12 Days of Data

Subscribe to 12 Days of Data

Looking back on 2023, the trend of privacy-based class actions has only increased, and it doesn’t seem poised to halt or even slow down in the new year. Businesses are feeling acutely the threat of future litigation. At the end of 2022, the hundreds of cross-industry respondents to the Annual Litigation Trends Survey cited cybersecurity, data protection, and data privacy as the second-highest ranked area of future concern for class actions, and their concerns turned out to be justified. From peeved Pixel plaintiffs to data breach defendants, class actions abounded this year.Continue Reading Dashing Through 2023’s Privacy Litigation Trends

While the Illinois Biometric Information Privacy Act (“BIPA”) is “of 2008,” only in the past few years has BIPA litigation exploded at a pace likely to continue.  BIPA generally requires companies that collect biometric information or identifiers in Illinois to adhere to certain practices, including providing a public privacy policy; obtaining written consent before collection; abstaining from the sale of, or other profiting from, biometric data; disclosing biometric data only with prior consent; and maintaining security measures to protect biometric data.  The growing wave of BIPA litigation has helped clarify certain aspects of the Act while bringing others into question, as amendments may further alter the legal landscape. Continue Reading Illinois’s Biometric Information Privacy Act: A Reflection on 2023

In a Law360 article, co-authored by data, privacy & cybersecurity partner Fran Faircloth and associate May Yang, the team reflect on 2023 Global AI highlights, noting “2023 stands out as a landmark year for artificial intelligence and for generative AI in particular.”

“The launch of OpenAI’s ChatGPT in late 2022 marked a turning point, igniting a global race among tech companies and investors to harness and evolve this burgeoning technology,” said Fran and May. This development brings a myriad of legal implications, touching on intellectual property challenges, data privacy and cybersecurity risks, and ethical considerations in AI Deployment.Continue Reading Reviewing 2023’s Global AI Landscape Across Practice Areas

2023 was the year of artificial intelligence — and 2024 is already shaping up to be more (much more) of the same.  The European Union’s legislative bodies passed the AI Act earlier this month, and although the text has yet to be finalised on the world’s first comprehensive AI law, the hype around it already feels unstoppable.  That hype will turn into hard work over the next 12 months, as organisations grapple with understanding their obligations under the Act and putting in a governance framework that meets those obligations.  Needless to say, it will not be an easy task.Continue Reading The Three European Union Laws That Need Your Attention in 2024

What has often been considered to be one of the most heavily litigated privacy laws over the last decade, the Telephone Consumer Protection Act’s (“TCPA”) applicability (or lack thereof) to many modern text message dialing technologies has been significantly curtailed as a result of the United States Supreme Court’s narrow definition of what constitutes an automatic telephone dialing system (“ATDS”) in Facebook v Duguid. However, this is still a very active area, and we expect 2024 to reshape the contours of TCPA litigation. In this post, we provide a summary of noteworthy developments in federal and state telemarketing privacy laws as well as our predictions on what may be around the corner in 2024.Continue Reading You Better Watch Out, You Better Not Cry…Telemarketing Changes Are Coming to Town in 2024

The past year has seen unprecedented growth and development of artificial intelligence (“AI”) tools, which have been significantly propelled by the rapid deployment of generative AI (“GenAI”) tools.  The health care and life sciences industries have increasingly sought the use of AI and GenAI tools to promote innovation, efficiency and precision in the delivery of treatment and care, as well as in the production of biologics and medical devices.  For example, AI tools may more accurately predict and analyze diagnostic test results and develop personalized treatments than traditional tools; may improve clinical trial design, eligibility screening and data analysis; may be used as a diagnostic tool in a clinical trial designed to assess the safety or efficacy of a medical device; and may be used to accelerate the drug development timeline.  While such uses raise inherent concerns regarding, among other things, the improper use and/or disclosure of personal information, the introduction and/or perpetuation of bias and discrimination, as well as data security, reliability, transparency and accuracy, there is currently no developed federal or cohesive state regulatory framework designed to minimize such risks.  Continue Reading The 2023 AI Boom Calls for Further Regulation of the Use of AI Tools in the Health Care and Life Sciences Industries

Decisions, decisions.  We are deluged by decisions.  What present should I buy?  Is the small cheese plate enough for my party guests, or should I go with the large?  How much of my bonus should I set aside for retirement this year, or should I up my charitable giving? 

Wouldn’t it be nice if we could all get a little technological assistance in making choices this holiday season?Continue Reading Jingle All the Algorithms: Automated Decisionmaking Amidst a Blizzard of State Privacy Laws

Earlier this year, the UK government released an AI white paper outlining its light-touch, pro-business proposal to AI regulation. Eight months on, and the UK appears to be sticking firm with this approach, with Jonathan Camrose (UK First Minister for AI and Intellectual Property) stating in a speech on 16 November 2023 that there will be no UK law on AI ‘in the short term’.

This stance has been taken in spite of the developments being made around the world in this area. The EU for example, by contrast, continues to make significant steps towards finalization and implementation of its landmark AI Act, with policy-makers announcing that they had come to a final agreement on the Act on 8 December 2023. Progress has also been made across the pond with President Biden issuing the executive order on Safe, Secure and Trustworthy Artificial Intelligence on 30 October 2023, with the intention of cementing the US as a world leader in the field. The UK’s reluctance to regulate in this area has been criticised by some as not addressing consumer concerns – but will this approach continue into 2024?Continue Reading AI Regulation in 2024 – Will The UK Continue to Remain The Outlier?

Not that long ago, financial sector regulations seldom mentioned cybersecurity expressly, instead addressing the issue indirectly through restrictions focused on general system safeguards and omnibus reporting requirements. Gone are those days. Over the past few years, federal and state regulators have increased focus on information security issues impacting financial institutions, introducing a spate of cyber rules that often include stringent regulatory reporting and disclosure requirements. This year was no different.Continue Reading Making a List and Checking it Twice: The Impact of Cybersecurity Regulations on Financial Services in 2023

Last holiday season, we were looking under the tree to see if President Biden and the U.S. Congress would leave the gift of a new national children’s online privacy and safety law—and whether it would turn out to be a welcome surprise or a lump of coal. It was widely reported that a group of senators were pushing to include the Children and Teens’ Online Privacy Protection Act (“COPPA 2.0”) and the Kids Online Safety Act (“KOSA”) in the fiscal year 2023 funding bill. However, once everything was unwrapped, the bills were pulled from the funding package.Continue Reading Naughty or Nice: Children’s Online Privacy and Safety Developments and Expectations