FTC Announces it May Pursue Rulemaking to Combat Discrimination in AI
On December 10, the Federal Trade Commission (FTC) announced it is considering a rulemaking on commercial Artificial Intelligence (AI). The purpose of the rulemaking, according to an advanced notice of proposed rulemaking (ANPRM) titled “Trade Regulation in Commercial Surveillance,” would be “to curb lax security practices, limit privacy abuses, and ensure that algorithmic decision-making does not result in unlawful discrimination.”
While not formally part of the rulemaking process mandated by the Administrative Procedure Act, advanced notices allow agencies to solicit public comment before drafting more specific proposals. The FTC has not yet issued privacy or artificial intelligence rules, though it has indicated that such rulemaking is on the horizon. The December 10 ANPRM is another signal that the FTC is gearing up to develop substantive privacy guidelines. (more…)
SEC Announces Long-Awaited Updates to Broker-Dealer Recordkeeping Requirements
In a much anticipated (and, to many, long overdue) release published in mid-November, the U.S. Securities and Exchange Commission (SEC) proposed to update its decades-old recordkeeping requirements for broker-dealers to, among other things, allow for electronic records to be retained in a manner other than “exclusively in a non-rewriteable, non-erasable format” (aka write once, read many, or WORM). The proposal would allow electronic records to be retained, as an alternative to WORM, using an audit-trail methodology.
Meru Data Podcast Features Sidley Associate Lauren Kitces
Sidley associate Lauren Kitces was featured on Simplify For Success, a podcast series presented by Meru Data and hosted by Priya Keshav. The discussion covered upcoming U.S. privacy laws and key considerations for organizations as they prepare for these laws. (more…)
A Software Primer For Attorneys After Cyber Executive Order
When President Joe Biden issued his major cybersecurity executive order on May 12, a White House press briefing said the order would invoke:
“the power of federal procurement to say, “If you’re doing business with us, we need you to practice really good — really good cybersecurity. And, most importantly, we really need you to focus on secure software development.” (more…)
How to Mitigate Corporate Risk and Respond to Crises
Recent events have given the term “corporate crisis” a whole new meaning. From cyberattacks and pandemic disruptions to political divisions and tweets that go viral, companies are being challenged in ways they never have before. How should they respond in a fast-moving crisis? (more…)
All Buttoned Up: The California AG Proposes Additional CCPA Regulations
On December 10, 2020, the California Attorney General (“AG”) proposed additional edits to the CCPA Regulations. These changes both build upon the updates that were proposed on October 12, 2020, and add some new content. All of the newly proposed changes relate to the right to opt-out of the sale of personal information.
Swiss Data Protection Authority Concludes Swiss-US Privacy Shield No Longer Valid for Swiss-US Transfers
Following the Court of Justice of the European Union’s (“CJEU”) decision in Data Protection Commissioner v Facebook Ireland Ltd and Maximillian Schrems (“Schrems II”), the Swiss Federal Data Protection and Information Commissioner (“FDPIC”) concluded in a position paper published on 8 September that the Swiss-US Privacy Shield no longer provides a valid mechanism for the transfer of personal data from Switzerland to the US.
Privacy and Cybersecurity Roundtable: Monitor-Side Chat Series
These informal video chats, moderated by Sidley partner Alan Raul, are designed to help fill the COVID-19 induced privacy discussion drought. We look forward to hearing what is on the mind of key data protection and cybersecurity thought leaders from both public and private sectors. Each chat will be relatively brief, leaving some time to address participant questions via our virtual space. Please feel free to suggest any topics you would be interested to hear addressed by contacting dcevents@sidley.com.