California businesses launched a media blitz Monday against possible AI regulations under consideration in the state legislature, calling instead for “pro-growth” rules.
AI Privacy
AI privacy concerns are growing as copyrighted works and personal data are used to train, optimize and operate machine learning systems. From facial recognition to inference risks, AI applications often test the limits of existing privacy laws. Regulators worldwide are developing safeguards to govern data use, bias, transparency and consent in AI development. This page tracks legislation, regulatory frameworks and enforcement actions at the intersection of AI and data protection.
It’s time to start “operationalizing the laundry list of requirements currently in the Colorado AI Act because it looks like a last-minute reprieve is unlikely,” said Denver-based privacy attorney Josh Hansen of Shook Hardy, as state legislators returned for the fifth day of their special session Monday.
The plaintiff in a Video Privacy Protection Act (VPPA) case against satirical news site The Onion voluntarily dropped the complaint in a court document Friday. No reason for the dismissal was given.
By the second day of a whirlwind special session in Colorado, state legislators had halved the number of proposals to amend the Colorado AI Act to two. On Thursday, House and Senate Business committees approved a variety of amendments to a pair of leading AI proposals before advancing them to each chamber’s Appropriations Committee.
Now that the AI Action Plan has been released, Dean Ball is leaving the role of senior policy adviser for AI and emerging technology at the White House's Office of Science and Technology Policy, he announced on LinkedIn last week. Ball will serve as a senior fellow at the think tank Foundation for American Innovation, and will resume writing for his newsletter Hyperdimensional. He joined the White House in April (see 2504180034).
The Information Commissioner's Office (ICO) and data protection attorneys are looking to advise companies on key changes to the U.K.'s privacy landscape as a result of the U.K. Data (Use and Access) Act 2025 (DUAA), in effect as of Wednesday.
One of the easiest requirements for enforcers to check for violations under new California Privacy Protection Agency (CPPA) rules is also simple for vigilant businesses to avoid, privacy lawyer David Stauss said during a Troutman webinar Thursday. As such, companies should immediately start displaying on websites that they are honoring universal opt-out preference signals, he said. Separately, Hintze privacy attorney Sam Castic warned that new risk assessment requirements go beyond rules in other states.
Colorado's Senate Business Committee on Thursday voted 4-3 to advance a proposal from Senate Majority Leader Robert Rodriguez (D) to update the state's AI law. The bill advanced with four amendments to the Senate Appropriations Committee.
A California bill that sets data-breach notification deadlines will go to the Assembly floor and is racing toward passage by the legislature. At a livestreamed hearing Wednesday, the Assembly Appropriations Committee voted unanimously to add SB-446 by Sen. Melissa Hurtado (D) to the Assembly consent calendar, which is reserved for noncontroversial bills.
With a fight brewing over the future of Colorado AI regulation, Gov. Jared Polis (D) sees “clear motivation in the legislature” to craft a balanced policy, he said in an emailed statement prior to the special session starting Thursday. Colorado lawmakers plan to weigh four proposals to amend or repeal the state’s comprehensive AI law. Senate Majority Leader Robert Rodriguez (D) and Rep. Brianna Titone (D), who co-authored the Colorado AI Act, rallied support for their proposed “Colorado AI Sunshine Act” at a livestreamed press conference Wednesday.