By the second day of a whirlwind special session in Colorado, state legislators had halved the number of proposals to amend the Colorado AI Act to two. On Thursday, House and Senate Business committees approved a variety of amendments to a pair of leading AI proposals before advancing them to each chamber’s Appropriations Committee.
A federal court dismissed a case against several data brokers accused of violating West Virginia's Daniel's Law. Judge Michael Urbanski ruled the 2021 statutory provision the plaintiff relied on -- which allows certain public servants to request data brokers delete their personal information from their public websites -- is unconstitutional.
An online transcription service that records users during meetings and interviews also utilizes these voice recordings and other data to train its AI models without consent, alleges a class-action lawsuit filed last week in the U.S. District Court for Northern California against Otter.ai.
Femtech offers groundbreaking innovations in women's health but also poses serious privacy threats, data protection lawyers said. Even the EU, with its General Data Protection Regulation and AI Act, and the U.K., with its version of the GDPR, may not always provide adequate protection for the highly sensitive personal data that femtech apps collect and use, they added.
Law firm Kelley Drye failed to properly train employees on cybersecurity or maintain reasonable security safeguards, which allowed a data breach impacting thousands of customers' personal information to be leaked, a class-action lawsuit filed Tuesday in New York state court alleged. Additionally, plaintiff Ratna Kanhai claims Kelley Drye didn't report the breach promptly, and the eventual notification was intentionally confusing.
A federal judge on Thursday allowed a group of parents to file an appeal instead of an amended complaint in a previously dismissed child privacy case against an education technology platform. The court released a final judgment one day after the plaintiffs made the request at the U.S. District Court for Central California.
The several lawsuits following the July data breach of women-only app Tea expose gaps in data governance and data protection guardrails that may be present within the entire app ecosystem, said Mary Bennett and Rob Robinson of privacy vendor HaystackID in a Friday blog post. First reported on July 25, the breach of Tea leaked 72,000 images, including 13,000 selfies with identifying information (see 2507280017). The app is intended to increase safety for online daters.
Meta faces a claim that it operates as a pen register device, prohibited under the California Invasion of Privacy Act (CIPA), after a federal court declined to drop the claim from a pixel tax-filing case Wednesday.
As privacy litigation under older laws has exploded, some have called for amending decades-old statutes often at the center of lawsuits so that they aren't applied to modern technologies. The California Invasion of Privacy Act (CIPA) in particular has been subject to more scrutiny as litigation has increased (see 2503030050).
A July data breach of Allianz Life Insurance Co. of North America precipitated a flurry of lawsuits alleging inadequate safety procedures. The company said the data breach exposed the personal information of most of its 1.4 million U.S. customers and stakeholders.