After trying artificial intelligence-powered avatar application Lensa, MIT Technology Review Senior Reporter Melissa Heikkila said it produced nonconsensual explicit photos of her. Heikkila reported Lensa generates avatars using open-source AI model Stable Diffusion that was built from LAION-5B, which is a data set containing scraped images from the internet.
MediaPost reports 23 consumer advocacy groups wrote to U.S. House Speaker Nancy Pelosi, D-Calif., calling for a floor vote on the proposed American Data Privacy and Protection Act in the final legislative window of 2022. The groups indicated a "narrow window" is available and "the time is now to pass a comprehensive federal privacy law." Public Knowledge Senior Policy Counsel Sara Collins said a House approval would likely be "overwhelmingly bipartisan," which could "change the calculation" for Senate consideration.
New compromise amendments to the Artificial Intelligence Act, excluding general-purpose AI from high-risk systems, have been released, Euractiv reports. The 10th round of compromise amendments is expected to be discussed Dec. 14. AI systems are considered high risk if their failure or malfunction puts individuals health, safety or fundamental rights at risk. Additional wording states the high risk categorization only applies to systems with an intended purpose.
François Pellegrini, the rapporteur for France’s data protection authority, the Commission nationale de l'informatique et des libertés, recommended a 6 million euro fine for Apple's alleged breach of privacy rules, Reuters reports. Lobby group France Digitale originally lodged the complaint against Apple.Full Story
In this week’s Global News Roundup, the Court of Justice of the European Union denied Meta’s challenge of an Irish Data Protection Commission fine. The European Commission is anticipated to release its adequacy decision on EU-U.S. in short order. And Japan and the U.K. reached an agreement on a new digital partnership. (IAPP member exclusive.)Full Story
International leaders in cybersecurity and privacy are calling for the EU, U.K. and U.S. to better sync their data breach reporting requirements, The Wall Street Journal reports. Multinational companies claim reporting requirements that vary by jurisdiction can create compliance issues. U.S. National Cyber Director Chris Inglis said reporting requirements should be synchronized within U.S. government agencies. U.S.
The European Data Protection Board released the agenda for its Dec. 13 and 14 plenary session. The board will discuss the European Union General Court’s decisions regarding the EDPB’s binding decisions against Meta Platforms’ WhatsApp and Instagram.
The European Commission announced a public consultation toward the drafting of an implementing regulation for the Digital Markets Act. The draft regulation pertains to obligations and procedures under Article 46 of the DMA. The commission is seeking comment on notifications and submissions for commission requests under the law, rules for opening DMA proceedings and timeframes for proceedings. The comment deadline is Jan.
The provision in India’s proposed Digital Personal Data Protection Bill allowing transborder data flows to “certain notified countries” could “reinvigorate digital trade” between India, the EU and the U.S., Atlantic Council’s South Asia Center nonresident fellow Anand Raghuraman writes. India’s prior insistence on data localization requirements was part of the reason why it refused to sign onto the G-20 Osaka Track declaration and did not agree to the data-sharing pillar of the U.S.-led Indo-Pacific Economic Framework.
The U.K. Information Commissioner's Office created design tests to help designers assess whether products or services likely to be accessed by children comply with the Children's Code.