As 2021 comes to a close, we will be sharing the key legislative and regulatory updates for artificial intelligence (“AI”), the Internet of Things (“IoT”), connected and automated vehicles (“CAVs”), and privacy this month.  Lawmakers introduced a range of proposals to regulate AI, IoT, CAVs, and privacy as well as appropriate funds to study developments in these emerging spaces.  In addition, from developing a consumer labeling program for IoT devices to requiring the manufacturers and operators of CAVs to report crashes, federal agencies have promulgated new rules and issued guidance to promote consumer awareness and safety.  We are providing this year-end round up in four parts.  In this post, we detail IoT updates in Congress, the states, and federal agencies.

Part IV: Internet of Things

This quarter’s IoT-related Congressional and regulatory updates ranged from promoting consumer awareness to bolstering the security of connected devices.  In particular, the Federal Communications Commission (“FCC”) has taken a number of actions to promote the growth of IoT while the National Institute of Standards and Technology (“NIST”) continues to work to fulfill its obligations under President Biden’s May Executive Order on Improving the Nation’s Cybersecurity (“EO”).  The IoT Cybersecurity Improvement Act of 2020 (H.R.1668) additionally tasked NIST with developing security standards and guidelines for the federal government’s IoT devices.  This year NIST put out a number of reports to carry out this mandate, including guidance documents to assist federal agencies with evaluating the security capabilities required in their IoT devices (NIST SP 800-213).
Continue Reading U.S. AI and IoT Legislative Update – Year-End 2021

 As 2021 comes to a close, we will be sharing the key legislative and regulatory updates for artificial intelligence (“AI”), the Internet of Things (“IoT”), connected and automated vehicles (“CAVs”), and privacy this month.  Lawmakers introduced a range of proposals to regulate AI, IoT, CAVs, and privacy as well as appropriate funds to study developments in these emerging spaces.  In addition, from developing a consumer labeling program for IoT devices to requiring the manufacturers and operators of CAVs to report crashes, federal agencies have promulgated new rules and issued guidance to promote consumer awareness and safety.  We are providing this year-end round up in four parts.  In this post, we detail CAV updates in Congress and federal agencies.

Continue Reading U.S. AI and IoT Legislative Update – Year-End 2021

As 2021 comes to a close, we will be sharing the key legislative and regulatory updates for artificial intelligence (“AI”), the Internet of Things (“IoT”), connected and automated vehicles (“CAVs”), and privacy this month.  Lawmakers introduced a range of proposals to regulate AI, IoT, CAVs, and privacy as well as appropriate funds to study developments in these emerging spaces.  In addition, from developing a consumer labeling program for IoT devices to requiring the manufacturers and operators of CAVs to report crashes, federal agencies have promulgated new rules and issued guidance to promote consumer awareness and safety.  We are providing this year-end round up in four parts.  In this post, we detail data privacy updates in Congress and federal agencies.
Continue Reading U.S. AI and IoT Legislative Update – Year-End 2021

As 2021 comes to a close, we will be sharing the key legislative and regulatory updates for artificial intelligence (“AI”), the Internet of Things (“IoT”), connected and automated vehicles (“CAVs”), and privacy this month.  Lawmakers introduced a range of proposals to regulate AI, IoT, CAVs, and privacy as well as appropriate funds to study developments in these emerging spaces.  In addition, from developing a consumer labeling program for IoT devices to requiring the manufacturers and operators of CAVs to report crashes, federal agencies have promulgated new rules and issued guidance to promote consumer awareness and safety.  We are providing this year-end round up in four parts.  In this post, we detail AI updates in Congress, state legislatures, and federal agencies.
Continue Reading U.S. AI and IoT Legislative Update – Year-End 2021

On August 27, 2021, Illinois Governor J.B. Pritzker signed into law the Protecting Household Privacy Act (“PHPA”).  The law governs how, and under what conditions, Illinois law enforcement agencies may acquire and use data from household electronic devices, commonly referred to as “smart devices” or the “internet of things.”  The PHPA will go into effect

On Episode 16 of Covington’s Inside Privacy Audiocast, Dan CooperYan Luo and Zhijing Yu discuss the implications of China’s Personal Information Protection Law (PIPL) for companies with data or doing business in China. The law, which entered into force on November 1, is the first comprehensive personal information protection law in China and

Last week, the Ninth Circuit held in United States v. Wilson, No. 18-50440, 2021 WL 4270847, that a law enforcement officer violated a criminal defendant’s Fourth Amendment rights when he opened images attached to the defendant’s emails without a warrant, even though the images had previously been flagged as child sexual abuse materials (“CSAM”) by Google’s automated CSAM-detection software.  The court based its ruling on the private search exception to the Fourth Amendment, which permits law enforcement to conduct a warrantless search only to the extent the search was previously conducted by a private party.  Because no individual at Google actually opened and viewed the images flagged as CSAM, the court held that law enforcement “exceeded the scope of the antecedent private search,” thereby “exceed[ing] the limits of the private search exception.”  Op. at 20-21.

Continue Reading Ninth Circuit’s Interpretation of Private Search Exception to the Fourth Amendment Contributes to “Growing Tension” Among Circuit Courts

As COVID-19 vaccination becomes required in more personal and professional contexts, several different frameworks have emerged that propose both guiding principles and technical requirements for vaccine verification systems, including those developed by the World Health Organization (WHO) and the Good Health Pass Collaborative (GHPC).
Continue Reading COVID-19 Vaccine Verification Frameworks: Emerging Standards Seek to Balance Privacy Concerns With Public Health Benefits

On Aug. 20, 2021, the Standing Committee of China’s National People’s Congress promulgated China’s Personal Information Protection Law, which will take effect Nov. 1, 2021. Serving as China’s first comprehensive law in the personal information protection area and based on China’s Constitution, the PIPL aims to “protect the rights and interests of individuals,” “regulate personal information processing activities,” and “facilitate reasonable use of personal information” (Article 1).
Continue Reading Analyzing China’s PIPL and How It Compares to the EU’s GDPR