting their privacy rights or consenting to personal information processing activities. For example, when businesses provide choices to consumers, such as via cookie banners or in privacy preference centers, choices must be clear…

In Advertising & Marketing

Compliance Essentials for Organizing Legal Giveaways, Sweepstakes, and Contests in the U.S.

by , , , and 6 Mins Read

Organizing a giveaway, sweepstakes, contest, or similar promotional event can be an effective way for companies to engage with their audience and boost brand visibility. But navigating the complex legal landscape surrounding these types of promotions in the U.S. and around the world is crucial to avoid potential pitfalls. From ensuring compliance with federal and state regulations to avoiding accusations of illegal gambling, there are numerous considerations that businesses must address to conduct a successful…

In California Privacy Law

The Nuts and Bolts of the proposed California Safe and Secure Innovation for Frontier Artificial Intelligence Models Act

by and 5 Mins Read

If passed, SB-1047, the California Safe and Secure Innovation for Frontier Artificial Intelligence Model Act, would introduce product safety, documentation and reporting obligations on developers of AI systems. Currently awaiting passage in the state Assembly, the bill would be a landmark regulation for the burgeoning AI industry. The law as currently written would mainly target larger AI projects developed by companies with extensive resources, rather than smaller startups. However, operators of data centers would also…

In California Privacy Law

Amendments to California’s CMIA Bring Health Data New Requirements

by , and 4 Mins Read

In Brief Various players in the health care industry are or will soon be subject to new requirements relating to sexual and reproductive health data under a pair of bills passed last year amending the California Confidentiality of Medical Information Act (the “CMIA”). Many of the central provisions of bills AB 254 and AB 352, which were both signed into law by Governor Gavin Newsom in September 2023, came into effect on January 1, 2024.…

In Data Privacy

Data minimization: An increasingly global concept

by and 8 Mins Read

Copyright 2024 International Association of Privacy Professionals. Data minimization: An increasingly global concept. Data minimization requirements are not new but they are becoming more common, and enforcement is on the rise. “Legal basis” requirements for data processing, justifying data processing activities and transfers, and adhering to data minimization principles began hitting organizations’ radars with the EU General Data Protection Regulation. In response to the GDPR, many multinationals are differentiating regionally, or by jurisdiction, how they…

In Data Privacy

Kentucky is Off to the Races: Bluegrass state is 15th to Pass Comprehensive Privacy Law

by , , , , and 8 Mins Read

On April 4, 2024, the Kentucky Governor Andy Brashear signed HB 15, enacting the Kentucky Consumer Data Protection Act (“KCDPA” or the “Act”), to make Kentucky the 15th US state to adopt a comprehensive privacy law. Kentucky joins New Hampshire and New Jersey in a trifecta of states that have enacted privacy legislation in the opening months of 2024. In the days since the KCDPA’s signing, the consumer privacy stakes have been raised, with the…

In California Privacy Law

California moves to disable vehicular data access used in domestic abuse

by and 2 Mins Read

Background On February 28, 2024, California State Senator Dave Min proposed Senate Bill (SB) 1394, a new measure aimed at preventing vehicular data from being used to perpetuate domestic violence. Under the proposal, automobile manufacturers would be required to disable access to remote vehicle technologies upon the request of a victim of domestic violence. The bill arrives amid increasing reports of incidents of domestic abusers exploiting vehicular location tracking features to stalk and harass victims…

In Data Privacy

Living Free from the Sale of Personal Data: New Hampshire is the 14th US State to Pass Comprehensive Privacy Law

by , , , , , and 7 Mins Read

On January 18, 2024, the New Hampshire legislature passed SB255, making the Granite State the 14th US state to pass a consumer privacy law—and the second state to do so in January. Following enrolment—a formality to excise clerical errors—the bill will move to Governor Chris Sununu’s desk for final enactment. If it becomes law, SB255 will go into effect on January 1, 2025, giving businesses less than one year to ensure compliance with the new…

Load More