:

LAWMAKERS PUSH BAN ON AI COMPANIES SELLING HEALTH DATA

AI DESK1 MIN READ
MON, JUN 29, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

Senator Elizabeth Warren and Representative Mary Gay Scanlon are introducing an updated Health and Location Data Protection Act designed to prevent AI companies from selling Americans' health and location information to data brokers.

The revised bill targets a gap in existing privacy protections: data people voluntarily share with AI chatbots like ChatGPT and Claude. The original version, introduced in June 2022, focused on traditional data brokers but didn't account for how AI systems collect and potentially monetize sensitive information. The new proposal would prohibit the sale of health data and location information gathered from AI interactions, closing a loophole that has emerged as generative AI adoption accelerated. This includes sensitive disclosures users make during conversations with AI assistants. The lawmakers plan to debut the updated legislation in the coming weeks. The move reflects growing concern among legislators about privacy safeguards in an AI-driven landscape, where companies collect vast amounts of personal data through increasingly sophisticated tools.

■ SOURCES

The Verge

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

A Cambridge study reveals that terrorist organizations including Boko Haram and ISIS are using ChatGPT, Claude, and Gemini to plan attacks and develop weapons. Safety filters designed to prevent such misuse have repeatedly failed.

1H AGOAI Desk

The Australian Cyber Security Centre has issued an alert about coordinated exploitation of vulnerable content management systems and plugins worldwide. The campaign targets organizations using outdated or unpatched CMS software.

3H AGOAI Desk

Artificial intelligence discovered a critical security vulnerability in Linux kernel code that human developers overlooked for over a decade. The bug could allow unauthorized root access to systems.

8H AGOAI Desk

Researchers have demonstrated a new attack called 'Ghostcommit' that hides prompt injections in PNG files to fool AI code reviewers and agents into exposing repository secrets.

10H AGOAI Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.