Here are key highlights from August 2024 detailing global news and regulatory updates.
US & Canada
- California legislature passes controversial AI safety bill requiring companies making advanced AI models to test for potential harm to society and be able to shut down a covered model
- Illinois passes bill to regulate the use of AI in certain employment settings, adding to the list of US state laws that address AI
- Texas attorney general’s office recently active in enforcement, with USD 1.4 billion settlement against Meta and a lawsuit against General Motors for the sale of driving data without knowledge or consent
- US added to Switzerland’s list of companies with an adequate level of data protection, allowing for the secure transfer of personal data from Switzerland to certified US companies (also in EMEA)
EMEA
- EU European Commission to prioritize GDPR enforcement, with no plans to reopen the GDPR before 2028
- EU AI Act criticized by CEOs from Meta and Spotify, who claim the tech industry in Europe faces “overlapping regulations and inconsistent guidance”
- Israel’s Knesset approves comprehensive amendments to the Protection of Privacy Law, introducing a complex structure of fines for various obligations
- Moldova enacts a new data protection law, granting individuals greater control over their personal data (article in Romanian)
- Saudi Arabia’s data protection authority issues guidelines on drafting privacy notices
- Switzerland adds US to list of companies with an adequate level of data protection, allowing for the secure transfer of personal data from Switzerland to certified US companies (also in US & Canada)
- UK Information Commissioner’s Office publishes report on overcoming barriers to the adoption of privacy enhancing technologies (PETs)
Gain confidence to use and share sensitive data
Find out how our advisory services can help you safely leverage data derived from information about people. Watch this 15-minute webinar.
APAC
- New Zealand’s data protection authority receives 250 submissions on draft biometrics rules from the public and organizations
- Philippines’ data protection authority releases guidelines on the processing of personal data
- Taiwan unveils the draft of its AI governance framework, outlining the government’s fundamental position towards AI development
- Thailand publishes a notification on the deletion, destruction, and de-identification of personal information, making minor amendments to the legislation draft from June 2024
LATAM
- Brazilian regulation on international data transfers establishes procedures and rules for recognizing the adequacy of other countries, including standard contractual clauses (article in Portuguese)
- Chile approves the Personal Data Protection Law, updating current legislation and aligning with the GDPR (article in Spanish)
Global
- Multinational meeting with officials from a range of nations is held to address national security risks associated with connected vehicles