A Texas-based firm that conducts drug and alcohol testing suffered a data breach last year that exposed the personal information of almost 750,000 individuals, a law firm said Monday. Multiple states also recently reported the breach of Alcohol and Drug Testing Service (TADTS). The company may have violated state and federal laws by disclosing the breach well after it occurred.
Using AI to recognize emotions is "dubious and risky," the Dutch Data Protection Authority (AP) said Tuesday.
AI and data breaches were among top issues last year for Italian data protection authority Garante, it said Tuesday in an annual report.
Racial justice must be at the center of AI-related regulations to prevent discrimination and the potential creation of a surveillance state, American Civil Liberties Union (ACLU) officials said Thursday during a panel.
Privacy Daily is providing readers with the top stories from last week, in case you missed them. All articles can be found by searching the title or clicking on the hyperlinked reference number.
DOJ’s data transfer rule goes into full force Tuesday, but many companies are still seeking clarity from the department about compliance, privacy attorneys told us in interviews this week (see 2504140047).
Effective Tuesday, an amendment to the Colorado Privacy Act (CPA) that enhances protections for biometric identifiers widens the scope of whom the privacy law applies to and forces companies to review their policies, said privacy lawyers. Enacted as HB-1130 in June 2024, the measure compels entities that collect biometric data to meet stringent notice and consent requirements if they use or intend to use it for unique identification (see 2406030010).
A comprehensive privacy law taking effect Tuesday in Tennessee may appear business-friendly compared with similar measures in other states, but privacy lawyers note that it also contains some of the highest penalties for noncompliance. Companies could avoid a Tennessee crackdown by taking advantage of a novel safe harbor in the law, Mintz’s Cynthia Larose told Privacy Daily.
The 7th U.S. Circuit Court of Appeals could soon issue a ruling on the retroactivity of a 2023 amendment to the Illinois Biometric Information Privacy Act (BIPA), which would provide significant clarity about pending BIPA cases, said blog posts by multiple law firms.
Connecticut will amend its privacy law again with what some lawyers say are significant changes. Gov. Ned Lamont (D) on Wednesday signed an omnibus (SB-1295) that contained the language of a bill (SB-1356) by Sen. James Maroney (D) updating the state’s 2022 privacy law (see 2506050004). Changes to the Connecticut Data Privacy Act (CTDPA) will take effect July 1, 2026.