Esparza v. Kohl’s, Inc., confirms that sharing electronic data with third-party applications or service providers without the website visitor’s consent creates a risk of lawsuits and potential liability for website defendants in states that require all parties to consent to interception of communications.
On 26 April 2024, the Brazilian Data Protection Authority (ANPD) published the Resolution CD/ANPD no. 15 which approved the Regulation on Notification of Security Incident (“Regulation”). Such Regulation sets forth the mandatory procedures that data controllers must follow when notifying security incidents to ANPD and personal data subjects.
According to Law No. 13,709/18 (Brazilian General Data Protection Law, or LGPD), the controller must notify the occurrence of a security incident that may give rise to relevant risk or damage to data subjects not only to ANPD, but also to the data subjects.
The Canadian Competition Bureau (“Bureau”) has announced a significant initiative to explore the effects of artificial intelligence (“AI”) on competition in Canada. On 20 March 2024, the Bureau published a discussion paper, entitled “Artificial intelligence and competition” (“Discussion Paper”), and has requested feedback from the public. The Bureau is seeking to better understand how AI can affect competition in Canada. Submissions are due by 4 May 2024.
On 4 April 2024, the Minister for Communications opened consultation on significant and comprehensive stage two reforms to the National Classification Scheme (“Scheme”). The Scheme is comprised of a number of laws and regulatory instruments – together, operating as a regulatory framework for classifying films, certain publications and computer games under cooperative arrangements between the Commonwealth, and the States and Territories. In addition, the Scheme directly underpins the online content scheme in Part 9 of the Online Safety Act 2021 (Cth) (“OSA” ) and informs elements of the broadcast television self-classification requirements in place under industry codes of practice under the Broadcasting Services Act 1992 (Cth).
On 21 March 2024, the United Nations General Assembly adopted Resolution A/78/L.49 on “Seizing the opportunities of safe, secure and trustworthy artificial intelligence systems for sustainable development”. This marks the first-ever resolution adopted by the United Nations (UN) on the matter of artificial intelligence (AI) and is therefore a milestone in its governance. Although the resolution has no immediate binding effect, its content will further guide the regulatory development of AI technologies on the national and international level in the years to come and marks a step in the “race to AI regulation”.
On 26 March 2024, the Australian Senate resolved to establish the Select Committee on Adopting Artificial Intelligence (“Committee”) to inquire into and report on the opportunities and impacts arising out of the adoption of AI technologies in Australia.
The Committee’s inquiry provides an important opportunity for Australian companies to shape the future direction of Australia’s AI-related regulatory reforms as the Government continues to formulate its position on the regulation of AI.
By means of Decree No. 302/2024, published in the Official Gazette on 10 April 2024 (“Decree”), the National Executive Branch (PEN for its acronym in Spanish) has amended Argentine Digital Law No. 27,078 and repealed Decree No. 690/2020.
The Decree’s main purpose is to free the market and to develop Information and Communication Technology Services, allowing licensees to freely set prices, which shall be fair and reasonable; cover the operation costs; and aim at efficient provision and a reasonable operating margin.
The Thailand Board of Investment (BOI) grants investment promotions for the development of software, digital platforms, or digital content. Previously, minor developments or modifications did not qualify for investment promotion from the BOI, and the BOI maintained a negative list of activities that did not qualify as development. However, on 15 March 2024, the BOI issued a new notification announcing a new promoted activity: the modification of software, digital platforms, or digital content.
The Data Privacy Act provides that a personal information controller (PIC) must implement reasonable and appropriate organizational, physical and technical measures intended for the protection of personal information against accidental or unlawful destruction, alteration and disclosure, as well as against any other unlawful processing. The PIC shall also protect personal information against natural dangers and human dangers. For this purpose, the National Privacy Commission (NPC) recently issued NPC Circular No. 2023-06 (“Circular”), which sets out the updated minimum requirements for the security of personal data.
Proposed licensing of social media and internet messaging services providers and a new draft bill on digital safety – these are some of the recent updates in the online content space for Malaysia.