Banner Image
qoute Image

We didn't want the legislation to be punitive on businesses that were trying to do the right thing.

- Sen. Donna Soucy on New Hampshire SB 255

Welcome to Snippets! The final text of the EU AI Act was leaked not once, but twice this week—making waves in privacy, AI, and regulatory circles alike. While regulators reached a political agreement on the act last year and the ink isn't officially dry, the released documents do offer significant insight into the shape of the final text. 

Plus, the EU Commissioner for Justice expressed confidence that a US/EU data sharing deal for law enforcement would move forward, New Hampshire is set to become the 14th state with a comprehensive privacy law, and the US Congress continues to mull changes to Section 702. 


Leaked text reveals progress on EU AI Act

After two unofficial versions of the proposed EU AI Act were published online, first by Euractiv Technology Editor Luca Bertuzzi and then by Laura Caroli, Senior AI Policy Advisor at the European Parliament, insights have emerged on how the proposed legislation is taking shape.
  • France, whose government was accused of being influenced by lobbyists, maintained its skeptical stance on regulating Foundation AI models and is pushing for concessions.
  • The proposed text states that:
    • Prohibitions on AI systems with  unacceptable risk would apply 6 months after the Act goes into force.
    • High-risk AI systems may only be deployed with human oversight and creators must maintain records of appropriate monitoring.
    • Member states have 24 months to establish at least one AI regulatory sandbox at the national level.
  • In his post leaking the final text, Bertuzzi noted his decision was driven by the “massive public attention” the act has received.

🤝 Bridging the gap between engineering and privacy teams

Join us January 31 at 9am PT for the first episode of Harmony in Code and Compliance! Featuring Jay Averitt of Microsoft, K Royal, CPO at Crawford & Company, and Safaa Darwish, Program Manager at Transcend, you'll leave this session with:

- Strategies for building strong partnerships between privacy and engineering teams
- How to address common cross-functional concerns when collaborating on privacy projects
- Real-world examples of effective partnerships in action

Register today to save your seat!


Despite concerns, EU commissioner confident in police data transfer deal 


Daniel Mihailescu/AFP via Getty Images

Didier Reynders, the European Commissioner for Justice, told POLITICO he expects a US/EU deal providing law enforcement bilateral access to Big Tech data to be signed before November’s presidential election.
  • Under current regulations, US law enforcement can obtain data from US-headquartered companies anywhere in the world.
  • In contrast, EU police must go through a complex process—a roadblock they claim has affected, and even ended, past investigations.
  • While the EU is concerned about US law enforcement overreach, civil rights advocates worry EU countries with a poor history of upholding the rule of law could misuse the new agreement to curb freedom of speech.


New Hampshire Senator Donna Soucy talks SB 255

With New Hampshire’s Senate Bill 255 set to become the 14th US state privacy law, Senator Donna Soucy, who has driven the bipartisan bill through the committee’s floors, spoke to IAPP about the bill’s intended objectives and impact.
  • Responding to concerns over the feasibility of the bill’s enforcement, Soucy pointed to the additional resources and $1 million budget earmarked for investigations and enforcement.
  • Soucy noted the new rules are meant to establish industry standards for consumer disclosures, while also giving consumers the ability to control where their data is held and make corrections or deletions as necessary.
  • Further demonstrating the bipartisan nature of the bill, Soucy noted the decision to limit the cure period to one year post-enactment was the result of a compromise made with the House.

  • France fines Amazon $35 million for intrusive monitoring.
  • Patients sue doctors after sensitive photos leak online.
  • Meta to expand user privacy choices in the EU.
  • OSOM releases new “Privacy Cable.”
  • CPPA launches new privacy rights informational website.


Congress mulls balance between privacy and security in Section 702


Bill Clark/CQ Roll Call

With an April 19 deadline looming for the reauthorization of Section 702, lawmakers and privacy advocates will resume the debate over balancing national security and individual privacy within the bill’s text.
  • Last year, Congress passed a temporary extension for Section 702 in the 2024 defense policy bill—following two contested proposals from the Judiciary and Intelligence committees.
  • The Judiciary Committee backed a bill requiring warrants to obtain Americans’ information, while the Intelligence Committee’s bill bars the FBI from conducting Section 702 searches solely to find criminal evidence.
  • Opponents of Section 702 note the FBI scoured US citizens' information over 5 million times in only three years.
  • Though Congressional attention to this issue has wavered, Rep. Pramila Jaypal noted, “we’re trying to figure out how to ramp up the momentum again.”


One startup’s attempt to break the Android-iOS duopoly


Apostrophy Phone - Apostrophy

In a notable attempt to break the iOS-Android duopoly, Swiss startup Apostrophy has developed a new operating system aimed at replacing the app-based model with a more secure alternative.
  • When content consumption shifted from documents to apps, publishers gained access to huge amounts of user data.
  • Apostrophy’s new phone, Punkt, attempts to limit app usage by replacing the app grid with an icon grid that gives users access to different files and data as needed.
  • Users can still download Android apps, but all apps are run within a sandbox that prevents interaction with other phone features.

🏆 Introducing the 2024 Privacy First Award winners

As we all know, privacy pros do important work in a dynamic, often difficult industry—so this year, we're kicking off the Privacy First awards to acknowledge and celebrate those efforts!

The Privacy First Awards are a celebration of outstanding individuals pursuing better privacy for all—from legal experts to Chief Privacy Officers, engineers to security executives.

Transcend Horizontal Logo

Snippets is delivered to your inbox every Thursday morning by Transcend. We're the platform that helps companies put privacy on autopilot by making it easy to encode privacy across an entire tech stack. Learn more.

You received this email because you subscribed to Snippets. Did someone forward this email to you? Head over to Transcend to get your very own free subscription! Curated in San Francisco by Transcend.