On May 8, 2024, Colorado’s legislature enacted “An Act Concerning Consumer Protections in Interactions with Artificial Intelligence Systems” (SB205), a state law that comprehensively regulates the use of certain “Artificial Intelligence (AI)” systems.[1] The law is aimed at addressing AI bias, establishing a requirement of human oversight throughout the life cycle of
Colorado
June 7-9 | Rocky Mountain Information Security Conference
Greenberg Traurig Data Privacy & Cybersecurity attorneys David A. Zetoony, Co-Chair of the U.S. Data Privacy and Cybersecurity Practice, and Andrea C. Maciejewski will participate in the Rocky Mountain Information Security Conference June 7-9 in Colorado. On June 7 at 8:00 a.m. MDT, David and Andrea will present the International Privacy Law Update during…
Understanding the Differences in State Privacy Laws: How Is Geolocation Information Defined?
Several modern state data privacy statutes refer to precise geolocation information as a “sensitive” category of personal information. What constitutes precise geolocation information differs slightly between and among states. The following table provides a side-by-side comparison of the how the states have defined the term.
Click here for a side-by-side comparison of the how the |
…
Understanding the Differences in the State Privacy Laws: What Is Publicly Available Information?
Most modern state data privacy laws exempt from their definition of personal information “publicly available information.” What constitutes publicly available information differs between state privacy laws and may not correlate to the lay definition understood by many businesses and individuals. For example, while some businesses may consider information available on the internet “publicly available information…
Understanding the Delta Among State Privacy Statutes: Jurisdictional Triggers
Modern state privacy laws have attempted to carve out organizations that process de minimis amounts of personal information, or whose business activities do not monetize data. The specific thresholds used, however, differ between states. The following provides a comparison of the thresholds that each statute creates for organizations that are subject to regulatory compliance obligations:…
Under the Colorado Privacy Act, will companies be required to offer consumers the ability to opt out of behavioral advertising if they have already received opt-in consent?
The Colorado Privacy Act, which is scheduled to go into effect in 2023, states that a consumer “has the right to opt out of the processing of personal data” for the purposes of “targeted advertising.”1 Unlike other state statutes, such as the CPRA, the Colorado Privacy Act does not contain an exemption for situations…
Oct. 21 Webinar | New Colorado Privacy Law, Effective July 2023: What Attorneys Need to Know
On Thursday, Oct. 21, David A. Zetoony, Co-Chair of the U.S. Data Privacy and Cybersecurity practice, will present the webinar “New Colorado Privacy Law, Effective July 2023: What Attorneys Need to Know.” On July 7, 2021, Colorado officially became the third state to pass broad consumer privacy legislation when Gov. Jared Polis signed the…
July 20 Webinar | The Colorado Privacy Act: What You Need to Know & How to Prepare
Join GT’s David Zetoony and Truyo’s Dan Clarke on Tuesday, July 20 at 11 a.m. EST (8 a.m. PST) for a webinar on the Colorado Privacy Act, the last state legislation to pass. The webinar will explore what the legislation entails and how you can prepare for the Colorado Privacy Act effective date.
Get…
Financial institution confusion: Are financial institutions fully exempt from the CCPA, CPRA, VCDPA, and CPA?
The Gramm–Leach–Bliley Act (GLBA) and its implementing regulations impose privacy requirements when financial institutions collect “nonpublic personal information about individuals who obtain financial products or services primarily for personal, family, or household purposes.”[1] GLBA does not apply, however, when a financial institution collects information about individuals “who obtain financial products or services for business,…
The Colorado Privacy Act: How Does it Stack Up Against the VCDPA?
Colorado is the third state, after California and Virginia, to get a comprehensive data privacy statute through its legislature. While the Colorado Privacy Act (CPA) awaits signature by Gov. Polis, businesses are assessing to what extent the CPA will impact their privacy programs.
The following provides a high-level cross-reference to help companies compare and contrast…