Recent enforcement actions by both state and federal law enforcement signal that companies that make or use artificial intelligence products are facing increased scrutiny under existing unfair and deceptive acts and practices laws. Several late-2024 examples present important insights for companies navigating how to effectively and legally implement artificial intelligence technologies in their businesses.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/10/MN-18359_Data-Matters_833x606-04-1.jpg607833Colleen Theresa Brownhttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngColleen Theresa Brown2024-12-10 10:57:462024-12-10 11:00:57Rising AI Enforcement: Insights From State Attorney General Settlement and U.S. FTC Sweep for Risk Management and Governance
Enacted in 2008, the Illinois Biometric Information Privacy Act (“BIPA”) regulates the collection and possession of biometric data by private entities operating in Illinois. Biometric data includes, for example, fingerprints, voiceprints, eye scans, and face/hand scans. Notably, BIPA establishes a private right of action, allowing any person to seek damages, attorneys’ fees, and injunctive relief if the person has been aggrieved by a BIPA violation. The statutory damages for BIPA violations are steep, including $1,000 to $5,000 per violation, attorneys’ fees and costs, and the possibility of injunctive relief.
In its 2024 fiscal year, the U.S. Securities and Exchange Commission brought over 130 enforcement actions against investment advisers and their representatives. This post highlights the key areas of focus and notable actions and litigation from the past fiscal year.
For the past few years, hundreds of companies have been caught in a wave of privacy class actions relying on decades-old wiretapping laws to attack modern website technologies and business tools. Last week, Massachusetts’s highest court engaged in a thorough assessment of that state’s wiretap law and rejected plaintiff’s argument that commonly used website advertising and analytical tools intercepted “communications” in violation of the law. The basis for the suit is not novel — hundreds of similar cases have been filed in the past few years. But the Supreme Judicial Court’s willingness to engage in a deep analysis of the wiretapping law early in the case is noteworthy.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Amy P. Lallyhttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngAmy P. Lally2024-10-30 09:45:592024-10-30 09:45:59Massachusetts’ Highest Court Signals Willingness to Scrutinize State Wiretapping Laws and Knock Out Claims at the Pleading Stage
On October 22, 2024, the U.S. Consumer Financial Protection Bureau (CFPB) issued a final rule under Section 1033 of the Consumer Financial Protection Act of 2010.1 The final rule includes several important changes from the proposed rule. This client alert focuses on those changes. For an analysis of the proposed rule, please see our Sidley Update here. The final rule also includes hundreds of pages of Supplementary Information that provide important insights into the manner in which the CFPB will enforce the final rule.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2024/10/MN-24013-Data-Matters-Blog-Imagery-Refresh_A_2.jpg606833Joel D. Feinberghttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngJoel D. Feinberg2024-10-28 16:04:302024-10-28 16:04:30CFPB Releases Final Rule on Personal Financial Data Rights
Yesterday, in Salazar v. National Basketball Association, the Second Circuit Court of Appeals reversed a district court’s dismissal of a putative class action under the Video Privacy Protection Act (VPPA), offering an interpretation of the VPPA’s definition of “consumer” that differs from how the majority of courts have used that term.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Amy P. Lallyhttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngAmy P. Lally2024-10-17 14:03:452024-10-17 14:03:45Second Circuit Offers Guidance on Meaning of “Consumer” Under the U.S. Video Privacy Protection Act
Digital health AI technologies are transforming the advancement of drug development and healthcare delivery at an unprecedented speed, backed by governments facilitating the momentum to improve healthcare for their growing populations. Sidley’s European life sciences lawyers Josefine Sommer, Eva von Mühlenen, and Francesca Blythe share a timely take on the top 5 life sciences industry trends being shaped by pioneering digital technologies. We are delighted to present a series of insightful interviews with leaders from a diverse digital health ecosystem giving their perspectives from Roche, Origen Genetics,FemTech Insights, Verge, Steto, and Clario.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2024/10/MN-24557_Sidley.com_Trends-European_Digital-Health-Market_819x500.jpg500819Josefine Sommerhttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngJosefine Sommer2024-10-09 14:22:302024-10-09 14:22:30Top Trends in the European Digital Health/AI Market
On September 23, 2024, the U.S. Department of Justice (DOJ) updated its Evaluation of Corporate Compliance Programs (the ECCP) to reflect DOJ’s evolving expectations with respect to corporate compliance programs, including how those programs appropriately address the compliance risks of new technology such as artificial intelligence (AI). While the ECCP is drafted as a guidance document for prosecutors to assess the effectiveness and adequacy of a company’s compliance program, the ECCP also is a tool for companies to conduct a similar assessment. With DOJ’s most recent update to this document, this tool now reflects DOJ’s focus on disruptive technology risks. This Update provides some general background on the ECCP and analyzes DOJ’s latest revisions to the ECCP, including the introduction of questions and considerations for companies concerning their use of new and emerging technology such as AI.
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok
Rising AI Enforcement: Insights From State Attorney General Settlement and U.S. FTC Sweep for Risk Management and Governance
Recent enforcement actions by both state and federal law enforcement signal that companies that make or use artificial intelligence products are facing increased scrutiny under existing unfair and deceptive acts and practices laws. Several late-2024 examples present important insights for companies navigating how to effectively and legally implement artificial intelligence technologies in their businesses.
(more…)
Colleen Theresa Brown
Washington, D.C.
cbrown@sidley.com
Christina C. Koenig
Dallas
christina.koenig@sidley.com
Benjamin M. Mundel
Washington, D.C.
bmundel@sidley.com
Lauren Freeman
San Francisco
lfreeman@sidley.com
Garrett Lance
Washington, D.C.
glance@sidley.com
Biometric Litigation Risks Endure Even Post BIPA Amendment
Enacted in 2008, the Illinois Biometric Information Privacy Act (“BIPA”) regulates the collection and possession of biometric data by private entities operating in Illinois. Biometric data includes, for example, fingerprints, voiceprints, eye scans, and face/hand scans. Notably, BIPA establishes a private right of action, allowing any person to seek damages, attorneys’ fees, and injunctive relief if the person has been aggrieved by a BIPA violation. The statutory damages for BIPA violations are steep, including $1,000 to $5,000 per violation, attorneys’ fees and costs, and the possibility of injunctive relief.
(more…)
Kathleen Carlson
Chicago
kathleen.carlson@sidley.com
Lawrence P. Fogel
Chicago
lawrence.fogel@sidley.com
Colleen Theresa Brown
Washington, D.C.
cbrown@sidley.com
Andrew F. Rodheim
Chicago
arodheim@sidley.com
FY2024 in Review: SEC Enforcement Actions Against Investment Advisers to Private Funds, Registered Funds, and Retail Clients
In its 2024 fiscal year, the U.S. Securities and Exchange Commission brought over 130 enforcement actions against investment advisers and their representatives. This post highlights the key areas of focus and notable actions and litigation from the past fiscal year.
Please click here to view the full Sidley Update.
W. Hardy Callcott
San Francisco
wcallcott@sidley.com
Stephen L. Cohen
Washington, D.C., Boston, ...
scohen@sidley.com
Chuck Daly
New York, Boston
cdaly@sidley.com
Ranah Esmaili
Washington, D.C.
resmaili@sidley.com
Lara Mehraban
New York
lmehraban@sidley.com
Ashley C. Pfeiffer
New York
apfeiffer@sidley.com
Sarah K. Gromet
New York
sgromet@sidley.com
Massachusetts’ Highest Court Signals Willingness to Scrutinize State Wiretapping Laws and Knock Out Claims at the Pleading Stage
For the past few years, hundreds of companies have been caught in a wave of privacy class actions relying on decades-old wiretapping laws to attack modern website technologies and business tools. Last week, Massachusetts’s highest court engaged in a thorough assessment of that state’s wiretap law and rejected plaintiff’s argument that commonly used website advertising and analytical tools intercepted “communications” in violation of the law. The basis for the suit is not novel — hundreds of similar cases have been filed in the past few years. But the Supreme Judicial Court’s willingness to engage in a deep analysis of the wiretapping law early in the case is noteworthy.
(more…)
Amy P. Lally
Century City
alally@sidley.com
Jack W. Pirozzolo
Boston
jpirozzolo@sidley.com
Ian M. Ross
Miami
iross@sidley.com
Colleen Theresa Brown
Washington, D.C.
cbrown@sidley.com
Sheri Porath Rockwell
Century City
sheri.rockwell@sidley.com
Kseniya K. Belysheva
Los Angeles
kbelysheva@sidley.com
CFPB Releases Final Rule on Personal Financial Data Rights
On October 22, 2024, the U.S. Consumer Financial Protection Bureau (CFPB) issued a final rule under Section 1033 of the Consumer Financial Protection Act of 2010.1 The final rule includes several important changes from the proposed rule. This client alert focuses on those changes. For an analysis of the proposed rule, please see our Sidley Update here. The final rule also includes hundreds of pages of Supplementary Information that provide important insights into the manner in which the CFPB will enforce the final rule.
(more…)
Joel D. Feinberg
Washington, D.C.
jfeinberg@sidley.com
David E. Teitelbaum
Washington, D.C.
dteitelbaum@sidley.com
Stanley J. Boris
Washington, D.C.
sboris@sidley.com
Second Circuit Offers Guidance on Meaning of “Consumer” Under the U.S. Video Privacy Protection Act
Yesterday, in Salazar v. National Basketball Association, the Second Circuit Court of Appeals reversed a district court’s dismissal of a putative class action under the Video Privacy Protection Act (VPPA), offering an interpretation of the VPPA’s definition of “consumer” that differs from how the majority of courts have used that term.
(more…)
Amy P. Lally
Century City
alally@sidley.com
Ian M. Ross
Miami
iross@sidley.com
Top Trends in the European Digital Health/AI Market
Digital health AI technologies are transforming the advancement of drug development and healthcare delivery at an unprecedented speed, backed by governments facilitating the momentum to improve healthcare for their growing populations. Sidley’s European life sciences lawyers Josefine Sommer, Eva von Mühlenen, and Francesca Blythe share a timely take on the top 5 life sciences industry trends being shaped by pioneering digital technologies. We are delighted to present a series of insightful interviews with leaders from a diverse digital health ecosystem giving their perspectives from Roche, Origen Genetics, FemTech Insights, Verge, Steto, and Clario.
(more…)
Josefine Sommer
Brussels
jsommer@sidley.com
Eva von Mühlenen
Geneva
emuhlenen@sidley.com
Francesca Blythe
London
fblythe@sidley.com
Compliance Programs Expected to Evolve With Technology: DOJ Updates Corporate Compliance Guidance to Include Artificial Intelligence
On September 23, 2024, the U.S. Department of Justice (DOJ) updated its Evaluation of Corporate Compliance Programs (the ECCP) to reflect DOJ’s evolving expectations with respect to corporate compliance programs, including how those programs appropriately address the compliance risks of new technology such as artificial intelligence (AI). While the ECCP is drafted as a guidance document for prosecutors to assess the effectiveness and adequacy of a company’s compliance program, the ECCP also is a tool for companies to conduct a similar assessment. With DOJ’s most recent update to this document, this tool now reflects DOJ’s focus on disruptive technology risks. This Update provides some general background on the ECCP and analyzes DOJ’s latest revisions to the ECCP, including the introduction of questions and considerations for companies concerning their use of new and emerging technology such as AI.
(more…)
Data Matters Contributors
sidleyprivacyblog@sidley.com
Upcoming Events
The Impacts of AI on the Power Sector and Related Regulatory Challenges
RSVP here.
Resources
Meet the Team
Kwaku A. Akowuah
kakowuah@sidley.com
Sheila A.G. Armbrust
sarmbrust@sidley.com
Francesca Blythe
fblythe@sidley.com
Colleen Theresa Brown
ctbrown@sidley.com
John M. Casanova
jcasanova@sidley.com
Thomas D. Cunningham
tcunningham@sidley.com
Sharon R. Flanagan
sflanagan@sidley.com
David A. Gordon
dgordon@sidley.com
Tomoki Ishiara
tishiara@sidley.com
Amy P. Lally
alally@sidley.com
David C. Lashway
dlashway@sidley.com
William RM Long
wlong@sidley.com
Joan M. Loughnane
jloughnane@sidley.com
Geeta Malhotra
gmalhotra@sidley.com
Glenn G. Nash
gnash@sidley.com
Rollin A. Ransom
rransom@sidley.com
Alan Charles Raul
araul@sidley.com
Jennifer B. Seale
jseale@sidley.com
Yuet Ming Tham
ytham@sidley.com
Jonathan M. Wilan
jwilan@sidley.com
John W. Woods Jr.
jwoods@sidley.com