In honor of Data Privacy Day (January 28th), we present our top 10 data privacy and cybersecurity predictions for 2024.
- AI regulations to protect data privacy.
Automated decision-making tools, smart cameras, wearables, and similar applications that leverage technology commonly referred to as “artificial intelligence” or “AI” will continue to expand in 2024, protecting personal privacy and secure data upon deployment. Regulations are also expected to expand. Those technologies.Last year, we created a comprehensive Executive order from the Biden administrationthe New York City AI Law goes into effect and the following states will take effect: Connecticut passes law regarding state use of AI. Already in 2024, several states have introduced proposed AI regulations, including: New York developing AI Bill of Rights.
The use of “generative AI” has also exploded as several industries seek to leverage its benefits while managing risks. For example, in healthcare, AI and HIPAA When it comes to maintaining the confidentiality of protected health information, you don’t have to mix and match. Moreover, generative AI is not only used for good purposes. Criminals are stepping up phishing attacks against the healthcare industry.
- The patchwork of state privacy laws continues to grow.
In 2023, seven states added comprehensive consumer privacy laws. Several other states have also enacted more restrictive privacy laws covering social media and health-related data. The expansion is expected to continue in 2024. Already in 2024, new jersey New Hampshire also passed its own consumer privacy law, which is expected to go into effect in 2025. New Hampshire is also not far behind in terms of the likelihood of passing the law.
- Children’s data protection will expand.
In 2023, several states passed or considered data protection bills for minors amid growing concerns that the Children’s Online Privacy Protection Act (COPPA) does not do enough to protect children’s data. connecticut Additional protections for minors’ data were added in 2023.
In 2024, the Federal Trade Commission (FTC) Notice of Proposed Rulemaking Regarding COPPAIn addition, several states have proposed legislation to protect children’s online privacy.
- The need for cybersecurity audits to protect data will continue to grow.
As privacy laws become stronger, companies need to start protecting the data they collect and maintain. The importance of conducting cybersecurity audits to ensure policies and procedures are in place.
In 2023, California Department of Privacy Protection Considers Regulations on Cybersecurity Auditsof s. SEC and F.T.C. Expanded reporting requirements for security breaches, audits, incident response plans, and tabletop exercises to avoid such incidents have become even more important.
It is expected that further regulations and laws will be enacted that force companies to consider cybersecurity to protect individual privacy.
- Protection of genetic and health data will continue to increase.
In 2023, nevada and Washington We passed the Health Data Privacy Act to protect data collected outside of HIPAA. Montana passes genetic information privacy law.This year too nebraska It is promoting its own genetic information privacy law. Concerns about health and genetic data are likely to grow, along with other privacy concerns, and so will laws and regulations. Illinois has also seen a significant increase in class action lawsuits under state law. Genetic Information Privacy Act (GIPA). GIPA was similar to the state’s Biometric Information Privacy Act (BIPA) and had nearly identical relief provisions, except that the statutory damages were higher than his BIPA.
- Ongoing enforcement measures for data security.
As laws and regulations strengthen, so too do enforcement actions. Many state laws and city ordinances only allow government enforcement, but these groups will begin enforcing their requirements to ensure businesses have an incentive to comply. In 2023, New York State Attorney GeneralContinue to proactively enforce data security requirements.
- HIPAA compliance will continue to be difficult as it overlaps with cybersecurity.
In 2023, the Office of Civil Rights (OCR), which enforces HIPAA, discussed the issue of motoring. Cybersecurity and HIPAA Compliance similarly Other compliance concerns. In 2024, HIPAA-compliant companies will rely on new and convenient technologies and data sharing to maintain privacy and protect HIPAA-covered information as cybersecurity threats continue to grow. You will be asked to decide how to use it.
- Website tracking technology continues to be a hot topic.
In 2023, both F.T.C. And that Health and Human Services (HHS) He called out website tracking technologies such as “pixels” as problematic. At the time this guidance was issued, litigation surrounding these technologies related to data privacy and data sharing concerns was already growing.To help our clients identify and address these risks Jackson Lewis and SecondSight team up to provide organizations with website compliance assessment tools It has been well received.
In 2024, we can expect to see more website tracking lawsuits as well as enforcement actions from government agencies that deem this technology to violate consumer privacy rights.
- Biometric information is expected to be increasingly used to address privacy and security issues.
As you move towards “Passwordless” society, technologies that use biometric identifiers and information continue to be the “go-to” method of authentication. However, regulations regarding the collection and use of biometric information are also increasing. Although the Illinois Biometric Information Privacy Act (BIPA) has done the most to protect biometric information, many new comprehensive privacy laws include protections for biometric information.See our Biometric authentication law map For development.
- The number of privacy-related class action lawsuits will continue to increase.
Whether it’s BIPA, GIPA, CIPA, TCPA, DPPA, pixel lawsuits, or data breach class actions, 2024 is likely to see an increase in privacy-related class actions. That’s why it’s more important than ever for businesses to understand and ensure the protection of the data they collect and manage.
For these reasons and more, we believe data privacy will remain at the forefront of many industries in 2024, and Jackson Lewis will continue to track related developments. Happy Privacy Day!