Privacy

CFA State AI & Privacy Update #4

 |  Blog Post

Welcome to the fourth installment of a newsletter from the Consumer Federation of America (CFA) tracking the latest news about how AI and personal data are used, abused, and regulated. The newsletter will take a break on 3/12 so next installment will be 3/26.

If you’re reading this and not subscribed, head to https://cfa.simplelists.com/ and on the list select the second from the top (“ai-privacy-updates (CFA State AI and Privacy Updates.)

Alright – let’s get into it:

STATE AI AND PRIVACY POLICIES

  • Virginia passed a comprehensive-ish AI law, one of the first states to do so. Unfortunately, it is full of loopholes, loose definitions, and more. (Pluribus)
  • New Mexico HB 60 is a strong and promising comprehensive bill with fewer loopholes and better definitions than Virginia and Colorado. (CFA Testimony in Support from Monday)
  • Connecticut SB 2 is the latest version of their comprehensive AI law that had enough support in the legislature to pass but had threats of veto from their Governor. An interesting big domino to watch.  (CT Mirror)
  • Massachusetts HD 3750 would regulate the use of AI to make decisions on health insurance claims. (MA Legislature)
  • One New York bill would require banks to do disparate impact tests yearly on automated decision-making systems for lending decisions. (NY Assembly)
  • Three bills in Colorado, Massachusetts and California, get at the growing environmental footprint of AI, forcing study and disclosure related to the energy used to create or use certain AI systems. (Ropes & Gray)
  • Maryland HB83 would require Generative AI companies to publish high level summaries of the data used to train their systems. This is a commonsense solution to a problem the AI companies have created. (Citizen Portal – warning, it’s an auto-generated article from the hearing)

RELEVANT NEWS

  • An investigation by WIRED illustrated how Google allows targeting of ads to “National Security Decision Makers” and People with Chronic Diseases among others, which are both immoral and against Google policy. (WIRED)
  • At the Federal level, House Energy & Commerce put out a “Request for Information to Explore Data Privacy and Security Framework.” We’ve been here before, with privacy laws introduced and studied and all that jazz for the last 20+ years. (House E&C Page)
  • President Trump’s dangerous EO last week is aimed at taking the independence away from independent enforcement agencies like the FTC, which as been the primary AI and privacy regulator in the last decade. My thoughts are in the linked article — “This EO targeting the independence of agencies including the FTC and the FCC will set back AI policy and hamper the crucial enforcement against illegal robocalls, discriminatory uses of AI, or straight-up lies about what an AI can do.”  (Inside AI Policy)
  • I wrote a piece in Tech Policy Press about how the Fickle Loyalties of Tech Oligarchs Intensifies the Dire Need for US Data Privacy, Competition, and AI Legislation. (Tech Policy Press)
  • Clearview AI, a famously evil company, has new leadership including Trump megadonor. Very concerning news for how government agencies will be further adopting this invasive tech. (The Record)

If you know anyone who might like this, encourage them to sign up here.