California Privacy Protection Agency Issues Draft Rules for AI

The California Privacy Protection Agency (CPPA) is preparing new regulations to protect consumers from how businesses may potentially use AI. The state regulator, whose rulings have an outsized influence on Big Tech given the many large firms that are headquartered there, has issued draft rules for how consumer data can be used in what it is calling “automated decisionmaking technology,” or ADMT. The proposed regulations give consumers the right to opt out of ADMT and entitles the public to on-demand information as how AI is interacting with their data and how businesses plan to use it. Continue reading California Privacy Protection Agency Issues Draft Rules for AI

Facial Recognition Firm Clearview AI Wins Appeal of UK Fine

New York-based facial recognition software company Clearview AI has had a $9.1 million fine and order to delete UK citizen data reversed by Britain’s General Regulatory Tribunal. The case against Clearview was brought by the UK Information Commissioner’s Office, which scored a victory round in May 2022, claiming Clearview violated privacy laws under the General Data Protection Regulation because it did not inform or gain consent of UK citizens before collecting their data. Clearview appealed, and the tribunal found that the selfie-scraping AI firm was not subject to the ICO’s jurisdiction due to a loophole for firms servicing foreign law enforcement. Continue reading Facial Recognition Firm Clearview AI Wins Appeal of UK Fine

AWS Rolls Out Bedrock Generative AI Service, Adds Llama 2

In a move to put “generative AI at the fingertips of every business, from startups to enterprises,” Amazon Web Services is commercially rolling out the Bedrock service it announced in April. Bedrock offers a wide range of foundation models from Amazon’s own Titan to products from Anthropic, Stability AI and soon Meta Platforms. The fully managed Bedrock service makes its generative FMs operable through a single, simple API. This means customers can experiment with various leading FMs and customize simple apps in-house, without the need for a third-party diving into their proprietary data. Continue reading AWS Rolls Out Bedrock Generative AI Service, Adds Llama 2

Ireland Fines TikTok $368 Million for Mishandling of User Data

Ireland’s Data Protection Commission (DPC) announced a TikTok fine of about $368 million today based on how the popular social platform processes data of younger users. DPC announced in 2021 that it was investigating TikTok’s compliance with the European Union’s General Data Protection Regulation (GDPR) privacy and security laws. The investigation identified specific problems with TikTok’s default account settings, the Family Pairing settings, and its age verification process (although the age verification model did not violate GDPR, the probe found that TikTok did not sufficiently protect the privacy of children under 13 who were able to create an account). Continue reading Ireland Fines TikTok $368 Million for Mishandling of User Data

Meta Is Fined $1.3 Billion for Facebook’s EU Privacy Violation

Meta Platforms has been hit with a record $1.3 billion fine for violating European Union rules that prohibit transferring the data of EU citizens to other countries. Ireland’s Data Protection Commission, the agency of record in the region in which Meta was sued, said that the tech giant continues to operate outside of compliance with the EU’s General Data Protection Regulation (GDPR) after a 2020 ruling by the bloc’s highest court found that Facebook user data was being shipped to America without adequate protection from U.S. spy agencies. Continue reading Meta Is Fined $1.3 Billion for Facebook’s EU Privacy Violation

OpenAI Previews ChatGPT Business, Unveils Privacy Controls

OpenAI is readying ChatGPT Business, a new subscription tier “for professionals who need more control over their data as well as enterprises seeking to manage their end users.” Pricing plans have yet to be disclosed for ChatGPT Business, which will be rolling out in the coming months, but OpenAI said it will adhere to the company’s API’s data usage policies, which means that by default end users’ data would not be used to train its models. The business plan was mentioned as part of an announcement disclosing that all ChatGPT users now have the ability to turn off their chat history. Continue reading OpenAI Previews ChatGPT Business, Unveils Privacy Controls

Ireland DPC Fines Meta $275 Million for Data Privacy Breach

Meta Platforms has been fined $275 million for violating European Union privacy rules, the result of a 2021 data leak that led to the online publication of personal information belonging to 500 million Facebook users. The penalty is the latest imposed on Meta by Ireland’s Data Protection Commission, which in September imposed a $400 million penalty on Instagram for mishandling children’s data. In October 2021, the same regulator fined Meta $235 million for violations by its WhatsApp messaging service. In total, Irish authorities have imposed penalties of more than $900 million on Meta in the past two years. Continue reading Ireland DPC Fines Meta $275 Million for Data Privacy Breach

Big Tech to Face Increased EU Scrutiny as DMA Takes Effect

Next week, the EU’s Digital Markets Act takes effect, and U.S. tech giants are preparing for headaches. Among the DMA’s goals is making companies like Amazon, Google and Meta Platforms more open and interoperable in 2023. Last month, veteran EU official Gerard de Graaf, who helped create the DMA, was installed as director of a satellite office in San Francisco. There, he will help Big Tech prepare for breaking out their wallets and breaking open their walled gardens as the result of  “significant” changes to how they’ve been doing business in Europe. Meanwhile, telecoms in Europe are looking for tech firms to pay new fees based on bandwidth issues. Continue reading Big Tech to Face Increased EU Scrutiny as DMA Takes Effect

France Sanctions Clearview AI €20M for Violating GDPR Rules

Clearview AI, the New York-based facial recognition firm that is targeting 100 billion facial images in its database by the close of 2022, has been fined €20 million ($19.7 million) by France’s data protection authority, the CNIL, for what the agency says is the illegal collection and processing of personal biometric data belonging to French citizens. The fine comes after the CNIL last year ordered Clearview to cease data collection and delete its existing database, instructions the company reportedly ignored. This is Clearview’s third breach of the EU General Data Protection Regulation (GDPR) pertaining to France. Continue reading France Sanctions Clearview AI €20M for Violating GDPR Rules

White House Updates Data Protection Framework with the EU

President Biden has signed an executive order designed to repair data sharing with the European Union. The arrangement has been in disarray since 2020, when the Court of Justice of the European Union nullified the Privacy Shield, jeopardizing what the White House calls a $7.1 trillion economic relationship, premised on companies doing business on both sides of the pond. Friday’s executive order stipulates new ways for the EU to challenge what it had previously identified as objectionable U.S. government surveillance practices. In March, the U.S. and European Union agreed “in principle” to a revamped framework for data transfers. Continue reading White House Updates Data Protection Framework with the EU

Innovative California Privacy Law Sets Stage for Entire Nation

As the first state to implement privacy laws protecting consumers from Big Tech, California is being closely watched as it puts together a governing body with the job of regulating how Amazon, Google, Meta and other companies collect and exploit data from millions of people. Former Federal Trade Commission chief technologist Ashkan Soltani was appointed executive director of the California Privacy Protection Agency (CPPA) in October. Starting with a $10 million annual budget that many say is not nearly enough to battle pushback from tech lobbyists, Soltani is inventing a new paradigm. Continue reading Innovative California Privacy Law Sets Stage for Entire Nation

EU Asserts Itself on Standards, Takes Position on Ad Consent

The European Commission is seeking a more prominent seat at the regulatory table in the hall where global technology standards are being crafted. Experts periodically confer, beyond public view, to establish rules for emerging technology, and the norms for everything from connectivity to artificial intelligence. Now, EU commissioners are concerned they’ll wind up sidelined as a market-dominant U.S. and emboldened China white-knuckle their way to the lectern when groups like the International Organization for Standardization and the UN’s International Telecommunication Union dictate how technology is to be deployed across the globe. Continue reading EU Asserts Itself on Standards, Takes Position on Ad Consent

CES: Panel Reveals Surprising Statistics on Perceptions of AI

CES 2022 featured a compelling session that focused on “Artificial Intelligence: Expectations, Rules and Achievement,” which began with introductory remarks by Congresswoman Mariannette Miller-Meeks (R-Iowa) who questioned whether the federal government had AI experts who understood the innovations. “These are disruptive technologies,” she said. “What will it do to our healthcare system? With autonomous vehicles, do we have the relevant policies in place for government and insurance companies?” She also worried about competition in the space. This jump-started a panel discussion on the numerous opinions involving AI. Continue reading CES: Panel Reveals Surprising Statistics on Perceptions of AI

CES: Government, Tech Firms Partner to Curtail Cyberattacks

During a panel at CES 2022, CTA specialist in government affairs Quentin Scholtz queried panelists from government and technology on their priorities and plans for stepping up effective enforcement against cyberattacks, especially those originating from nation states. Jamie Susskind, tech policy advisor for Senator Marsha Blackburn (R-Tennessee); former U.S. representative Will Hurd (R-Texas); and Samsung Electronics senior manager and counsel of public policy Eric Tamarkin offered complementary priorities on how to act in 2022 and going forward. Continue reading CES: Government, Tech Firms Partner to Curtail Cyberattacks

EU’s Data Governance Act Targets Growth of Digital Economy

The European Parliament and EU Member States have reached an agreement on the Data Governance Act, clearing the way for final approval on legislation. The Data Governance Act is a framework designed to encourage sharing under the General Data Protection Regulation (GDPR), consumer protection laws and competition rules. The goal is to develop common European data spaces in areas such as manufacturing, cultural heritage and health. The Data Governance Act is the first of two steps. The EU’s Data Act — which promotes data sharing among EU member states, businesses and government — will soon be formally proposed. Continue reading EU’s Data Governance Act Targets Growth of Digital Economy