On December 13, 2023, the Federal Communications Commission (FCC) voted to update a 16-year-old privacy rule expanding breach notification requirements for telecommunications, interconnected Voice over Internet Protocol (VoIP), and telecommunications relay services (TRS). Under the new rule, these companies are
2023
How to Effectively Draft Data Processing Agreements to Protect Information Shared with Service Providers – Part 2
In our previous post, we discussed specific considerations for common boilerplate provisions in data processing agreements (DPAs). Due to the sensitivity of data transfers and privacy laws, DPAs require careful drafting to ensure the data processor complies with appropriate…
The EU’s AI Act: the position is agreed
In the early hours of the morning of Saturday 9 December 2023, the European Parliament (the Parliament) and the Council of the EU (the Council) reached an agreement on the outstanding points on the EU’s Regulation on artificial intelligence (AI…
How to Effectively Draft Data Processing Agreements to Protect Information Shared with Service Providers – Part 1
Modern businesses collect and process personal information about their customers and employees for the benefit of their business – these benefits include identifying opportunities to enhance their products or services, streamlining operations, reducing costs or maximizing profits. Processing such data…
California proposes rules for automated decision-making
On November 27, 2023, the California Privacy Protection Agency (“CPPA”) released a first draft of rules for automated decision-making technologies under California’s privacy law. The proposed rules revolve around providing notice of the technology’s use, opting out, and consumer access…
Managing AI risks and legal implications, effective cybersecurity, ensuring privacy and the integrity of organizational records
In a world where generative AI is driving innovation and technology is outpacing legislation, there’s a lot for companies to consider to maintain operational effectiveness and minimize risk. To help provide some guidance, Norton Rose Fulbright Canada hosted its 2023…
Artificial Intelligence (Regulation) Bill: UK Private Members’ Bill underscores wide-spread regulatory concerns
A Private Members’ Bill, the Artificial Intelligence (Regulation) Bill (the Bill), has been introduced into House of Lords (the UK’s upper House of the UK Parliament) and is currently at the second Parliamentary stage.
The King’s Speech, which…
PART II: Legislative advances in the world of artificial intelligence, Canada
On October 5, the Minister of Innovation, Science and Industry (ISED) wrote a letter to the Standing Committee on Industry and Technology proposing amendments to Artificial Intelligence and Data Act (AIDA), which was introduced as part of Bill C-27…
Advances in artificial intelligence legislation in Canada (Part I)
On September 27, the Minister of Innovation, Science and Industry released a voluntary code of conduct specific to generative AI. This GenAI code follows the proposed Artificial Intelligence and Data Act (AIDA), which was introduced as part of Bill…
US SEC charges SolarWinds and its CISO for alleged cybersecurity misstatements and controls failures
On October 30, 2023, the SEC announced charges against SolarWinds and its Chief Information Security Officer Timothy Brown.
Read our full analysis at www.nortonrosefulbright.com.
Special thanks to Law Clerk Ian Slingsby (Washington, DC) for his assistance in the…