Snap, the parent company of Snapchat, is facing scrutiny from the UK Information Commissioner’s Office (ICO) over concerns regarding its artificial intelligence chatbot, My AI. The ICO has issued a preliminary enforcement notice alleging that Snap failed to properly assess the privacy risks associated with the chatbot, particularly in relation to the protection of minors’ data. Although no breach has been discovered, reports have surfaced of inappropriate content being shared by the chatbot, such as advice on underage drinking and losing virginity. Snap has stated that My AI has safeguards in place to prevent offensive responses and is reviewing the ICO’s decision. The company is committed to protecting user privacy and will work with the ICO to address any concerns.
In another regulatory development, China has released a draft version of its Provisions on Regulating and Promoting Cross-Border Data Flows. The document suggests that China is relaxing its restrictions on international data transfers. Under the new provisions, personal employee data required for human resources management will no longer require a transfer mechanism, and the threshold for data requiring an official security assessment will be raised. The draft provisions also permit Free Trade Zones in China to publish their own “negative lists” exempt from transfer mechanism rules. The public has until October 15 to provide feedback, and a final version may be released by November 30.
In California, Governor Gavin Newsom has signed the Delete Act into law, making it easier for residents to have their data removed from data brokerage databases. Currently, residents can only request individual brokers to delete their data, which is a cumbersome process. Under the new law, the California Privacy Protection Agency will create a tool that allows Californians to request the deletion of their personal information from all data brokers with a single request. The bill aims to protect sensitive information and establish California as a leader in consumer privacy. However, critics argue that it could have negative consequences for the economy and hinder small businesses’ ability to compete. The law is expected to pose challenges in terms of implementation and enforcement, particularly in verifying that data has been permanently deleted.
In an article published by the Knight Institute, former members of Facebook’s public policy team discuss the concept of “jawboning,” which refers to attempts by government officials to persuade tech companies to change their content moderation policies. The authors provide insights into how US government officials would use informal persuasion tactics to pressure employees into altering company policies. This could involve explicit requests during meetings or implicit threats of retribution if the officials’ wishes were not met. The article also highlights how Facebook’s stance on upholding first amendment rights shifted after the 2016 election, partly due to jawboning by government officials.
Overall, these developments reflect ongoing concerns surrounding data privacy and the regulation of technology companies. Governments and regulatory bodies continue to take steps to protect users, particularly minors, and ensure that companies adhere to data protection rules. It remains to be seen how these measures will be implemented and enforced, but they indicate a growing focus on privacy and accountability in the digital age.