On December 19, 2023, the Federal Trade Commission (“FTC”) announced that it reached a settlement with Rite Aid Corporation and Rite Aid Headquarters Corporation (collectively, “Rite Aid”) to resolve allegations that the companies violated Section 5 of the FTC Act (as well as a prior settlement with the agency) by failing to implement reasonable procedures to prevent harm to consumers while using facial recognition technology. As part of the settlement, Rite Aid agreed to cease using “Facial Recognition or Analysis Systems” (defined below) for five years and establish a monitoring program to address certain risks if it seeks to use such systems for certain purposes in the future.
Continue Reading Rite Aid Settles FTC Allegations Regarding Use of Facial Recognition TechnologyPrivacy & Data Security
FCC Announces Data Privacy Enforcement Partnership with State Attorneys General
By Yaron Dori on
Last week, Chairwoman Jessica Rosenworcel of the Federal Communications Commission (“FCC”) announced a partnership with four state attorneys general to enhance cooperation between the FCC and the participating states on privacy, data protection, and cybersecurity enforcement.
Continue Reading FCC Announces Data Privacy Enforcement Partnership with State Attorneys GeneralCPPA Releases Draft Automated Decisionmaking Technology Regulations
By Lindsey Tonsager, Libbie Canter & Jayne Ponder on
Posted in Data Privacy, Privacy & Data Security
Ahead of its December 8 board meeting, the California Privacy Protection Agency (CPPA) has issued draft “automated decisionmaking technology” (ADMT) regulations. The CPPA has yet to initiate the formal rulemaking process and has stated that it expects to begin formal rulemaking next year. Accordingly, the draft ADMT regulations are subject to change. Below are the key takeaways:
Continue Reading CPPA Releases Draft Automated Decisionmaking Technology RegulationsBiden Administration Announces Artificial Intelligence Executive Order
Earlier today, the White House issued a Fact Sheet summarizing its Executive Order on a comprehensive strategy to support the development of safe and secure artificial intelligence (“AI”). The Executive Order follows a number of actions by the Biden Administration on AI, including its Blueprint for an AI Bill of Rights and voluntary commitments from certain developers of AI systems. According to the Administration, the Executive Order establishes new AI safety and security standards, protects privacy, advances equity and civil rights, protects workers, consumers, and patients, promotes innovation and competition, and advances American leadership. This blog post summarizes these key components.
Continue Reading Biden Administration Announces Artificial Intelligence Executive OrderU.S. Tech Legislative & Regulatory Update – Third Quarter 2023
This quarterly update summarizes key legislative and regulatory developments in the third quarter of 2023 related to key technologies and related topics, including Artificial Intelligence (“AI”), connected and automated vehicles (“CAVs”), and data privacy and cybersecurity.
Continue Reading U.S. Tech Legislative & Regulatory Update – Third Quarter 2023Comments Due August 31 on FCC’s Proposal to Step Up Review of Foreign Ownership in Telecom Carriers and Establish Cybersecurity Requirements
Updated August 8, 2023. Originally posted May 1, 2023.
Last week, comment deadlines were announced for a Federal Communications Commission (“FCC”) Order and Notice of Proposed Rulemaking (“NPRM”) that could have significant compliance implications for all holders of international Section 214 authority (i.e., authorization to provide telecommunications services from points in the U.S. to points abroad). The rule changes on which the FCC seeks comment are far-reaching and, if adopted as written, could result in significant future compliance burdens, both for entities holding international Section 214 authority, as well as the parties holding ownership interests in these entities. Comments on these rule changes are due Thursday, August 31, with reply comments due October 2.
Continue Reading Comments Due August 31 on FCC’s Proposal to Step Up Review of Foreign Ownership in Telecom Carriers and Establish Cybersecurity RequirementsFCC Chairwoman Rosenworcel Announces Proposed Voluntary Cybersecurity Labeling Program for Smart Devices
By Yaron Dori on
On July 18, 2023, Federal Communications Commission (FCC) Chairwoman Jessica Rosenworcel announced that she has circulated a proposal to the FCC’s commissioners to create “a voluntary cybersecurity labeling program that would provide consumers with clear information about the security of their Internet-enabled devices.”
Continue Reading FCC Chairwoman Rosenworcel Announces Proposed Voluntary Cybersecurity Labeling Program for Smart DevicesFCC Announces Creation of Privacy and Data Protection Task Force
By Yaron Dori on
Last week, FCC Chairwoman Jessica Rosenworcel announced the creation of a new Privacy and Data Protection Task Force (the “Task Force”) to demonstrate the agency’s commitment to protecting consumer data and ensuring that the telecommunications industry remains secure from threat actors.
The Task Force will be led by Enforcement Bureau Chief Loyaan Egal and include…
Continue Reading FCC Announces Creation of Privacy and Data Protection Task ForceUK ICO Updates Guidance on Artificial Intelligence and Data Protection
On 29 March 2023, the UK Information Commissioner’s Office (“ICO”) published updated Guidance on AI and data protection (the “Guidance”) following “requests from UK industry to clarify requirements for fairness in AI”. AI has been a strategic priority for the ICO for several years. In 2020, the ICO published its first set of guidance on AI (as discussed in our blog post here) which it complemented with supplementary recommendations on Explaining Decisions Made with AI and an AI and Data Protection risk toolkit in 2022. The updated Guidance forms part of the UK’s wider efforts to adopt a “pro-innovation” approach to AI regulation which will require existing regulators to take responsibility for promoting and overseeing responsible AI within their sectors (for further information on the UK Government’s approach to AI regulation, see our blog post here).
The updated Guidance covers the ICO’s view of best practice for data protection-compliant AI, as well as how the ICO interprets data protection law in the context of AI systems that process personal data. The Guidance has been restructured in line with the UK GDPR’s data protection principles, and features new content, including guidance on fairness, transparency, lawfulness and accountability when using AI systems.
Continue Reading UK ICO Updates Guidance on Artificial Intelligence and Data ProtectionCommerce Department Issues First Funding Notice for Wireless Innovation Fund
Today, the National Telecommunications and Information Administration (NTIA) released its first Notice of Funding Opportunity for development of next-generation wireless infrastructure under the new Public Wireless Supply Chain Innovation Fund (“Innovation Fund”). According to NTIA’s announcement, this first tranche of funding will include up to $140.5 million in grants, ranging from $250,000 to $50 million, specifically to support expanded testing and evaluation of the performance, security, or interoperability of open, interoperable (“open-RAN”) wireless networks. Companies (both for- and nonprofit), higher education institutions, industry groups, and consortia of multiple organizations are eligible to apply.
Continue Reading Commerce Department Issues First Funding Notice for Wireless Innovation Fund