Privacy

CFA Privacy & AI Top 10: Location Data Sales Banned in Oregon, 23andMe Lawsuits, and Mythbusting the AI Moratorium

 |  Blog Post

Good morning!

Welcome to a newsletter from the Consumer Federation of America (CFA) tracking the latest news about how AI and personal data are used, abused, and regulated. As many state legislatures have now or are soon wrapping up their sessions, I will transition to a “top 10” things that you should know about Privacy & AI policy each two weeks.

Top 10:

  1. Oregon enacted a ban on the sale of precise geolocation data (!!) as well as the sale of data of minors under 16. They join Maryland and are the only two states with protections like this. (Consumer Reports)
  2. Colorado Governor Jared Polis vetoed a very simple bill that would ban rent-setting algorithms, like those that were subject to lawsuits from the DOJ and most Attorneys General including Colorado. He vetoed a record number of bills, and has increasingly cozied up to the tech industry. CFA published a blog urging him to sign it prior to the veto. (AP)
  3. New Jersey published a privacy rulemaking started by the passage of the NJ Data Privacy Act – it is a very specific and therefore enforceable set of rules that enacts real data minimization and data deletion requirements, sets a clear template for how data collection disclosures must be made, and more. Comments on it are open until August 1st. (New Jersey)
  4. 23andMe going bankrupt has led to significant concerns about how companies that collect extremely sensitive data can only promise you so much – and when they sell their business those promises are gone. There was a senate hearing with 23andMe leadership and 27 Attorneys General are suing to block the sale to Regeneron without consent of the consumers who have their data held. (The Record/6ABC Philadelphia)
  5. I published a blog with Sara Geoghegan from EPIC about how our health privacy is constantly threatened from common business practices throughout the industry. (CFA)
  6. Senators Booker, Welch, Schiff, and Padilla sent a letter to Meta demanding they investigate and limit the “blatant deception” of their chatbot characters that lie about being licensed therapists. This is an urgent issue that (404Media)
  7. Georgetown Center on Privacy and Technology is suing CBP and ICE about the aggressive opacity of a DNA collection program and database that the immigration enforcement agency has. (Georgetown CPT post)
  8. Former CFPB and FTC officials Seth Frotman and Sam Levine published an op-ed in a New York State paper making the case for the passage of the “FAIR Business Practices Act,” which would give the state the power to enforce unfair and abusive practices like the CFPB and many other states has. (Syracuse.com)
  9. I was honored to testify at the House Energy and Commerce Committee hearing on robocalls and robotexts, a tough issue that requires much more focus and resource from enforcement agencies. (CFA written testimony|Broadband Breakfast)
  10. I published a “mythbusting” breakdown of the issues and arguments surrounding the state AI moratorium proposed in the budget at the federal level with Kara Williams of EPIC. (Tech Policy Press)

If you know anyone who might like this, encourage them to sign up here.

Thanks so much for reading. Until next time,

Ben Winters