Consumer advocates oppose a Connecticut AI bill backed by Gov. Ned Lamont (D), the Electronic Privacy Information Center said Tuesday. EPIC said it raised red flags about SB-1249 in a letter to state legislators on March 28, along with Access Humboldt, Consumer Federation of America and TechEquity.
Don't preempt state privacy laws, the California Privacy Protection Agency (CPPA) and New Jersey Attorney General Matthew Platkin (D) argued in comments to House Commerce Committee Republicans Monday as the lawmakers worked on drafting privacy legislation (see 2504070065).
Privacy Daily is providing readers with the top stories from last week, in case you missed them. All articles can be found by searching on the title or by clicking on the hyperlinked reference number.
Senate Commerce Committee Chairman Ted Cruz, R-Texas, on Monday said he’s investigating whether the Future of Privacy Forum used federal grants to push for AI laws aligned with the Biden administration’s regulatory agenda.
The European Data Protection Board will consider the state of play of the EU-U.S. Data Privacy Framework under the Trump Administration at its April 8 meeting (see REF:2504030004]). Also up for discussion are possible guidelines on processing personal data through blockchain technologies, and cooperation with the EU AI Office on guidelines relating to the interplay of the AI Act with data protection law.
Two board members of the California Privacy Protection Agency sharply questioned whether the agency should regulate automated decision-making tools (ADMT) at a Friday meeting. Board member Alastair Mactaggart said the board must take seriously several stakeholders' threats about possible litigation if the CPPA pursues AI regulation in an ongoing rulemaking about ADMT and several other subjects. Chairperson Jennifer Urban pushed back.
Poland's data protection authority issued guidance Wednesday to help data controllers decide when to perform a data protection impact assessment (DPIA). It noted that the General Data Protection Regulation doesn't require a DPIA for every processing operation a controller plans to carry out, but an assessment is mandatory if that processing, in particular involving new technologies, is likely to result in a high risk to someone's rights or freedoms.
The Hamburg Commission for Data Protection and Freedom of Information published a report Tuesday on its 2024 data protection activities.
More than 30 people testified about a bill seeking to limit automated analysis of personal data for making financial inferences during a Wednesday hearing in the Colorado House Judiciary Committee, with many people supporting its protections for both workers and consumers.
A French lawmaker who challenged the EU-U.S. Data Privacy Framework in 2023 had his first hearing in the EU General Court Monday. Member of Parliament Philippe Latombe is seeking annulment of the DPF (see 2309120030) (Latombe v. Commission, Case T-533/23).