As the federal government continues to wrestle with the complex issue of regulating Artificial Intelligence (AI) in the wake of the release of President Biden’s Executive Order, states have already proposed or enacted AI regulation, and even more will attempt to tackle the issue in 2024. Two recent developments in AI regulation from California
EU Seeks Input on Proposed Digital Product Passport Framework
On March 30, 2022, the European Commission (EC) unveiled a proposal for a framework eco-design regulation aimed at creating a policy framework for sustainable products. Among the tools proposed by the EC is the EU Digital Product Passport (DPP), a product-specific data set that would apply nearly to all non-food products sold in the EU…
EU Cyber Resilience Act: Cybersecurity Obligations for Connectable Hardware and Software Products Including IoT
The Internet of Things (IoT) segment has grown, and with it have come many examples of vulnerable products, from babycams whose feeds could be viewed by strangers online to hackable implantable cardiac devices. There are also infamous examples of botnets (i.e., clusters of hacked devices) featuring millions of IoT devices with one common trait: weak…
Is a Privacy Shield Replacement on the Horizon?
After the EU-U.S. Privacy Shield was rendered invalid by the Court of Justice of the European Union (CJEU) in July 2020, and following a prior challenge to the U.S.-EU Safe Harbor, many businesses operating on both sides of the pond scrambled to find other ways to protect data flows between the EU and U.S. that…
EU Adopts New Standard Contractual Clauses For Transfers of Personal Data
On June 4, 2021, the European Commission adopted a new set of standard contractual clauses (SCCs) governing exchanges of personal data between data controllers and data processors and transfers of personal data from the EU to the U.S. or other countries that are not deemed to ensure adequate protection for personal data. The revised SCCs…
Shielded: EU Approves Privacy Pact with the U.S., Fee Schedule Proposed
The European Commission (EC) approved the EU–U.S. Privacy Shield on Tuesday, July 12, after European Union member states, through the Article 31 committee, approved the pact the previous week (more on the draft adequacy decision back in March here and the earlier agreement laying out the Privacy Shield here). The decision will allow U.S.…
GDPR Publication Starts Countdown to May 2018 Compliance Date for New Privacy Rules
The new General Data Protection Regulation (GDPR) (Regulation 2016/69, Apr. 27, 2016), approved by the European Parliament and the Council of the European Union, was formally published in the Official Journal of the European Union on May 4, 2016, and will replace the Data Protection Directive (Directive 95/46/EC) effective May 28, 2018. This…
Obama Signs Judicial Redress Act—Will It Move EU–U.S. Privacy Shield Forward?
President Barack Obama signed the Judicial Redress Act on Wednesday, February 24, 2016, which will eventually enable European Union citizens to seek remedies for alleged privacy violations by the federal government in U.S. courts. The Act gives the U.S. Department of…
Agreement Reached on Landmark EU Data Protection Reform
On December 15, 2015, the European Commission announced that an agreement has been reached with the European Parliament and the Council (the “trilogue” meetings) regarding the Commission’s sweeping 2012 EU Data Protection Reform proposal. The reform package, which consists of a General Data Protection Regulation and a Data Protection Directive for Police and Criminal…
Life After the U.S.–EU Safe Harbor
We’ve written about the ground-breaking and panic-inducing ruling of the European Court of Justice (ECJ) invalidating the U.S.–EU Safe Harbor framework as an adequate data transfer mechanism, and ruling that national authorities are not bound by Commission approvals. Click here for our September 23, 2015 blog post, and here for a related October 16, 2015…