A Massachusetts bill that would protect sensitive information in data breaches cleared the Joint Committee on Advanced IT, the Internet and Cybersecurity on Monday. The panel referred H-93 to the House Ways and Means Committee.
Companies operating in Latin America should be aware that data protection authorities (DPAs) there are increasing guidance and enforcement, said panelists during a webinar Tuesday sponsored by TrustArc, a privacy compliance vendor.
A Texas-based firm that conducts drug and alcohol testing suffered a data breach last year that exposed the personal information of almost 750,000 individuals, a law firm said Monday. Multiple states also recently reported the breach of Alcohol and Drug Testing Service (TADTS). The company may have violated state and federal laws by disclosing the breach well after it occurred.
Using AI to recognize emotions is "dubious and risky," the Dutch Data Protection Authority (AP) said Tuesday.
AI and data breaches were among top issues last year for Italian data protection authority Garante, it said Tuesday in an annual report.
Racial justice must be at the center of AI-related regulations to prevent discrimination and the potential creation of a surveillance state, American Civil Liberties Union (ACLU) officials said Thursday during a panel.
Privacy Daily is providing readers with the top stories from last week, in case you missed them. All articles can be found by searching the title or clicking on the hyperlinked reference number.
DOJ’s data transfer rule goes into full force Tuesday, but many companies are still seeking clarity from the department about compliance, privacy attorneys told us in interviews this week (see 2504140047).
Effective Tuesday, an amendment to the Colorado Privacy Act (CPA) that enhances protections for biometric identifiers widens the scope of whom the privacy law applies to and forces companies to review their policies, said privacy lawyers. Enacted as HB-1130 in June 2024, the measure compels entities that collect biometric data to meet stringent notice and consent requirements if they use or intend to use it for unique identification (see 2406030010).
A comprehensive privacy law taking effect Tuesday in Tennessee may appear business-friendly compared with similar measures in other states, but privacy lawyers note that it also contains some of the highest penalties for noncompliance. Companies could avoid a Tennessee crackdown by taking advantage of a novel safe harbor in the law, Mintz’s Cynthia Larose told Privacy Daily.