As we outlined in our previous blog article, California recently became the second state to enact a law safeguarding consumer brain data, following a similar law passed by Colorado in April. Both state laws prevent the sale or unauthorized sharing of data generated by consumer neurotechnology products. Under these new state privacy laws, companies
Colorado
Colorado’s First of its Kind Consumer Protections for Artificial Intelligence
On May 17, 2024, Colorado Governor Jared Polis signed, “with reservations,” Senate Bill 42-205, “Concerning Consumer Protections in Interactions with Artificial Intelligence Systems” (the Act). The first of its kind in the United States, the Act takes effect on February 1, 2026, and requires artificial intelligence (AI) developers, and businesses that use high-risk AI systems…
Privacy Tip #394 – Colorado Amends Privacy Law to Include Neurodata
Colorado Governor Jared Polis signed H.B. 24-01058 into law on Wednesday, April 17, 2024. The law amends the definition of personal information protected by the state’s privacy law to include protections for data generated by activity in the nervous system. The intent of the law is to require companies that collect, use, and disclose consumers’…
Universal Opt-Out Mechanism for Consumers in Colorado
Similar to the well-known California Consumer Privacy Act, on July 1, 2024, the Colorado Privacy Act (CPA) goes into effect and will provide Colorado residents with express rights over their data collected by businesses. The CPA requires businesses to provide consumers with an option to opt-out of the sale of their personal information or sharing…
Controversial ‘Keyword Search’ Warrant Leads to Arrests in Murder Case
This week, the Colorado Supreme Court upheld a criminal conviction which relied in part on evidence obtained pursuant to a warrant for Google search data. People v. Seymour, 2023 CO 53 (Oct. 16, 2023) (available at http://www.courts.state.co.us).
In investigating the cause of a 2020 apparent arson fire at a Denver residence which resulted…
CPRA Enforcement Postponed to March 2024
This week, the California Superior Court ruled that the California Privacy Protection Agency (CPPA) cannot begin enforcement of the California Privacy Rights Act (CPRA) until March 2024. The ruling stems from a lawsuit filed by the California Chamber of Commerce which argued that state businesses would not have enough time to prepare for the upcoming…
Colorado AG Updates Draft Rules for Colorado Privacy Act
Colorado Attorney General Phil Weiser’s office recently published an updated version of the draft rules governing the Colorado Privacy Act, which goes into effect on July 1, 2023. The updates build upon the original draft rules published on October 10, 2022, and are based on input received by the AG’s office through December 2, 2022.…
Cyber-Attack Disrupts Public Services in Fremont County, Colorado
Government offices and public services in Fremont County, Colorado, have been disrupted since August 17, 2022, due to a “cybersecurity event affecting our county computer systems.”
As of the official update issued August 24, 2022, “all of the county’s buildings remain closed. This includes administration and public health buildings.”
The update reveals how difficult it…
Colorado Law Restricts Use of Facial Recognition Technology by Government Agencies
Ramping up its continued focus on data privacy, on June 8, 2022, Colorado Governor Jared Polis signed into law legislation aimed to limit the use of facial recognition technology by government agencies and state institutions of higher education.
The legislation, SB 113, requires an agency – defined as “an agency of the state government…
Connecticut’s Privacy Law Signed by Governor
Connecticut Governor Ned Lamont signed the Personal Data Privacy and Online Monitoring Act (CPDPA) into law on May 10, 2022, making Connecticut the most recent state to pass its own privacy law in the absence of comprehensive federal privacy legislation. Connecticut follows in the steps of Nevada, California, Virginia, Colorado and Utah in enacting its…