Data Protection Leader magazine provides valuable insights into the evolving landscape of data protection and AI regulation. From UK data protection reform to the EU AI Act and new state privacy laws in the US, this edition offers practical advice and expert analysis to help organizations navigate complex regulatory environments. The July 2024 issue of Data Protection Leader explores key issues surrounding the EU AI Act, state privacy laws in Florida, Oregon, and Texas, and the revised NIST Cybersecurity Framework (CSF) 2.0.

A Blueprint for UK Data Protection and AI Regulatory Policy

Eduardo Ustaran, Partner at Hogan Lovells, examines the future of data protection reform and AI-specific regulation in the UK. With the previous government’s Data Protection and Digital Information bill seemingly abandoned, the focus shifts to the new Labour Government’s priorities. Ustaran highlights the importance of maintaining the UK's data protection regime while considering subtle yet meaningful tweaks to enhance economic growth. He focuses on the need for regulation that balances safety, fairness, and effectiveness without stifling innovation.

EU AI Act: Top Tips for Vendor Management

Brian McElligott, Partner at Mason Hayes & Curran LLP, provides insights on managing AI vendors in compliance with the EU AI Act, effective from August 2024. The Act introduces a comprehensive legal framework for AI systems, drawing particular attention to transparency, accountability, and human oversight. McElligott outlines critical considerations for vendor management, including regulatory compliance, data privacy, technical robustness, and emerging issues such as interoperability and sustainability. He offers practical tips for contracting with AI vendors, ensuring compliance with high-risk AI systems, and adapting to the evolving regulatory landscape.

Florida, Oregon, and Texas: New Privacy Laws Turning Up the Heat

Laura Lemire, Of Counsel at Schwabe, Williamson & Wyatt, P.C., discusses the new state privacy laws in Florida, Oregon, and Texas that took effect on July 1, 2024. These laws introduce unique requirements and expand the number of businesses subject to comprehensive privacy regulations. Lemire details the commonalities and differences between these laws and existing state privacy laws, such as the California Consumer Privacy Act (CCPA). She highlights the significant impact of the Oregon Consumer Privacy Act (OCPA), the unique applicability provisions of the Florida Digital Bill of Rights (FDBR), and the specific requirements of the Texas Data Privacy and Security Act (TDPSA). Lemire also provides insights into the enforcement mechanisms and what organizations can expect in the coming months.

Beyond the Cookie Jar: Emerging Alternatives to Third-Party Cookies

Iain Borner, CEO at The Data Privacy Group, explores the shift away from third-party cookies due to growing privacy concerns. With major browsers phasing out third-party cookies, companies are exploring alternative methods for gathering user data and delivering targeted advertisements. Borner examines the privacy implications of these new methods, such as first-party cookies, contextual advertising, and browser fingerprinting. He discusses the trade-offs and privacy risks associated with these alternatives and emphasizes the need for transparency and consent in data collection practices.

NIST CSF 2.0: What’s New and How to Use It

Alex Sharpe, Principal at Sharpe Management Consulting LLC, delves into the updated NIST Cybersecurity Framework (CSF) 2.0, which treats cybersecurity as a business discussion. The revised framework reflects the modern enterprise and threat landscape, highlighting leadership’s role in managing cyber risks. Sharpe outlines the key changes in CSF 2.0, including the introduction of the Governance function and the updated process for creating organizational profiles. He provides practical guidance for using the CSF to manage cybersecurity risks and foster informed decision-making.

Follow OneTrust DataGuidance on LinkedIn to keep up to date with the latest regulatory news, webinars, and resources