:

LAWMAKERS PUSH BAN ON AI COMPANIES SELLING HEALTH DATA

AI DESK1 MIN READ
MON, JUN 29, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

Senator Elizabeth Warren and Representative Mary Gay Scanlon are introducing an updated Health and Location Data Protection Act designed to prevent AI companies from selling Americans' health and location information to data brokers.

The revised bill targets a gap in existing privacy protections: data people voluntarily share with AI chatbots like ChatGPT and Claude. The original version, introduced in June 2022, focused on traditional data brokers but didn't account for how AI systems collect and potentially monetize sensitive information. The new proposal would prohibit the sale of health data and location information gathered from AI interactions, closing a loophole that has emerged as generative AI adoption accelerated. This includes sensitive disclosures users make during conversations with AI assistants. The lawmakers plan to debut the updated legislation in the coming weeks. The move reflects growing concern among legislators about privacy safeguards in an AI-driven landscape, where companies collect vast amounts of personal data through increasingly sophisticated tools.

■ SOURCES

The Verge

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

Partnered Health, one of Australia's largest healthcare providers, has disclosed a cyber-attack affecting 21 clinics across Sydney, Melbourne, and Canberra. Personal information and medical records were compromised in the breach.

1H AGOSecurity Desk

Security firm Intruder has developed an AI-powered system that automatically identifies previously unknown software vulnerabilities by combining code analysis with large language models. The tool already discovered and exploited a WordPress plugin zero-day.

1H AGOAI Desk

U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.

6H AGOIndustry Desk

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.

6H AGOSecurity Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.