Legislation

Earlier this month, lawmakers released a discussion draft of a proposed federal privacy bill, the American Privacy Rights Act of 2024 (the “APRA”).  While the draft aims to introduce a comprehensive federal privacy statute for the U.S., it contains some notable provisions that could potentially affect the development and use of artificial intelligence systems.  These provisions include the following:Continue Reading Certain Provisions in the American Privacy Rights Act of 2024 Could Potentially Affect AI

On March 7, Utah repealed and replaced its Social Media Regulation Act, which had previously been challenged in a pair of lawsuits by NetChoice and the Foundation for Individual Rights and Expression.  The replacement legislation is spread across two enacted bills, SB 194 and HB 464.  SB 194 contains the bulk of the legislation’s general provisions, while HB 464 includes a private right of action for certain harms associated with a minor’s use of algorithmically curated social media. We summarize below some of the key features of the new legislation, which will go into effect on October 1, 2024.Continue Reading Utah Repeals and Replaces Social Media Regulation Act

On February 14, 2024, Nebraska enacted a genetic privacy law (LB 308) regulating direct-to-consumer (“DTC”) genetic testing companies. The law is one of a flurry of bills regarding DTC genetic testing that have been introduced in several states since the beginning of 2024, following the enactment of several DTC genetic testing laws in 2023, such as in Virginia.Continue Reading Nebraska Enacts Direct-to-Consumer Genetic Privacy Law as Several Other States Propose Similar Bills at the Start of 2024

New Jersey and New Hampshire are the latest states to pass comprehensive privacy legislation, joining California, Virginia, Colorado, Connecticut, Utah, Iowa, Indiana, Tennessee, Montana, Oregon, Texas, Florida, and Delaware.  Below is a summary of key takeaways. Continue Reading New Jersey and New Hampshire Pass Comprehensive Privacy Legislation

On September 8, 2023, Senators Richard Blumenthal (D-CT) and Josh Hawley (R-MO), Chair and Ranking Member of the Senate Judiciary Subcommittee on Privacy, Technology, and the Law, announced a new bipartisan framework for artificial intelligence (“AI”) legislation.  Senator Blumenthal said, “This bipartisan framework is a milestone – the first tough, comprehensive legislative blueprint for real, enforceable AI protections. It should put us on a path to addressing the promise and peril AI portends.” He also told CTInsider that he hopes to have a “detailed legislative proposal” ready for Congress by the end of this year.Continue Reading Senators Release Bipartisan Framework for AI Legislation

On April 11, the Indiana legislature passed comprehensive state privacy legislation in the form of S.B. 5. S.B. 5 shares similarities with the state privacy laws in Virginia, Connecticut, Colorado, Utah, and most recently Iowa.  If signed into law, S.B. 5 would take effect on January 1, 2026.  This blog post summarizes the statute’s key takeaways.Continue Reading Indiana Passes Comprehensive Privacy Statute

On March 15th, the Iowa legislature passed S.F. 262 (the “ICDPA”), making it the sixth U.S. state to pass a comprehensive state privacy statute.  The Iowa statute most closely resembles the Utah Consumer Privacy Act (“UCPA”), though it also shares some similarities with the approaches adopted in Virginia, Colorado, and Connecticut.  The statute will next go to the governor’s desk for signature.  If signed into law, the ICDPA would take effect on January 1, 2025.Continue Reading Iowa Passes Comprehensive Privacy Statute

On February 24, Congressman Patrick McHenry (NC-10) formally introduced his bill to modernize the Gramm-Leach-Bliley Act (“GLBA”) in the House as H.R. 1165.  The bill was first released as a discussion draft in June 2022, although the latest version reflects a number of updates as compared to the initial discussion draft.  The bill has

On December 1, 2022, a committee of the Brazilian Senate presented a report (currently available only in Portuguese) with research on the regulation of artificial intelligence (“AI”) and a draft AI law (see pages 15-58) (“Draft AI Law”) that will serve as the starting point for deliberations by the Senate on new AI legislation.  When preparing the 900+ page report and Draft AI Law, the Senate committee drew inspiration from earlier proposals for regulating AI in Brazil and its research into how OECD countries are regulating (or planning to regulate) in this area, as well as inputs received during a public hearing and in the form of written comments from stakeholders.  This blog posts highlights 13 key aspects of the Draft AI Law.Continue Reading Brazil’s Senate Committee Publishes AI Report and Draft AI Law