Kathrin Gardhouse

In mid-January 2024, Australia’s Minister for Industry and Science, Ed Husic, unveiled the government’s response to the Safe and Responsible AI in Australia consultation. The response, shaped by feedback from last year’s consultation on Australia Ai regulation, incorporates over 500 submissions from individuals as well as businesses. These submissions expressed enthusiasm for AI tools’ potential … Read more

On March 13, the European Parliament crossed another and (almost) the last hurdle for the EU AI Act to come into force. Anticipated to become law by May or June, it will see its provisions phased in: six months later, countries will be mandated to ban prohibited AI systems; one year later, regulations for general-purpose … Read more

In the age of rampant AI development, data protection laws are no longer a tick-box exercise but a cornerstone of responsible technology usage. The GDPR is undoubtedly the leader in this movement. Until recently, the legislative landscape in Canada, however, had been relatively uneventful for years. Quebec is now shaking things up! Its recently enacted … Read more

We asked ChatGPT five privacy questions covering the GDPR, HIPAA, and US and Canadian private sector privacy laws and evaluated its responses. We didn’t go easy on it, but ChatGPT hit it out of the park except, in two cases, when asked to provide accurate links to its resources. However, the resources were still easily … Read more

Although they hardly need an introduction, Salesforce is a cloud-based customer relationship management (CRM) service that allows businesses to efficiently connect with their customers, find prospects, close deals, automate marketing, develop apps, and analyze their data to draw out valuable insights. In this article we explore whether Canadian businesses subject to Quebec’s private sector privacy … Read more

After a political deal had been reached on December 8, 2023, we now have an unofficial draft of the EU AI Act. There are two versions available online, one posted by Euractiv Technology Editor Luca Bertuzzi which compares the Commission Proposal, the European Parliament’s revisions, the version of the Council, and lastly the Draft Agreement. … Read more

The California Consumer Privacy Act (CCPA) has been in effect since January 1, 2020, and it has impacted the way businesses collect, use, and protect consumers’ personal information considerably. Just over 9 months later, California voters approved Proposition 24, the California Privacy Rights Act (CPRA), which amends the CCPA and strengthens California’s data privacy laws … Read more

In the US, there is, as of yet, no comprehensive federal privacy legislation, but there is a federal agency, the Federal Trade Commission (FTC), that is at the forefront of notable enforcement actions. In the absence of comprehensive federal privacy law, the FTC relies for its privacy enforcement actions on acts that are either narrowly … Read more

On December 8, 2023, the European Parliament, European Commission, and Council of the EU reached a significant political agreement concerning AI regulation. An analysis of the unofficial final draft is forthcoming, but in the meantime, it is important to note key developments. The primary issue under consideration was whether to regulate the technology behind AI … Read more

In the contemporary landscape of health information technology, the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule sets a national standard for the protection of individuals’ medical records and other protected health information (PHI). The HIPAA Privacy Rule allows for health information to be de-identified using two methods: the Safe Harbor method, which requires … Read more