Privacy

After a political deal had been reached on December 8, 2023, we now have an unofficial draft of the EU AI Act. There are two versions available online, one posted by Euractiv Technology Editor Luca Bertuzzi which compares the Commission Proposal, the European Parliament’s revisions, the version of the Council, and lastly the Draft Agreement. … Read more

The California Consumer Privacy Act (CCPA) has been in effect since January 1, 2020, and it has impacted the way businesses collect, use, and protect consumers’ personal information considerably. Just over 9 months later, California voters approved Proposition 24, the California Privacy Rights Act (CPRA), which amends the CCPA and strengthens California’s data privacy laws … Read more

In the US, there is, as of yet, no comprehensive federal privacy legislation, but there is a federal agency, the Federal Trade Commission (FTC), that is at the forefront of notable enforcement actions. In the absence of comprehensive federal privacy law, the FTC relies for its privacy enforcement actions on acts that are either narrowly … Read more

On December 8, 2023, the European Parliament, European Commission, and Council of the EU reached a significant political agreement concerning AI regulation. An analysis of the unofficial final draft is forthcoming, but in the meantime, it is important to note key developments. The primary issue under consideration was whether to regulate the technology behind AI … Read more

In the contemporary landscape of health information technology, the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule sets a national standard for the protection of individuals’ medical records and other protected health information (PHI). The HIPAA Privacy Rule allows for health information to be de-identified using two methods: the Safe Harbor method, which requires … Read more

The European Union’s recent review of Canada’s data protection adequacy, a follow-up to the initial adequacy decision made in 2001, offers an insightful perspective into Canada’s compliance with evolving international data privacy standards. This review, part of the EU’s broader evaluation under the General Data Protection Regulation (GDPR), reaffirms Canada’s status but also subtly influences … Read more

Artificial Intelligence (AI) has infiltrated various sectors of our lives, leading to an urgent need for standardized frameworks to ensure its ethical and responsible use. The ISO/IEC 42001 standard is a recent addition to the roster of international standards, aiming to provide organizations with a structured approach to managing AI systems while fostering innovation and … Read more

Recent updates to OpenAI’s privacy policies, terms of use applicable to individuals, and business terms have sparked the interest of the privacy and business community. The former two are coming into effect on Jan 31, 2024, except insofar as the Europe privacy policy is concerned,  and the business terms are already in force as of … Read more

OpenAI is an organization known for developing a variety of artificial intelligence (AI) models and tools, which are accessible through various platforms and services. Microsoft Azure is a cloud computing platform that offers a range of services and tools for building, deploying, and managing applications. Azure also provides AI services that enable developers and customers … Read more

On December 20, the Quebec government published the Draft Regulation respecting the anonymization of personal information in the Quebec Gazette. It follows a 45-day public consultation period. In this article, we’re setting out the most important obligations and highlighting how Private AI can help achieve compliance with Law25 in light of the new Regulation. Law25 … Read more