Eagle Alpha Legal Wrap - November 2023
Eagle Alpha rounds up some of the most relevant legal and compliance articles surrounding the alternative data space over the past month.
US
The SEC's Division of Examinations released its 2024 exam priorities earlier than usual with a focus on broker-dealers and private funds. The priorities include specific areas of concern like compliance with cybersecurity, conflicts of interest, and emerging technologies, such as crypto assets and artificial intelligence applications in investment advising. You can access the full announcement here.
Gina Raimondo, US commerce secretary, announced the creation of an institute to develop top-tier standards for AI safety, security, and testing, despite the UK's plans to establish an international AI Safety Institute. President Joe Biden’s recent executive order on AI safety and security is regarded as one of the most robust actions taken by any government in the world in this domain. You can access the full article here.
California Governor Gavin Newsom signed SB 362, the Delete Act, granting residents the right to request their personal information's deletion from all state data brokers' databases. This new legislation mandates all data brokers to register with the California Privacy Protection Agency. It establishes a centralized and free method for residents to request data deletion from all brokers, irrespective of how the data was obtained. You can access the full article here.
The 9th US Circuit Court of Appeals revived a shareholders' proposed class action against Meta for allegedly concealing the misuse of user data during 2017 and 2018. The court ruling reinstated shareholders' claims that Meta falsely presented the risk of data compromise as hypothetical, despite the company being aware of the Cambridge Analytica breach, which violated its privacy policies. You can access the full article here.
Better Markets, a nonprofit organization, submitted comments to the SEC regarding the proposed rule to address conflicts of interest arising from the use of predictive data analytics AI in financial firms. The organization warns against algorithms prioritizing a firm's profits over investor interests and nudging users to trade more frequently, potentially leading to harmful interactions. You can access the full article here.
EU
The European Commission's proposal for the European Health Data Space (EHDS) is under negotiation, but Ireland has begun its preparations, emphasizing the need for sustainable investment. The EHDS aims to create a single market for health data within the EU, allowing citizens access to their digitized health information across member states. Dublin is aligning its national legislation, the Health Information Bill, with the EHDS regulations and the EU Digital Decade. You can access the full article here.
The German government introduced a bill for the Health Data Use Act (GDNG) to facilitate health data usage for R&D and AI under certain conditions. The GDNG bill allows healthcare providers to reuse patient data for quality assurance, patient protection, and research. However, sharing data among healthcare providers requires patient consent, legal obligation, or anonymization. You can access the full article here.
UK
The AI safety summit took place in the UK with concerns raised about the lack of transparency surrounding the training data of powerful AI models like OpenAI's ChatGPT and Google's Bard. Sunak highlighted the necessity for regulation and government capability to comprehend these models. A landmark agreement was reached between the UK and US governments and AI companies to collaborate on safety testing before new models are released. You can access the full article here.
China
The Ministry of State Security revealed the discovery of hundreds of meteorological stations spread across more than 20 provinces that were sending real-time weather data abroad, posing national security risks and violating data regulations. Some of these stations were believed to be funded directly by foreign governments and strategically placed around sensitive sites, including military bases and grain-producing regions, to gather altitude, GPS data, and crop growth information. You can access the full article here.
The Cyberspace Administration of China released draft regulations on the use of facial recognition technology. The law prohibits the analysis of ethnicity or religion and mandates facial data processing only with consent or legal permission. Furthermore, it forbids the technology's use for actions that may endanger national security, disrupt social order, or harm public interests. You can access the full article here.