White House Publishes In-Depth Guidance on the Use of Automated Systems and Recognizes Privacy as Foundational Principle of Framework

On October 4, 2022, the White House Office of Science and Technology Policy published The Blueprint for an AI Bill of Rights: Making Automated Systems Work for the American People (the “AI Blueprint”). The AI Blueprint outlines non-binding guidelines for the development and deployment of automated systems and is the culmination of a year-long process of public engagement and deliberation.

(more…)

, , ,

UK Consults on Algorithmic Processing

Algorithms touch upon multiple aspects of digital life, and their use potentially falls within several separate – though converging – regulatory systems. More than ever, a ‘joined up’ approach is required to assess them, and the UK’s main regulators are working together to try to formulate a coherent policy, setting an interesting example that could be a template for global approaches to digital regulation. (more…)

, , , , , , , ,

National AI Strategy: The UK Government Publishes Its Artificial Intelligence Strategy for the Next Decade

On 22 September 2021, the UK Government (the “Government”) published its Artificial Intelligence (“AI”) strategy. The paper outlines the Government’s plan to make Britain a “global superpower” in the AI arena, and sets out an agenda to build the most “pro-innovation regulatory environment in the world”. This post highlights some of the key elements from the UK AI strategy. Significantly, the UK’s proposed approach may diverge in some respects from the EU’s GDPR. For example, the UK strategy includes consideration of whether to drop Article 22’s restrictions on automated decision-making, and whether to maintain the UK’s current sectoral approach to AI regulation.  The UK will publish a White Paper on regulating AI in early 2022, which will provide a basis for further consultation and discussion with interested or affected groups before draft legislation is formally presented to the UK Parliament. (more…)

, , , ,

SEC Fines Alternative Data Provider for Securities Fraud

On September 14, 2021, the U.S. Securities and Exchange Commission (SEC) settled an enforcement action against App Annie Inc., an alternative data provider for the mobile app industry, and its former CEO Bertrand Schmitt. The SEC charged App Annie and Schmitt with securities fraud, under Section 10(b) of the Securities Exchange Act of 1934 and Rule 10b-5, for engaging in deceptive practices and materially misrepresenting how App Annie derived its alternative data, thereby inducing trading firms to become subscribers to use App Annie’s data in their decisions to buy and sell securities.  (more…)

, , , , ,

Federal Trade Commission Hosts Panels Related to Consumer Privacy and Data Security at PrivacyCon

This summer, the Federal Trade Commission (“FTC”) hosted its sixth annual PrivacyCon, an event focused on the latest research and trends related to consumer privacy and data security. This years’ event was divided into six panels: Algorithms; Privacy Considerations and Understandings; Adtech; Internet of Things; Privacy-Children and Teens; and, Privacy and the Pandemic. Welcoming attendees and kicking off the event, Commissioner Rebecca Kelly Slaughter called for minimization of data abuses and for a move away from the notice and consent model of privacy in favor of data minimization. PrivacyCon topics are selected by the FTC and often seen as an indication of enforcement priorities. (more…)

, , , , , , , , ,

European Commission Publishes Details of its Forthcoming Data Act

The European Commission has formally launched its legislative initiative aimed at increasing access to and further use of data, so that more public and private actors can benefit from technologies such as Big Data and machine learning. The Commission has published its inception impact assessment on the forthcoming Data Act, on which interested stakeholders can submit comments until 25 June 2021. In parallel, the Commission has launched a public consultation for the legislative initiative, to be conducted by an online questionnaire, with a deadline of 3 September 2021. Feedback will be taken into account for further development and fine tuning of the initiative to be tabled in Q3-Q4 2021.

(more…)

, , , , , , , , ,

Using Data De-Identification to Protect Companies

Many companies hope to benefit from amassing large amounts of data by mining it for market insights, creating internal business models, and supporting strategic, data-driven decisions. But as companies collect and store increasingly enormous volumes of data, they may unknowingly take on significant legal risks, including potential violations of data privacy laws and increased exposure to U.S. litigation discovery obligations. One way that businesses can mitigate these risks is to de-identify the data they collect and store.

(more…)

, , , , ,

A Digital Europe – Digital Health and other Recent EU Data Initiatives

Taking a step into the digital age, the European Commission announced that the 2020s shall become the EU’s Digital Decade.  The EU’s digitalization, including in the area of health, is one of the Commission’s key priorities and covers a wide range of actions and related initiatives.

Building on prior initiatives, in 2019 the Commission announced six key priorities (since supplemented by the COVID-19 recovery plan) that would shape the coming five years of policy making.  One of these six key priorities is to create a Europe fit for the digital age and work on a digital strategy that will empower people with a new generation of technologies.

(more…)

, , , , , , , ,

Big Data: Legal and Compliance Considerations for Investment Managers

Sidley Partners Nathan J. Greene and Colleen Theresa Brown are co-authors of a new chapter of the PLI treatise Investment Adviser Regulation: A Step-by-Step Guide to Compliance and the Law focusing on legal and compliance considerations for use of Big Data.  The chapter examines the expanding range of topics facing investment management lawyers and compliance professionals, as well as the attendant legal and operational risks.  The chapter includes an introduction to the concepts of data, alternative data, big data and artificial intelligence; examples of an organization’s data users, likely sources of data, and organizational controls for data collection and processing; and a review of the ways different types of data are regulated.

(more…)

, , , , ,

Regulatory Update: NAIC Summer 2020 National Meeting

The National Association of Insurance Commissioners (NAIC) held its Summer 2020 National Meeting (Summer Meeting) from July 27 to August 14, 2020. As a result of the COVID-19 pandemic, the NAIC held the Summer Meeting in a virtual format, with conference calls taking place over a three-week period. Despite not being able to meet in-person, the NAIC utilized the Summer Meeting as an opportunity to host conversations among insurance regulators, industry members and consumers regarding recent events, including the impact of COVID-19 on the insurance industry as well as racial inequality and the promotion of diversity in the insurance industry. (more…)

, , , ,