The members of the Australian Digital Platform Regulators Forum solidified their goals and priorities for 2024-2026 after a meeting in mid-July. Their plan includes a focus on building regulatory capacity, increasing collaboration to help members provide uniform enforcement, and to engage in more proactive education and outreach.Full story
The U.S. House Committee on Financial Services held a hearing with housing and financial sector stakeholders to explore the impacts of artificial intelligence and potential approaches to establish a federal regulatory framework. IAPP Staff Writer Caitlin Andrews recaps the discussions and the varying viewpoints on the future of U.S. AI regulation. Full story
Business associate agreements with covered entities under the U.S. Health Insurance Portability and Accountability Act can create a noncompliant situation if the entity is looking to use a vendor's online tracking technology for marketing purposes, former Medline Industries Privacy Counsel and HIPAA privacy official John Haskell, CIPT, writes.
The introduction of concepts for data fiduciary and significant data fiduciary is one of the many key elements presented within India's Digital Personal Data Protection Act. Several obligations are tied to each role, including required data audits. Samvad Partners Partner Nivedita Nivargi, Principal Associate Kevin Robin and Senior Associate Saurabh Roy explain data audits under the law and how significant fiduciaries must approach them. Editor's note: This is the eighth in a 10-part series on the operational impacts of India's DPDPA.
South Korea's Personal Information Protection Commission announced a KRW1.978 billion fine against online retailer AliExpress related to alleged violations of international data transfer rules under the Personal Information Protection Act. An investigation showed South Koreans' personal data was being shared with approximately 180,000 Chinese companies without consent or legal basis for processing.
The High Court of Kenya paused the national digital identification system after advocacy groups claimed the program does not have the appropriate safeguards to protect citizens' personal data, Biometric Update reports. The court will decide in September if the Maisha Namba program's policies and use of biometric data are unconstitutional.Full story
Adult content platform Pornhub filed an appeal with the Court of Justice of the European Union to oppose the Digital Services Act's natural names requirement, Euractiv reports. The DSA rule requires digital platforms to use content creators' real names for advertising repositories.
The development of large language models is raising questions over the legal basis for artificial intelligence developers using personal data in the training of their models.
The recently issued regulation outlining the role of a data protection officer under Brazil's General Data Protection Law was a key step in advancing the regulatory agenda of the Autoridade Nacional de Proteção de Dados for the 2023-2024 biennium, Organon & Co. Privacy and Data Protection Associate Director Guilherme Peretti, CIPP/E, CIPP/US, CIPM, FIP, CDPO/BR, writes.
The National Society for the Prevention of Cruelty to Children claimed Apple did not report child sexual abuse material on its iCloud, Facetime and iMessaging platforms, the Guardian reports. The NSPCC said Apple allegedly significantly undercounted the amount of CSAM material on its platforms. Full story