Class action lawsuits surrounding cybersecurity breaches have risen significantly in recent years and 2024 was no exception, lawyers said during a Practising Law Institute event Thursday. Speakers discussed trends from 2024 concerning litigation about data privacy, cybersecurity breaches and the Telephone Consumer Privacy Act.
Privacy compliance is a good starting point for navigating risks and worries associated with future AI technology, said Matt Kelly, CEO of Radical Compliance, in a Navex blog Tuesday. “Privacy issues are inseparable from AI risks."
There are grounds for "intense" collaboration among authorities responsible for enforcing EU digital laws such as the General Data Protection Regulation (GDPR) and AI Act (AIA), privacy lawyer Petruta Pirvan said during a Sypher webinar Wednesday in Bucharest, Romania. Especially in the context of AI systems that process personal data, logic is strong for regulators cooperating, said Pirvan, a member of the European Commission's GPAI code of practice working group.
In addition to an increase in privacy laws, 2025 is expected to bring an escalation of privacy and data protection claims under old laws, said International Association of Privacy Professionals (IAPP) members on a webinar Wednesday.
Privacy Daily is providing readers with the top stories from last week, in case you missed them. All articles can be found by searching on the title or by clicking on the hyperlinked reference number.
The FTC’s new requirement that companies obtain separate parental consent when collecting children’s data for nonessential business purposes is a key change compliance professionals should fully understand, attorneys said Tuesday.
Almost all comprehensive state privacy laws include enforcement language against AI-related discrimination, so additional efforts to regulate automated decisions could be redundant, Minnesota Rep. Steve Elkins (D) told Privacy Daily in a recent interview.
Digital ministers from the Association of Southeast Asian Nations (ASEAN) unveiled three privacy guides this week that detail new policies and clarify existing regulations. Singapore's Personal Data Protection Commission announced their release Friday.
The European Parliament Civil Liberties Committee Thursday named Bruno Gencarelli as European data protection supervisor (EDPS) for 2025-2030. Gencarelli, currently European Commission head of international data flows and protections, beat three other candidates in a secret ballot, including current EDPS Wojciech Wiewiorowski. Once the European Parliament president and political party heads confirm the vote, Parliament and the European Council will make the appointment. The EDPS supervises how EU institutions and bodies process personal data to ensure compliance with privacy law, and advises them on personal data processing and related policies and legislation. The office's role has been expanded to cover such things as EU bodies' compliance with the AI Act.
French privacy regulator CNIL Thursday unveiled a 2025-2028 strategic plan focused on AI, minors' rights, cybersecurity, and mobile apps and digital identity, according to an unofficial translation.