Search for:

Cybersecurity, Data and Tech


The Hungarian Government has published a new draft decree, which, once adopted, will establish new fines for failure to provide data, either within the deadline or at all, that is necessary for the registration of organizations under Act XXIII of 2023 on Cybersecurity Certification and Cybersecurity Supervision (“Cyber-certification Act”), which is the Hungarian transposition of the NIS2 Directive [Directive (EU) 2022/2555]. For numerous organizations, the above-mentioned deadline was 30 June 2024.

Following the publication of the proposed Framework in January 2024 and the feedback received from various stakeholders, the finalized Model AI Governance Framework for Generative AI was released on 30 May 2024 by the Infocommunications Media Development Authority (IMDA) and AI Verify Foundation. The Framework expands upon the Model AI Governance Framework last updated in 2020.

On 11 June 2024, the minister of the Ministry of Science and Technology of Vietnam issued Decision 1290/QD-BKHCN providing guidance on principles for researching and developing responsible artificial intelligence (AI) systems (“Decision”). This Decision, which came into effect immediately upon issuance, is included with Version 1.0 of the Guide on Principles for Researching and Developing Responsible AI Systems (“Guide”). It is essential to highlight that the Guide is established as a voluntary standard rather than a mandatory rule.

Articles about artificial intelligence appear daily in many legal publications — including this one. But, on 28 May, US Circuit Judge Kevin Newsom of the US Court of Appeals for the Eleventh Circuit wrote a concurring opinion in Snell v. United Specialty Insurance Co. for the specific purpose of floating an idea about how judges might use generative AI.

In June 2024, the New York Assembly passed two bills that, if signed by the Governor, will impose extensive new requirements on companies operating in the state to enhance online protections for children. The first is the New York Child Data Protection Act, which imposes data minimization, consent and data processor agreement obligations on online services operators that actually know they collect minors’ personal information or target their services at minors. The second is the Stop Addictive Feeds Exploitation (SAFE) for Kids Act, which prohibits online service operators from providing minors with “addictive feeds” absent parental consent.

The National Privacy Commission issued a press release on 5 June 2024 to “sternly” warn businesses processing personal information that it will issue show cause orders in the case of non-compliance with the Data Privacy Act of 2012 and relevant NPC issuances, particularly NPC Circular No. 2022-04, which outlines the registration framework for data processing systems and data protection officers.

Federal regulatory agencies have prioritized enforcement efforts that target the mishandling of data by companies that store and monetize large amounts of personal or sensitive information. This issue cuts across multiple regulatory areas which has prompted increased coordination between federal agencies. Notably, on March 26, 2024, the US Federal Communications Commission, Consumer Financial Protection Bureau, and the Federal Trade Commission, publicized a coordinated effort to increase their technological capabilities to address privacy and competition concerns related to the use of data.