The California Privacy Protection Agency will soon take 15 days of comments on revised draft rules for implementing a data-deletion mechanism under the California Delete Act, the five-person CPPA board decided unanimously during a partially virtual meeting Thursday. The agency expects to extensively test the system to work out any kinks before data brokers start accessing it in August 2026, said General Counsel Philip Laird.
AI Privacy
AI privacy concerns are growing as copyrighted works and personal data are used to train, optimize and operate machine learning systems. From facial recognition to inference risks, AI applications often test the limits of existing privacy laws. Regulators worldwide are developing safeguards to govern data use, bias, transparency and consent in AI development. This page tracks legislation, regulatory frameworks and enforcement actions at the intersection of AI and data protection.
Large amounts of data are needed to train general-purpose AI models, but there's only limited information about the data's origin, the European Commission said Thursday.
The FCC’s efforts on the White House’s AI Action plan will involve a “team” principally run out of the Office of General Counsel, said Chairman Brendan Carr in a news conference Thursday. The agency will look at its authority to preempt state laws and proceed with “an open mind,” he added. The agency’s role will be “looking at ways that we can streamline or accelerate or potentially address barriers that may be in the way of the buildout of AI infrastructure.” Commissioner Anna Gomez said during her news conference Thursday that the Communications Act doesn't give the FCC authority over AI, and that the administration's actions against subsidizing the buildout of high-capacity fiber infrastructure will undermine the proliferation of AI. "What this administration is doing with the BEAD program is antithetical to the goals of this administration on AI," she said.
The California Privacy Protection Agency approved rules on automated decision-making technology (ADMT) and other subjects at a partially virtual meeting Thursday. CPPA Board members voted 5-0 to clear the rulemaking package, which also covers risk assessments, cybersecurity audits, insurance and updates to California Consumer Privacy Act (CCPA) regulations.
The California Privacy Protection Agency approved rules on automated decision-making technology and other subjects at a partially virtual meeting Thursday. CPPA Board members voted 5-0 to clear the rulemaking package, which also covers risk assessments, cybersecurity audits, insurance and updates to California Consumer Privacy Act (CCPA) regulations.
Proton said it’s adding a privacy-respecting AI assistant called Lumo to its email service. “With no logs kept and every chat encrypted, Lumo keeps your conversations confidential and your data fully under your control -- never shared, sold, or stolen,” Proton blogged Wednesday.
The EU General Data Protection Regulation gives people the right to human intervention in algorithmic decisions that affect them, the Dutch Data Protection Authority said Wednesday.
House Democrats on Wednesday filed legislation that would ban AI companies from using consumers’ personal data to set prices or wages, as expected (see 2507160067).
Delaware Gov. Matt Meyer (D) approved plans to develop an AI sandbox program, his office said in an emailed news release Wednesday.
With substantive data-protection provisions of the U.K. Data Use (and Access) Act 2025 (DUAA) beginning to apply near year's end, organizations should start monitoring new guidance from the Information Commissioner's Office (ICO), Robin Edwards, a member of the government's Department for Science, Innovation and Technology, said Wednesday during an IAPP webinar.