One of our recent posts discussed the uptick in AI risks reported in SEC filings, as analyzed by Arize AI. There, we highlighted the importance of strong governance for mitigating some of these risks, but we didn’t address the specific risks identified in those SEC filings. We discuss them briefly here as they are risks
Workplace Privacy, Data Management & Security Report
Blog Authors
Latest from Workplace Privacy, Data Management & Security Report
DOL Expands Fiduciary Obligations for Cybersecurity to Health and Welfare Plans
A little more than three years ago, the U.S. Department of Labor (DOL) posted cybersecurity guidance on its website for ERISA plan fiduciaries. That guidance extended only to ERISA-covered retirement plans, despite health and welfare plans facing similar risks to participant data.
Last Friday, the DOL’s Employee Benefits Security Administration (EBSA) issued Compliance Assistance Release…
The Spotlight Shines Even Brighter: New York Attorney General Publishes Guidance On Businesses’ Use Of Website Tracking Technologies
Organizations across the spectrum rely heavily on website tracking technologies to understand user behavior, enhance customer experience, and drive growth. The convenience and insights these technologies offer come with a caveat, however: They can land your organization in hot water if not managed in careful compliance with fast-evolving law.
Recent history is rife with litigation…
Out of Sync: Mitigating Data Privacy and Security Risks Stemming From Data Syncing Across Devices
With organizations holding more and more data digitally, there is an increased need to ensure data remains accessible across the organization at any given time. To that end, many organizations use tools that synchronize the organization’s data across various databases, applications, cloud services, and mobile devices, which involves updating data in real-time or at scheduled…
Can Your AI Model Collapse?
A recent Forbes article summarizes a potentially problematic aspect of AI which highlights the importance of governance and the quality of data when training AI models. It is called “model collapse.” It turns out that over time, when AI models use data that earlier AI models created (rather than data created by humans), something is…
Think About Why Fortune 500 Companies Are Citing AI Risks in Their SEC Filings
While the craze over generative AI, ChatGPT, and the fear of employees in the professions landing on breadlines in the imminent future may have subsided a bit, many concerns remain about how best to use and manage AI. Of course, these concerns are not specific to Fortune 500 companies.
A recent story in CIODive reports…
Update: Transfers under the Swiss-U.S. Data Privacy Framework
The Swiss Federal Council has added the U.S. to the list of countries with an adequate level of data protection. Effective September 15, 2024, U.S. organizations that certify to the Swiss–U.S. Data Privacy Framework (DPF) can commence receiving transfers of personal data from Switzerland without implementing additional safeguards.
While U.S. organizations were permitted to certify…
New Illinois Laws Address Use of Generative AI and Digital Likeness, Publicity Rights
Illinois continues to enact legislation regulating artificial intelligence (AI) and generative AI technologies.
- A little less than a year ago, Gov. JB Pritzker signed H.B. 2123 into law. That law, becoming effective January 1, 2024, expanded the state’s Civil Remedies for Nonconsensual Dissemination of Private Sexual Images Act to permit persons about whom “digitally altered
…
AI Regulation Continues to Grow as Illinois Amends its Human Rights Act
Following laws enacted in jurisdictions such as Colorado, New York City, Tennessee, and the state’s own Artificial Intelligence Video Interview Act, on August 9, 2024, Illinois’ Governor signed House Bill (HB) 3773, also known as the “Limit Predictive Analytics Use” bill. The bill amends the Illinois Human Rights Act (Act)…
Rhode Island Passes a Comprehensive Consumer Data Privacy Law
On June 25, 2024, Rhode Island became the 20th state to enact a comprehensive consumer data protection law, the Rhode Island Data Transparency and Privacy Protection Act (“RIDTPPA”). The state joins Kentucky, Maryland, Minnesota, Nebraska, New Hampshire, and New Jersey in passing consumer data privacy laws this year.
The RIDTPPA takes effect on January 1,…