With the 119th Congress now assembled, Republicans control both the House and Senate, and will control the White House starting on January 20th. If history is any guide, this change in party control of the White House, plus unified control of Congress by the president’s party, will pave the way for Republicans to deploy the Congressional Review Act (CRA) to overturn a number of regulations issued by the Biden Administration. When President Trump first took office in 2017, congressional Republicans used the CRA to overturn more than a dozen rules promulgated by the Obama Administration. Continue Reading Biden Administration Rulemakings at Risk for Congressional Review Act Cancellation in New Congress
United States
U.S. Tech Legislative, Regulatory & Litigation Update – Third Quarter 2024
This quarterly update highlights key legislative, regulatory, and litigation developments in the third quarter of 2024 related to artificial intelligence (“AI”) and connected and automated vehicles (“CAVs”). As noted below, some of these developments provide industry with the opportunity for participation and comment.Continue Reading U.S. Tech Legislative, Regulatory & Litigation Update – Third Quarter 2024
Quantum Computing: Developments in the UK and US
This update focuses on how growing quantum sector investment in the UK and US is leading to the development and commercialization of quantum computing technologies with the potential to revolutionize and disrupt key sectors. This is a fast-growing area that is seeing significant levels of public and private investment activity. We take a look at how approaches differ in the UK and US, and discuss how a concerted, international effort is needed both to realize the full potential of quantum technologies and to mitigate new risks that may arise as the technology matures.
Quantum Computing
Quantum computing uses quantum mechanics principles to solve certain complex mathematical problems faster than classical computers. Whilst classical computers use binary “bits” to perform calculations, quantum computers use quantum bits (“qubits”). The value of a bit can only be zero or one, whereas a qubit can exist as zero, one, or a combination of both states (a phenomenon known as superposition) allowing quantum computers to solve certain problems exponentially faster than classical computers.
The applications of quantum technologies are wide-ranging and quantum computing has the potential to revolutionize many sectors, including life-sciences, climate and weather modelling, financial portfolio management and artificial intelligence (“AI”). However, advances in quantum computing may also lead to some risks, the most significant being to data protection. Hackers could exploit the ability of quantum computing to solve complex mathematical problems at high speeds to break currently used cryptography methods and access personal and sensitive data.
This is a rapidly developing area that governments are only just turning their attention to. Governments are focusing not just on “quantum-readiness” and countering the emerging threats that quantum computing will present in the hands of bad actors (the US, for instance, is planning the migration of sensitive data to post-quantum encryption), but also on ramping up investment and growth in quantum technologies. Continue Reading Quantum Computing: Developments in the UK and US
U.S. Senate Passes SHIELD Act to Criminalize Distribution of Private Intimate Images Online
On July 10, 2024, the U.S. Senate passed the Stopping Harmful Image Exploitation and Limiting Distribution (“SHIELD”) Act, which would criminalize the distribution of private sexually explicit or nude images online. Continue Reading U.S. Senate Passes SHIELD Act to Criminalize Distribution of Private Intimate Images Online
Employers Beware: New Wave of Illinois Genetic Information Privacy Act Litigation
Likely spurred by plaintiffs’ recent successes in cases under Illinois’s Biometric Information Privacy Act (“BIPA”), a new wave of class actions is emerging under Illinois’s Genetic Information Privacy Act (“GIPA”). While BIPA regulates the collection, use, and disclosure of biometric data, GIPA regulates that of genetic testing information. Each has a private right of action and provides for significant statutory damages, even potentially where plaintiffs allege a violation of the rule without actual damages.[1] From its 1998 enactment until last year, there were few GIPA cases, and they were largely focused on claims related to genetic testing companies.[2] More recently, plaintiffs have brought dozens of cases against employers alleging GIPA violations based on allegations of employers requesting family medical history through pre-employment physical exams. This article explores GIPA’s background, the current landscape and key issues, and considerations for employers.Continue Reading Employers Beware: New Wave of Illinois Genetic Information Privacy Act Litigation
Congressional Review Act Threat Looms Over Biden Administration Rulemakings
With the 2024 election rapidly approaching, the Biden Administration must race to finalize proposed agency actions as early as mid-May to avoid facing possible nullification if the Republican Party controls both chambers of Congress and the White House next year. This post summarizes the Congressional Review Act (“CRA”) which will apply to a number of U.S. federal rulemakings, including those related to privacy and cybersecurity.Continue Reading Congressional Review Act Threat Looms Over Biden Administration Rulemakings
Commissioner Remarks at FTC PrivacyCon 2024
The FTC convened its eighth annual privacy conference on March 6, 2024. The full transcript of the event can be found here. Both Chair Khan and Commissioner Bedoya provided remarks during the event that are likely to be considered provocative by many.Continue Reading Commissioner Remarks at FTC PrivacyCon 2024
OMB Publishes Request for Information on Agency Privacy Impact Assessments
On January 30, 2024, the U.S. Office of Management and Budget (OMB) published a request for information (RFI) soliciting public input on how agencies can be more effective in their use of privacy impact assessments (PIAs) to mitigate privacy risks, including those “exacerbated by artificial intelligence (AI).” The RFI notes that federal agencies may develop or procure AI-enabled systems from the private sector that are developed or tested using personal identifiable information (PII), or systems that process or use PII in their operation. Among other things, the RFI seeks comment on the risks “specific to the training, evaluation, or use of AI and AI-enabled systems” that agencies should consider in conducting PIAs of those systems. Continue Reading OMB Publishes Request for Information on Agency Privacy Impact Assessments
Trends in AI: U.S. State Legislative Developments
U.S. policymakers have continued to express interest in legislation to regulate artificial intelligence (“AI”), particularly at the state level. Although comprehensive AI bills and frameworks in Congress have received substantial attention, state legislatures also have been moving forward with their own efforts to regulate AI. This blog post summarizes key themes in state AI bills introduced in the past year. Now that new state legislative sessions have commenced, we expect to see even more activity in the months ahead.Continue Reading Trends in AI: U.S. State Legislative Developments
Department of Commerce Issues Proposed Rule to Regulate Infrastructure-as-a-Service Providers and Resellers
On January 29, 2024, the Department of Commerce (“Department”) published a proposed rule (“Proposed Rule”) to require providers and foreign resellers of U.S. Infrastructure-as-a-Service (“IaaS”) products to (i) verify the identity of their foreign customers and (ii) notify the Department when a foreign person transacts with that provider or reseller to train a large artificial intelligence (“AI”) model with potential capabilities that could be used in malicious cyber-enabled activity. The proposed rule also contemplates that the Department may impose special measures to be undertaken by U.S. IaaS providers to deter foreign malicious cyber actors’ use of U.S. IaaS products. The accompanying request for comments has a deadline of April 29, 2024.Continue Reading Department of Commerce Issues Proposed Rule to Regulate Infrastructure-as-a-Service Providers and Resellers