ai

Subscribe to ai via RSS

Key Changes to Upcoming AI, Risk Assessment, and Cybersecurity Regulations

On May 1, 2025, the California Privacy Protection Agency (CPPA) Board met again to discuss updates to the latest draft California Consumer Privacy Act (CCPA) regulations related to automated decision-making technology (ADMT), cybersecurity audits, risk assessments, and an assortment of other updates to existing regulations. These latest updates come after the CPPA first released draft regulations on these topics in July 2024 and initiated the formal rulemaking in November 2024, as analyzed in a prior alert. In April 2025, the Board continued to grapple with public concerns and received hundreds of public comments on the prior draft regulations, an analysis of which can be found in this recent client alert. At the CPPA meeting last week, CPPA staff proposed significant changes to the prior draft, on which the Board provided more feedback and agreed to open the regulations for public comment as soon as this week and closing June 2, 2025.Continue Reading CPPA Board Opens Draft Regulations for Public Comment

On February 4, 2025, the European Commission (EC) issued draft guidelines clarifying the AI practices that are prohibited under the European Union’s (EU) Artificial Intelligence (AI) Act. While non-binding, the guidelines offer valuable clarifications and practical examples to help businesses navigate their obligations under the AI Act. The EC has approved the draft guidelines, but is still to formally adopt them, which is expected in the near term.Continue Reading EU Commission Issues Guidelines on Prohibited AI Practices Under EU AI Act

On February 2, 2025, the European Union’s (EU) Artificial Intelligence Act (AI Act) will start to apply in phases. This alert summarizes the new obligations that will apply as of February 2, 2025. It also indicates when companies can expect the first enforcement actions, and what the enforcement regime will look like. For more information about the scope and requirements of the AI Act, please see our 10 Things You Should Know About the EU AI Act.Continue Reading The EU’s AI Act Starts to Apply as of February 2, 2025

On December 18, 2024, the European Data Protection Board (EDPB) published its much-anticipated Opinion on the processing of personal data in the context of AI models in light of the EU General Data Protection Regulation (GDPR).Continue Reading EU Privacy Regulators Confirm That Legitimate Interest Is a Valid Legal Basis for AI Model Training and Deployment

California’s 2024 legislative session has been marked with exciting developments and a clear focus on setting the rules of the road for artificial intelligence (AI), with some measures becoming law and others stalling out along the way. Last month, Governor Newsom signed 17 bills regulating AI in the Golden State. Notably, Governor Newsom vetoed SB 1047, which would have imposed safety requirements on developers of large models to avoid certain harms. In vetoing the bill, Governor Newsom noted that it was not comprehensive or precise enough, improperly focused on large models even though small ones could present similar risks, and did not take into account whether an Al system is deployed in high-risk environments, involves critical decision-making, or uses sensitive data. Newsom’s veto also represents a big win for the numerous industry members, politicians, and academics who lobbied against the bill, arguing that its passage would stifle innovation in the space. Nevertheless, the AI bills Newsom did sign are expected to have wide-ranging impacts on the AI industry. A summary of those bills is below.Continue Reading Governor Newsom Signs (and Vetoes) Major California AI Legislation

The Federal Communications Commission (FCC) recently issued a unanimous Notice of Proposed Rulemaking and Notice of Inquiry targeting the use of AI-related technologies for communicating with consumers.1 In the proposed rule, the FCC seeks to impose a broad definition for AI technologies subject to the requirements of the Telephone Consumer Protection Act (TCPA). Companies using technology falling within the FCC’s proposed definition would be required to make certain disclosures under the TCPA to notify consumers that they are communicating with AI-technology. This proposal is the latest move by the FCC to tackle its largest source of consumer complaints: unwanted and illegal robocalls and robotexts.2 The proposed new rule may require companies to modify their current approach in engaging with consumers through AI-generated calls and/or texts, including potentially altering their current practices in collecting consent where necessary.Continue Reading FCC Issues Notice of Proposed Rulemaking Regarding the Use of AI-Generated Technologies for Consumer Communications

The Artificial Intelligence Act (AI Act) is the first comprehensive legislation that intends to regulate AI horizontally across all sectors in Europe. It will have far reaching consequences on all companies developing, implementing, or using AI solutions in the EU and beyond. These FAQs provide key information you should know before the AI Act is adopted, and some tips on what you can already be doing to prepare. To learn more, click here to read Wilson Sonsini’s updated FAQs.”Continue Reading Updated: 10 Things You Should Know About the EU Artificial Intelligence Act