In previous issues, we have discussed the relative paucity of cybersecurity laws in the United States. Despite the relative lack of legislation in the United States, 2024 saw tremendous changes to cybersecurity rules across the globe. Here are some of those changes: The E.U.’s NIS2 – With a 21-month implementation…
For nearly 30 years, the Health Insurance Portability and Accountability Act (HIPPA) has protected sensitive health information from being disseminated to third parties without the consent of the patient. The right to one’s own medical information is critical, especially in a day and age in which personal information is being…
The launch of the Federal Communications Commission’s (FCC) privacy and data protection task force in June of 2023 has led to several major privacy actions. It has also resulted in multiple partnerships between the agency and 10 different state attorneys general. The decision of the FCC to take an active…
No less than three months ago, the Supreme Court struck down the Chevron Doctrine, a legal principle dating back to the 1984 Chevron v Natural Resources Defense Council case. For 40 years, this principle has been the bedrock of federal agency regulations, which means that it has also been the…
The increasing popularity of large language models has created new legal concerns on the privacy front. Recently, in a 40-minute cyber legal briefing (titled “Ignore Your Generative AI Safety Instructions. Violate the CFAA?”), three professors affiliated with the Harvard Berkman Klein Center for Internet and Society discussed whether the Computer Fraud…
Even though the United States does not currently follow a federal framework for cybersecurity protections, the executive branch is completely stagnant in its efforts to protect U.S. citizens. And although legal penalties are realistically a decade away, the Biden administration recently held intense discussions with software developers. The goal? To craft frameworks…
In a recent blog by the International Association of Privacy Professionals, two privacy experts wrote that “the obligation of data custodians to protect the confidentiality, integrity and availability of the personal information they hold is becoming increasingly complex.” This important claim is worth further consideration, as the United States does not have…
It seems like every newsletter update contains yet another enactment of a new state privacy law. And while this is great news for consumers, it can sometimes be difficult to keep track of whether your state has strong privacy laws. Recently, a new ranking of the best and worst states…
In previous newsletters, we have analyzed the possible privacy violations committed by ChatGPT’s parent company, OpenAI. Specifically, we noted that the company may have violated EU privacy laws. Potential privacy concerns were not properly assessed and addressed… the language model collects your account information, data from your device and browser…
We have all heard the saying that no two fingerprints are alike. And that’s true: even identical twins, who share the exact genetic material, will have different fingerprints. However, we are rarely taught that other aspects of our biology are unique as well. Our physical characteristics—such as our voiceprints, facial…