An omnibus federal privacy bill with significant bipartisan support is currently under congressional review and, if enacted, could dramatically increase oversight of how companies use artificial intelligence (“AI”) in their businesses.

This article discusses the bill, which, even if not enacted, provides valuable insights as to potential future regulation of AI.

Continue reading.

There has been a whirlwind of activity over the past year as states enact and implement comprehensive consumer privacy laws. Starting with the passage of the California Consumer Privacy Act (CCPA) in 2018, which became effective in 2020, the US state privacy legal landscape has continued to develop rapidly. New comprehensive privacy frameworks are set

On October 7, 2022, President Biden signed an Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities,1 which is intended to implement U.S. commitments under the Trans-Atlantic Data Privacy Framework (DPF) announced in March 2022. With the new executive order, the Biden administration aims to strengthen the legal foundation for trans-Atlantic

On September 8, 2022, the Federal Trade Commission (FTC) held a virtual public forum on the agency’s release last month of an Advance Notice of Proposed Rulemaking (ANPR) to regulate the protection of consumers’ privacy and data security, which we covered in a prior Legal Update. In addition to allowing the public the opportunity

On August 11, 2022, the Federal Trade Commission (FTC) voted 3-2 on partisan lines to file an Advance Notice of Proposed Rulemaking (ANPR) that would regulate the protection of consumers’ privacy and data security in a rulemaking titled “Trade Regulation Rule on Commercial Surveillance and Data Security.”

The release of this ANPR—in the midst of

On May 19, 2022, the Federal Trade Commission (FTC) unanimously approved a policy statement on education technology (EdTech) and the Children’s Online Privacy Protection Act (COPPA). Characterized as part of a larger effort to “crack down on companies that illegally surveil children learning online,” the policy statement itself merely highlights pre-existing obligations under

Strengthening the nation’s cybersecurity has been a top priority for the Biden administration, as reflected in its collaboration with industry, regulatory actions, and the legislation it has supported in Congress, including the Cyber Incident Reporting for Critical Infrastructure Act of 2022. Executive action has been a key tool in the Biden administration’s cyber policymaking toolkit.

On March 25, 2022, the United States and the European Union jointly announced an “agreement in principle” to a new trans-Atlantic data privacy framework to facilitate the cross-border transfer of personal data (the “Framework”).1 As part of the Framework, the US has made “unprecedented commitments” related to intelligence collection and surveillance practices.2 The

In furtherance of a 2018 request from the Aerospace Industry Association (“AIA”), the Wireless Telecommunications Bureau (“Bureau”) of the US Federal Communications Commission (“FCC”) has resumed its examination as to how best to license unmanned aircraft systems (“UAS”) or drones. On August 20, the Bureau released a Public Notice1 seeking updated public input on

Issued against the backdrop of recent high-profile cyber incidents, President Biden’s Executive Order on Improving the Nation’s Cybersecurity sets forth ambitious initiatives and aggressive timelines for strengthening the cybersecurity of the federal government and the companies with which it does business. Critically, it also seeks to shape cyber practices across the economy more broadly, including