Topic · Data protection, consent, and AI-specific privacy rights
AI Privacy
AI privacy regulation extends traditional data-protection rights into AI-specific contexts: training data provenance, automated decision-making, and inference rights. AIGI tracks every primary-source AI privacy law and enforcement action across global jurisdictions. As of the most recent update, AIGI tracks 508 primary-source items on ai privacy across global jurisdictions.
Coverage at a glance
- Items tracked
- 508
- Jurisdictions
- 8
- Last update
- 7/8/2026
Most active jurisdictions
Recent ai privacy activity
- NL guidance effective 7/8/2026
[AP] AI vergroot gevaren van cyberaanvallen
The Dutch Data Protection Authority (AP) warns that the rapid growth of AI increases the dangers of cyberattacks, phishing, and data breaches, urging organizations to immediately enhance digital security.
Authority: Autoriteit Persoonsgegevens
- BR enforcement action enforcement 6/8/2026
ANPD inicia processo para sancionar Claro por irregularidades no compartilhamento de dados pessoais de clientes com a Serasa
Brazil's ANPD has initiated an administrative sanctioning process against Claro for alleged LGPD violations in data sharing with Serasa, and an investigation into Serasa's transparency.
Authority: Autoridade Nacional de Proteção de Dados (Brazil)
- US guidance effective 6/18/2026
[CISA] CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure
CISA urges Fortinet customers to immediately terminate sessions, reset credentials, enable MFA, and secure management access due to reports of global credential exposure impacting FortiGate devices.
Authority: Cybersecurity and Infrastructure Security Agency
- BR enforcement action enforcement 6/8/2026
ANPD inicia processo para sancionar Claro por irregularidades no compartilhamento de dados pessoais de clientes com a Serasa
Brazil's ANPD initiated administrative processes against Claro and Serasa for alleged LGPD violations regarding excessive and untransparent personal data sharing.
Authority: Autoridade Nacional de Proteção de Dados (Brazil)
- US regulation effective 12/28/2000
[HHS OCR] Standards for Privacy of Individually Identifiable Health Information
This rule establishes standards for the privacy of individually identifiable health information under HIPAA, applying to health plans, clearinghouses, and providers to protect patient rights and regulate data uses and disclosures.
Authority: HHS Office for Civil Rights
- US regulation effective 5/1/2020
[HHS OCR] 21st Century Cures Act: Interoperability, Information Blocking, and the ONC Health IT Certification Program
This final rule implements provisions of the 21st Century Cures Act regarding health IT interoperability, information blocking, and ONC Health IT Certification Program requirements.
Authority: HHS Office for Civil Rights
- FR enforcement action enforcement 5/28/2026
[CNIL] Données de santé : sanction de 5 millions d’euros à l’encontre de la société IQVIA
The French CNIL fined IQVIA OPERATIONS FRANCE €5 million and issued injunctions for failing to comply with data protection authorizations regarding health data warehouses, citing insufficient transparency, rights exercise, and security measures.
Authority: CNIL
- MN agency report effective 2/5/2026
Minnesota Consumer Data Privacy Act takes full effect
The Minnesota Attorney General's office announced that the Minnesota Consumer Data Privacy Act is now fully effective, ending the 30-day notice period for enforcement actions as of February 1, 2026.
Authority: Minnesota Attorney General
- IN enforcement action enforcement 3/27/2025
General Motors sold Hoosier drivers on using OnStar - then sold their data to raise rates – now Attorney General Todd Rokita is driving right through this deceptive collection plan
Indiana AG Todd Rokita has filed a lawsuit against General Motors and OnStar for allegedly secretly collecting and selling Indiana drivers’ personal data to third parties, including insurance companies, without consent, in violation of the Indiana Deceptive Consumer Sales Act.
Authority: Indiana Attorney General
- CA enforcement action enforcement 5/8/2025
[CA CPPA] CPPA Orders Florida Data Broker to Pay Fine
The California Privacy Protection Agency (CPPA) ordered Florida data broker National Public Data to pay a $46,000 fine for failing to register and pay annual fees under the Delete Act.
Authority: California Privacy Protection Agency
- CA enforcement action enforcement 9/9/2025
[CA CPPA] California Privacy Protection Agency Announces Joint Investigative Privacy Sweep
The California Privacy Protection Agency, alongside Colorado and Connecticut Attorneys General, announced a joint investigative sweep into businesses failing to honor Global Privacy Control (GPC) opt-out signals for personal information.
Authority: California Privacy Protection Agency
- CA agency report comment period 5/13/2025
[CA CPPA] CPPA Opposes Enforcement Moratorium in House Energy & Commerce Budget Reconciliation Bill
The California Privacy Protection Agency (CPPA) formally opposes a House bill provision that would impose a 10-year moratorium on state AI and ADMT enforcement.
Authority: California Privacy Protection Agency
+ 496 more items in the full archive — start trial for full access.
Frequently asked questions
- What is AI Privacy?
- AI privacy regulation extends traditional data-protection rights into AI-specific contexts: training data provenance, automated decision-making, and inference rights. AIGI tracks every primary-source AI privacy law and enforcement action across global jurisdictions.
- How many ai privacy laws does AIGI track?
- AIGI currently tracks 508 primary-source items under ai privacy — spanning bills, regulations, enforcement actions, court opinions, and agency guidance from authorities across global jurisdictions.
- Which jurisdictions are most active on ai privacy?
- Most active jurisdictions on ai privacy in the current corpus: CA (9), US (7), BR (6), TN (4), MN (3).
- How current is AIGI's ai privacy coverage?
- The most recent ai privacy item AIGI tracked was published on 7/8/2026. AIGI runs continuous ingestion against every active authority source.
- Where do AIGI's ai privacy citations come from?
- Every item on this page links to its primary government or research source. AIGI's citation methodology is documented at /how-we-cite — we do not paraphrase or remix secondary commentary; we resolve every pointer to the underlying authority.
Related
Stay informed