Artificial Intelligence (AI) is driving new business opportunities across a growing number of industry sectors, including consumer goods and retail. Enticed by its transformative potential, companies are actively exploring, experimenting, and deploying AI solutions in business processes, products, and services and are finding ways to derive business value from it. The emergence of generative AI capable of human-like text that can analyze vast amounts of data and create new content has caught the public’s attention and turbocharged interest in potential use cases in the CG&R industry.
On 31 July 2023, the Smart Nation and Digital Government Office published the fourth annual update on the government’s personal data protection efforts, detailing the government’s measures to strengthen the public sector data security regime between 1 April 2022 and 31 March 2023.
By means of Resolution No. 44/2023, the Chief of Cabinet of Ministers: (i) approved the Second National Cybersecurity Strategy; (ii) created the Cybersecurity Management and Cooperation Unit; and (iii) established the functions of the Executive Unit of the National Cybersecurity Committee.
The National Broadcasting and Telecommunications Commission (NBTC) has recently released a new Notification on Measures to Protect the Rights of Telecommunications Service Users Related to Personal Data, Rights to Privacy, and Liberty to Communicate through Telecommunications (“Telecommunications Data Protection Notification”). This Telecommunications Data Protection Notification repealed and replaced the existing NTC (National Telecommunications Commission, now the NBTC) notification on data protection, which had been applicable to telecommunications business operators since 2006.
Following a five-year legislative process, India’s Digital Personal Data Protection Act (DPDP) received presidential assent on 11 August 2023. Practically speaking, the DPDP is not yet enforceable as the government still needs to establish the Data Protection Board of India (Board), which will serve as the enforcement authority for the law. The Board, in turn, must implement certain legally binding rules before the DPDP becomes fully operational.
The law addresses for the first time the processing of personal data via autonomous and semi-autonomous systems
In June 2023, the Office of the Privacy Commissioner for Personal Data issued an updated Guidance on Data Breach Handling and Data Breach Notifications (“Guidance”). The Guidance updates a non-binding, end-to-end framework for data users to tackle data breaches, including recommended elements that go into a data breach response plan, questions that need to be addressed in the course of investigating a data breach incident, how to make a data breach notification and tips for preventing recurrence of data breaches.
Baker McKenzie is pleased to invite you to a morning breakfast symposium exploring the legal ramifications of the Artificial Intelligence (AI) revolution on 11 October 2023 at 8:00 to 10:30 am ET. This event is ideal for corporate counsel and senior leaders responsible for managing the risks and leveraging the opportunities of the AI revolution, and for those wishing to learn more. It will take place in our Toronto office.
Over the past few years, regulators around the world have stepped up enforcement of privacy laws that protect minors online. All companies that offer online services may find themselves in possession of minors’ personal data. And so, companies that take part online should consider some general recommendations, especially in light of the growing body of youth online privacy and safety laws.
The proposed law which regulates the use of Artificial Intelligence in Brazil considers a risk-based approach inspired by the EU AI Act and looks at high, medium and low risk obligations and liabilities.