![Photo of David Stauss [Former Attorney]](https://lexblogplatform.com/wp-content/uploads/sites/631/userphoto/7147-1572288796.jpg)
Keypoint: Although not nearly as far-reaching as the Colorado AI Act, the Illinois law adds to the growing patchwork of state laws that regulate artificial intelligence.
On August 9, Illinois Governor J.B. Pritzker signed HB 3773 into law. The bill, which goes into effect January 1, 2026, amends the Illinois Human Rights Act to regulate the use of artificial intelligence in certain employment settings. In the below article, we provide a summary of the law and its provisions.
Keypoint: The appellate court ruled that the California Age-Appropriate Design Code Act’s impact assessment provision is unconstitutional and remanded the case back to the trial court to consider the constitutionality of the other challenged provisions.
On August 16, the Ninth Circuit Court of Appeals issued an opinion in NetChoice v. Bonta on the constitutionality of California’s Age-Appropriate Design Code Act (AADC). The appellate court affirmed the district court’s decision in part and vacated it in part. The appellate court affirmed the district court’s ruling that NetChoice was likely to succeed in showing that the AADC’s data protection impact assessment requirement violates the First Amendment. Based on that ruling, the appellate court affirmed the district court’s decision to enjoin enforcement of that requirement. The appellate court vacated the remainder of the district court’s ruling, determining that it is unclear from the record whether the remaining provisions of the AADC challenged by NetChoice violate the First Amendment. The appellate court remanded the case to the district court to consider the constitutionality of those provisions and whether the law’s unconstitutional provisions are severable from the remainder of the law.
In the below article, we provide an overview and analysis of the Ninth Circuit’s ruling.
Keypoint: Companies onboarding AI products and services need to understand the potential risks associated with these products and implement contractual provisions to manage them.
With the rapid emergence of artificial intelligence (AI) products and services, companies using these products and services need to negotiate contractual provisions that adequately address the unique issues they present. However, given that this area is new and rapidly emerging, companies may not appreciate that the use of AI may raise unique contractual issues. Even if companies do realize it, they may not know what those provisions should state. In addition, many AI-related contractual terms are complicated and confusing, oftentimes containing new terms and definitions that companies are unfamiliar with handling.
In the below article, we identify key considerations when reviewing or preparing AI-related contracts. Although there may be other considerations depending on the specific use case, the below considerations should provide the reader with a useful starting point for how to address this issue.
Keypoint: Last week, several privacy and AI bills passed out of committee (with some receiving amendments) while two bills died in committee.
We are currently tracking thirteen privacy and AI-related bills that previously crossed chambers prior to the legislative deadline. With the California legislature closing on August 31, we will be providing weekly updates on the progress of these bills.
Keypoint: Last week, the California legislature returned from its summer recess and began moving forward with privacy and AI legislation prior to the August 31 session closing date.
We are currently tracking thirteen privacy and AI-related bills that previously crossed chambers prior to the legislative deadline. With the California legislature closing on August 31, we will be providing weekly updates on the progress of these bills.
Keypoint: The amendment limits claims and updates the definition of written release.
On August 2, 2024, Illinois Governor J.B. Pritzker signed SB 2979 into law. The bill amends the Illinois Biometric Information Privacy Act (BIPA) to limit the number of claims that can be brought under the law’s private right of action and updates the law’s definition of “written release” to include “electronic signature.” The below article provides a summary of the two changes.
Keypoint: Although New York lacks a consumer data privacy law, the New York Attorney General’s office has taken the position that New York’s consumer protection laws require entities to implement certain tracking technology practices.
In mid-July the New York Attorney General’s office published a Guide for Website Privacy Controls in which the office identifies “mistakes we found businesses making when deploying tracking technologies.” The guidance acknowledges that New York lacks a consumer data privacy law that regulates online tracking technologies, but takes the position that “New York’s consumer data protection laws . . . , which prohibit businesses from engaging in deceptive acts and practices, effectively require that websites’ representations concerning consumer privacy be truthful and not misleading.” According to the Attorney General, this “means that statements about when and how website visitors are tracked should be accurate, and privacy controls should work as described.”
In the below article, we provide a brief overview of the guidance and some key takeaways.
Keypoint: The Texas Attorney General reached a $1.4 billion settlement with Meta over its alleged violations of Texas’ biometric privacy law.
On July 30, 2024, the Texas Attorney General announced that it has reached a $1.4 billion settlement with Meta over its alleged violations of Texas’ “Capture or Use of Biometric Identifier” Act (CUBI). The Attorney General’s press release represents that the settlement, which arises out of a 2022 complaint, is the first under CUBI. It also represents that the settlement “is the largest privacy settlement an Attorney General has ever obtained.”
In the below article, we provide a brief overview of CUBI and the underlying allegations in the complaint.
Keypoint: The California legislature has many pending privacy and AI-related bills to consider before it closes on August 31.
The California legislature left for its summer recess on July 3 and will reconvene on August 5. Once it returns, the legislature will have twenty-six days to pass bills before it recesses for the year on August 31.
In the below article, we identify and briefly summarize the pending privacy and AI bills and where they stand in the legislative process. The bills cover a wide range of topics, including kid’s privacy, opt-out preference signals, neural data, and algorithmic discrimination. All together, we are tracking fourteen bills, one of which was signed into law on July 15. The remaining thirteen bills all passed through their chamber of origin prior to the May 24 deadline and are at various stages of consideration in the opposite chamber.
Keypoint: The settlement, which includes a $500,000 fine and injunctive relief, arises out of alleged violations of the CCPA’s children’s privacy provisions and COPPA.
On June 18, 2024, the California Attorney General announced it had reached a settlement with an online gaming company, resolving allegations that the company violated the California Consumer Privacy Act (CCPA) and federal Children’s Online Privacy Protection Act (COPPA) “by collecting and sharing children’s data without parental consent in their popular mobile app game ‘SpongeBob: Krusty Cook-Off.’” The Attorney General’s complaint and settlement were pursued in connection with the Los Angeles City Attorney’s office.
In the below article we provide a brief overview of the settlement.