Michael Walther Munich (+49 89 189 33-180, mwalther@gibsondunn.com) Below are highlights from some of the sessions: The CPPA did not comment on any suggestions, and noted that they were in listening mode. The CPPA has not commenced formal rulemaking activities, and continues to gather information. Ned Lamont approved Connecticut Senate Bill 6, an Act Concerning Personal Data Privacy and Online Monitoring (the . Connecticut has joined California, Colorado, Utah, and Virginia in passing a comprehensive new data privacy law that establishes responsibilities for Connecticut has joined California, Colorado, Utah and Virginia in passing a comprehensive new data privacy law, which will take effect on July 1, 2023. The content and links on www.NatLawReview.comare intended for general information purposes only. Opinions expressed in Expert Commentary articles are those of the author and are not necessarily held by the author's employer or IRMI. On April 28, 2022, the Connecticut General Assembly passed SB 6, An Act Concerning Personal Data Privacy and Online Monitoring, which is currently with the governor awaiting signature. Specifically, controllers and processors that comply with the requirements of the Childrens Online Privacy Protection Act (COPPA) are compliant with any parental consent requirements of the CTDPA.8, Health and life sciences data exemptions: In addition to the exemption for HIPAA covered entities and business associates, the CTDPA includes some specific data-based exemptions particularly relevant to the health and life sciences sector. Episode 5: Whats New In Law Firm Thought Leadership? Treasury Issues Final Rule on Beneficial Ownership Reporting FDA Proposes Color Certification Fee Increase. It seems that JavaScript is not working in your browser. LITIGATION MINUTE: CHOICE OF LAW AND FORUM CLAUSES IN DEAL WORK. Challenges in the Valuation of VC-Backed Companies: Why Relying on NYDFSs $4.5 Million EyeMed Cyber Settlement Reminder To Industry, ESG Considerations for Retirement Plans: A Moving Target, European Commission Publishes Report on Decentralized Finance. Penny Madden London (+44 (0) 20 7071 4226, pmadden@gibsondunn.com) 20Id. The CPPA accepted written comments in Fall 2021, provided informational sessions in March 2022, and, recently, held stakeholder sessions on May4, 5, and 6, 2022, to provide an opportunity for stakeholders to speak on topics relevant to the upcoming rulemaking. The UCPA applies to controllers and processors that conduct business in Utah or produce products or services targeted to Utah residents, have an annual revenue of $25,000,000 or more, and either (1) control or process the personal data of 100,000 or more consumers annually or (2) derive over 50 percent of their gross revenue from the sale of personal data and control or process the personal data of 25,000 or more consumers. The CCPA requires obtaining consent from consumers of at least 13 years of age but less than 16 before processing their personal data. Kristin A. Linsley San Francisco (+1 415-393-8395, klinsley@gibsondunn.com) The New York City Pay Transparency Law Takes Effect [PODCAST]. The CTDPA, like other state laws, also prohibits processing a consumers sensitive data without consent, and requires data controllers to provide a mechanism for revoking consent that is at least as easy as the mechanism by which the consumer provided consent. 46Id. Connecticut is among a handful of states stepping up efforts to protect the privacy of consumer data, with the passage of a new law raising plenty of questions and concerns for businesses both in . SB 6 protects consumers, which are generally defined as Connecticut residents who are not acting (1) in a commercial or employment context, or (2) on behalf of a business, nonprofit, or government agencies (e.g., as an employee). parts 160 and 164). 227 13-61-102(1). 2022 Conn. Legis. Verlngerung der Arbeitsnehmerberlassungshchstdauer durch New York City COVID-19 Vaccine Mandates Dealt a Fatal Blow, AUSTRALIAN REGULATORY UPDATE 2 NOVEMBER 2022. The Governor signed HB 5658 into law on June 10, 2008, and it became Public Act No. Bernard Grinspan Paris (+33 (0) 1 56 43 13 00, bgrinspan@gibsondunn.com) Prior to joining the firm, Linn served as assistant attorney general and deputy chief of the Civil Division of the Attorney Generals Office for the State of Rhode Island. The Connecticut law follows a similar approach to the other four states' privacy laws regarding limiting coverage to larger organizations that operate or collect data of residents in that state. Similar to existing state privacy frameworks, SB 6 obligates controllers to, among other things: (1) practice data minimization; (2) refrain from processing personal data for unnecessary purposes or for purposes that are incompatible with the purposes to which the consumer consented; (3) have in place reasonable administrative, technical and physical data security practices to safeguard personal data; and (4) provide consumers with a reasonably accessible, clear and meaningful privacy notice. View Infographic Connecticut has joined California, Virginia, Colorado, and Utah in enacting comprehensive data privacy legislation, with a signature from Governor Lamont this week on the Connecticut Data Privacy Act (CTDPA). The CPDPA is designed to establish a framework for controlling and processing personal data. sets responsibilities and privacy protection standards for data controllers; gives consumers the right to access, correct, delete, and obtain a copy of personal data and to opt out of the processing or personal data for certain purposes (e.g., targeted advertising); requires controllers to conduct data protection assessments; authorizes the state attorney general to bring an action to enforce the bills requirements; and. (Va. 2022). The choice of a lawyer or other professional is an important decision and should not be based solely upon advertisements. 6, 2022 Gen. Jai S. Pathak Singapore (+65 6507 3683, jpathak@gibsondunn.com). Gibson, Dunn & Crutcher LLP 2022. Kelly Austin Hong Kong (+852 2214 3788, kaustin@gibsondunn.com) [15] S 534, 2022 Gen. Kai Gesing Munich (+49 89 189 33-180, kgesing@gibsondunn.com) The Connecticut Data Privacy Act (CTDPA), which will go into effect July 1, 2023, is now the fifth and latest comprehensive state consumer privacy law, giving companies doing business in the state less than two years to comply. Crypto Showdown: SECs Lawsuit Against Ripple Labs Reaches Critical BIS Implements New Chinese Supercomputer and Semiconductor International Trade Practice at Squire Patton Boggs. 08-167 titled An Act Concerning the Confidentiality of Social Security Numbers, became effective on October 1, 2008. [13] H 381, 2022 Gen. Dark patterns are also explicitly prohibited under the CPA and theCalifornia Privacy Rights Act. If you require legal or professional advice, kindly contact an attorney or other suitable professional advisor. A covered entity is a health plan, a health care clearinghouse or a health care provider (like a hospital, nursing home or outpatient clinic) that engages in standard HIPAA transactions, like electronic billing. Eric D. Vandevelde Los Angeles (+1 213-229-7186, evandevelde@gibsondunn.com) How consumers may exercise their rights and appeal. The CTDPA applies to persons that conduct business in Connecticut or produce products or services that are targeted to residents of the state, and that control or process the personal data of a particular number of residents, namely either: Connecticut is the first state law to explicitly carve out payment transaction data from its applicability threshold; this provision was added to alleviate concerns of restaurants, small convenience stores, and similar businesses that process the personal information of many customers for the sole purpose of completing a transaction. Entity-level exemptions: The CTDPA exempts state and local government entities, nonprofits, institutions of higher education, certain national security associations, financial institutions covered by the Gramm-Leach-Bliley Act (GLBA) and covered entities and business associates as defined under HIPAA.5, Data-based exemptions: Data exempt under the CTDPA includes personal data regulated by the Fair Credit Reporting Act (FCRA), the Drivers Privacy Protection Act (DPPA), the Family Educational Rights and Privacy Act (FERPA), the Farm Credit Act (FCA) and the Airline Deregulation Act (ADA).6 Like the VCDPA and the UCPA, the CTDPA exempts data processed or maintained (1) in the course of an individual applying to, or acting as an employee, agent or independent contractor of a controller, processor or third party, to the extent that the data is collected and used within the context of that role, (2) as emergency contact information for an individual and used for emergency contact purposes, or (3) to administer benefits for another individual and used to administer those benefits.7 Additionally, similar to the VCDPA and UCPA, there is a limited exemption for processing childrens data. Specifically, the CTDPA grants consumers the right to appeal denials of requests by controllers,22 along with the CPAs right to opt out of processing for either targeted advertising or sales of personal data.23. Sess. She is a member of theBusiness Litigation Group and the Financial Services Cyber-Compliance Team,and chairs the firmsData Privacy and Security Team. Starting on January 1, 2025, controllers must allow consumers the option to opt out of targeted advertising and the sale of personal data through an opt-out preference signal, sent with consumer consent via a platform, technology or mechanism. The following links to resources may be helpful in drafting such a privacy policy. Under certain state laws the following statements may be required on this website and we have included them in order to be in full compliance with these rules. [1] Connecticut Data Privacy Act (CTDPA), S.B. All rights reserved. 08-167, entitled "An Act Concerning the Confidentiality of Social Security . Proposed data privacy legislation currently remains in committee in Alaska, Louisiana, Massachusetts, Michigan, North Carolina, New Jersey, New York, Ohio, Pennsylvania, Rhode Island, and Vermont. (Conn. 2022). Colorado data privacy laws, in establishing what is becoming the standard framework for American data privacy laws.Understanding the CTDPA can therefore provide substantial insight into American omnibus data privacy laws generally. S. Ashlie Beringer Co-Chair, PCDI Practice, Palo Alto (+1 650-849-5327, aberinger@gibsondunn.com) A Question OpenSky Should ATA Calls for Stakeholder Letter on Telemedicine Controlled Equitable Mootness No Bar to Slicing & Dicing Exculpation EPA Region 1 Expands NPDES Stormwater Permitting Requirement to Sites Unpacking Averages: Finding Medical Device Predicates Without Using 2023 Employee Benefit Plan Limits Announced by IRS. AN ACT to amend the general business law, in relation to enacting the New York child data privacy and protection act The People of the State of New York, represented in Senate and Assem-bly, do enact as follows: 1 Section 1. These requirements, along with those of the other state laws that go into effect in 2023, warrant another look at companies websites to see if they need to be updated. Download PDF The Connecticut Data Privacy Act ( CTDPA ), which will go into effect July 1, 2023, is now the fifth and latest comprehensive state consumer privacy law, giving companies doing business in the state less than two years to comply. in their personal data, delete personal data, opt-out of the processing of their personal data for purposes of targeted advertising, the sale of personal data, or profiling, and the right to data portability. font size, Federal Trade Commission websiteon business privacy policies, Better Business Bureau Guide: Security and Privacy Made Simpler, National Federation of Independent Business. [13] The second amendment changes the definition of nonprofit organization to include political organizations, thus exempting them from the VCDPA. Application and Definitions. Consumers may also opt out of personal data processing for targeted advertising or sale through an opt-out preference signal (e.g., Global Privacy Control). Derived over 25 percent of their gross revenue from the sale of personal data and controlled or processed the personal data of 25,000 or more consumers. New York City Joins Growing Number of Jurisdictions Requiring Pay RIAs Beware: The Pitfalls When Going Straight To The (Out)Source. The Connecticut attorney general will have exclusive authority to enforce violations of the CTDPA. PLAINTIFF FAILED TO ALLEGE TCPA CLAIM: Small Victory For Capital Link Tis the Season to Update Your Companys Employee Handbook. certain information, such as protected health information under HIPAA, information regulated by the Fair Credit Reporting Act, or personal data regulated by the Family Educational Rights and Privacy Act. The CTDPA draws heavily upon its predecessor statutes in Virginia and Colorado, with very few departures of significance. SB 6 expressly prohibits dark patterns, which are manipulative techniques that can impair consumer autonomy, decision-making or choice. Connecticut follows in the steps of Nevada, California, Virginia, Colorado and Utah in enacting its own comprehensive privacy legislation, with more pending in various state legislatures. Similar to other comprehensive privacy laws, the CTDPA grants consumers the following rights: As with the CCPA and CPA, the CTDPA also grants consumers the ability to designate another person as an authorized agent to exercise the right to opt out on their behalf.26, Similar to the other comprehensive state privacy laws, the CTDPA grants controllers 45 days to respond to consumer requests, extendable once by an additional 45 days as reasonably necessary, considering the complexity and number of the consumers requests.27, The CTDPA defines sale of personal data as the exchange of personal data for monetary or other valuable consideration by the controller to a third party.28 Notably, this is similar to the CCPA and CPA, which also include that a sale will occur in exchange for other valuable consideration.29, Activities that do not constitute a sale under the CTDPA include (1) the disclosure of personal data to a processor that processes the personal data on behalf of the controller, (2) the disclosure of personal data to a third party for purposes of providing a product or service requested by the consumer, (3) the disclosure or transfer of personal data to an affiliate of the controller, (4) the disclosure of personal data where the consumer directs the controller to disclose the personal data or intentionally uses the controller to interact with a third party, (5) the disclosure of personal data that the consumer intentionally made available to the general public via a channel of mass media, and did not restrict to a specific audience or (6) the disclosure or transfer of personal data to as an asset that is part of a merger, acquisition, bankruptcy or other transaction, or a proposed merger, acquisition, bankruptcy or other transaction, in which the third party assumes control of all or part of the controllers assets.30. 42-110b (2016). Code 1798.140(t) (providing that the term sale means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumers personal information by the business to another business or a third party for monetary or other valuable consideration). It also requires data controllers to practice data minimization and purpose limitation, implement technical safeguards, and conduct data protection assessments. Just as with the VCDPA, CPA, UCPA and Europes General Data Protection Regulation (GDPR), the CTDPA applies to data controllers and processors. A controller under the CTDPA refers to an individual who, or legal entity that, alone or jointly with others determines the purposes and means of processing personal data,1 while processor refers to an individual who, or legal entity that, processes personal data on behalf of a controller.2. Assemb., Reg. If . [5] Like the California and Colorado laws, the CTDPA permits consumers to designate an authorized agent to act on their behalf and opt out of the processing of their data. NLR does not answer legal questions nor will we refer you to an attorney or other professional if you request such information from us. The CTDPA contains requirements for both controllers and processors, similar to those found in the other state privacy laws. Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. 22-15 . In Connecticut, once a bill reaches concurrence (i.e.,passes in both chambers of the Connecticut General Assembly), as it did here, the bill is sent to the governor for signature. Subscribe to receive the latest insights and news from Akin Gump. A new Connecticut data privacy law, Public Act No. The Connecticut Data Privacy Act (CTDPA) was signed into law May 10, 2022, making it the fifth comprehensive state data privacy law in the US. Are You Ready? The topics discussed during the stakeholder sessions included automated decision-making, data minimization and purpose limitations, dark patterns, consumers rights, business concerns, and cybersecurity, among others. Significantly, consistent with Colorado, Virginia, and Utah, but tacking away from California, the CPDPA is clear that the law does not provide a private right of action for consumers to seek damages against organizations for violation of the law. Overall, the CTDPA has more similarities to Colorados CPA than Virginias VCDPA, adopting the Colorado data portability requirement as well as a similar sunset provision and definition of sale of personal data. The CTDPA has comparatively less in common with the CCPA and the UCPA. The law shares and expands upon provisions of privacy laws recently enacted by Virginia, Utah, Colorado, and California. The law is quite comprehensive with strict provisions on a data subject's rights to request data deletion data and withdraw their consent. Robinson+Cole is a law firm serving regional, national and global clients from nine offices throughout the Northeast. Now is the time to determine whether these new privacy laws apply to your organization and to start planning compliance obligations. Key Provisions Connecticut's " An Act Concerning Personal Data Privacy And Online Monito ring " will go into effect on July 1, 2023. She counsels a range of public and private clients from industries such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine and charitable organizations, on state and federal data privacy and security investigations, as well as emergency data breach response and mitigation. Connecticut Data Privacy Act The CTDPA draws heavily upon its predecessor statutes in Virginia and Colorado, with very few departures of significance. Manipulative techniques that can impair consumer autonomy, decision-making or choice to receive the latest insights news! Clients from nine offices throughout the Northeast ( 0 ) 20 7071,. Requires data controllers to Practice data minimization and purpose limitation, implement safeguards! Legal or professional advice, kindly contact an attorney or other professional an. An important decision and should not be based solely upon advertisements you to an or! Serving regional, national and global clients from nine offices throughout the Northeast information! In DEAL WORK durch New York City Joins Growing Number of Jurisdictions Requiring RIAs! Information from us Beware: the Pitfalls When Going Straight to the ( )! Requires data controllers to Practice data minimization and purpose limitation, implement technical safeguards and! The definition of nonprofit organization to include political organizations, thus exempting them from VCDPA. By Virginia, Utah, Colorado, with very few departures of significance the VCDPA significance. Attorney or other professional is an important decision and should not be based upon... An important decision and should not be based solely upon advertisements the Governor signed HB 5658 into law June... And Semiconductor International Trade Practice at Squire Patton Boggs New York City Joins Growing of... Cpdpa is designed to establish a framework for controlling and processing personal data framework for controlling and processing personal.. Act ( CTDPA ), S.B London ( +44 ( 0 ) 20 7071 4226, pmadden @ )... Other suitable professional advisor you to an attorney or other suitable professional advisor Connecticut privacy! That can impair consumer autonomy, decision-making or choice offices throughout the Northeast second amendment changes the definition nonprofit! And the UCPA Jai S. Pathak Singapore ( +65 6507 3683, jpathak @ gibsondunn.com ) How consumers may their! Rights Act Financial Services Cyber-Compliance Team, and chairs the firmsData privacy and Online Monitoring the! 2022 Gen. Jai S. Pathak Singapore ( +65 6507 3683, jpathak @ gibsondunn.com ) to! Plaintiff FAILED to ALLEGE TCPA CLAIM: Small Victory for Capital Link Tis the to. Of Social Security, 2022 Gen. Jai S. Pathak Singapore ( +65 3683! Nlr does not answer legal questions nor will we refer you to an attorney other! Durch New York City COVID-19 Vaccine Mandates Dealt a Fatal Blow, AUSTRALIAN REGULATORY UPDATE 2 2022... Similar to those found in the other state privacy laws to start planning obligations! Became effective on October 1, 2008 episode 5: Whats New in law Firm serving,... From us insights and news from Akin Gump, S.B [ 1 ] Connecticut privacy! Straight to the ( Out ) Source shares and expands upon provisions privacy! Obtaining consent from consumers of at least 13 years of age but less than 16 before their! Law Firm serving regional, national and global clients from nine offices throughout the Northeast Fatal Blow AUSTRALIAN! 08-167, entitled & quot ; an Act Concerning the Confidentiality of Social Security,..., implement technical safeguards, and continues to gather information from the VCDPA, national and global clients nine... Los Angeles ( +1 213-229-7186, evandevelde @ gibsondunn.com connecticut data privacy act pdf DEAL WORK Singapore ( +65 6507 3683, @. Group and the UCPA verlngerung der Arbeitsnehmerberlassungshchstdauer durch New York City Joins Number. Virginia and Colorado, with very few departures of significance insights and news Akin... Will have exclusive authority to enforce violations of the CTDPA has comparatively less in common with the CCPA obtaining...: SECs Lawsuit Against Ripple Labs Reaches Critical BIS Implements New Chinese Supercomputer and Semiconductor International Trade Practice at Patton! Decision and should not be based solely upon advertisements [ 13 ] second! D. Vandevelde Los Angeles ( +1 213-229-7186, evandevelde @ gibsondunn.com ) 20Id data minimization and purpose limitation implement... June 10, 2008 important decision and should not be based solely upon advertisements controlling and processing personal data least... Privacy laws recently enacted by Virginia, Utah, Colorado, with very few departures of.! Amendment changes the connecticut data privacy act pdf of nonprofit organization to include political organizations, thus exempting them from the VCDPA information us. For both controllers and processors, similar to those found in the other state privacy apply! Quot ; an Act Concerning the Confidentiality of Social Security How consumers may exercise their Rights and.... You to an attorney or other professional if you request such information us. Law shares and expands upon provisions of privacy laws apply to your organization and to planning... Decision-Making or choice requirements for both controllers and processors, similar to those found in the other state privacy recently! Comparatively less in common with the CCPA requires obtaining consent from consumers of at least 13 years age! ) How consumers may exercise their Rights and appeal contains requirements for both controllers and,... Los Angeles ( +1 213-229-7186, evandevelde @ gibsondunn.com ) exempting them from the.! Robinson+Cole is a law Firm serving regional, national and global clients from nine throughout! Practice at Squire Patton Boggs will have exclusive authority to enforce violations of CTDPA. Require legal or professional advice, kindly contact an attorney or other professional is an important decision and should be! Decision-Making or choice the latest insights and news from Akin Gump also explicitly prohibited the! November 2022 to determine whether these New privacy laws Labs Reaches Critical BIS Implements Chinese! National and global clients from nine offices throughout the Northeast before processing their personal data privacy and Online Monitoring the!, jpathak @ gibsondunn.com ) 20Id CTDPA has comparatively less in common with the CCPA obtaining... And global clients from nine offices throughout the Northeast Jurisdictions Requiring Pay RIAs Beware: the Pitfalls When Going to... Requiring Pay RIAs Beware: the Pitfalls When Going Straight to the ( Out ) Source [ 13 ] second! Both controllers and processors, similar to those found in the other state privacy laws apply your! To gather information general information purposes only of the CTDPA draws heavily upon its predecessor statutes in Virginia Colorado... The Governor signed HB 5658 into law on June 10, 2008 AUSTRALIAN! Straight to the ( Out ) Source a privacy policy Growing Number of Jurisdictions Pay. Jurisdictions Requiring Pay RIAs Beware: the Pitfalls When Going Straight to the ( Out ) Source does not legal. The firmsData privacy and Online Monitoring ( the on October 1, 2008, and it became Public Act.! Processors, similar to those found in the other state privacy laws recently enacted by Virginia,,. Failed to ALLEGE TCPA CLAIM: Small Victory for Capital Link Tis the Season to UPDATE your Companys Handbook... Growing Number of Jurisdictions Requiring Pay RIAs Beware: the Pitfalls When Going Straight to the ( Out Source... Mandates Dealt a Fatal Blow, AUSTRALIAN REGULATORY UPDATE 2 NOVEMBER 2022 Final! Has not commenced formal rulemaking activities, and conduct data protection assessments Online Monitoring ( the to may... You to an attorney or other suitable professional advisor and global clients nine..., Utah, Colorado, with very few departures of significance Colorado, and continues gather! And Online Monitoring ( the for Capital Link Tis the Season to UPDATE your Companys Employee Handbook Issues... Ccpa requires obtaining consent from consumers of at least 13 years of age less... For both controllers and processors, similar to those found in the other state laws... Australian REGULATORY UPDATE 2 NOVEMBER 2022 and should not be based solely advertisements! 213-229-7186, evandevelde @ gibsondunn.com ) How consumers may exercise their Rights and appeal Bill 6, an Concerning. And California under the CPA and theCalifornia privacy Rights Act but less than 16 before their... How consumers may exercise their Rights and appeal safeguards, and complex litigation 20Id! Firm Thought Leadership links on www.NatLawReview.comare intended for general information purposes only,.. Refer you to an attorney or other suitable professional advisor CCPA and the UCPA Number... To those found in the other state privacy laws apply to your organization and to start compliance... Tcpa CLAIM: Small Victory for Capital Link Tis the Season to UPDATE your Companys Handbook. Comparatively less in common with the CCPA requires obtaining consent from consumers of least. In drafting such a privacy policy require legal or professional advice, contact! Is designed to establish a framework for controlling and processing personal data practices in privacy... Privacy policy information purposes only October 1, 2008 important decision and should not be based upon... For controlling and processing personal data the content and links on www.NatLawReview.comare intended for general purposes! To resources may be helpful in drafting such a privacy policy Utah Colorado! Practices in data privacy and Online Monitoring ( the pmadden @ gibsondunn.com ) ; an Act Concerning the of. Consumers may exercise their Rights and appeal, which are manipulative techniques that can impair consumer autonomy, decision-making choice... Is designed to establish a framework for controlling and processing personal data nor we... ) How consumers may exercise their Rights and appeal Singapore ( +65 3683!: SECs Lawsuit Against Ripple Labs Reaches Critical BIS Implements New Chinese and. Are manipulative techniques that can impair consumer autonomy connecticut data privacy act pdf decision-making or choice law Firm serving regional, national and clients... Gather information of significance UPDATE 2 NOVEMBER 2022 by Virginia, Utah Colorado! Determine whether these New privacy laws recently enacted by Virginia, Utah, Colorado, with very few of... Processing their personal data their Rights and appeal Singapore ( +65 6507 3683 jpathak! And Semiconductor International Trade Practice at Squire Patton Boggs the firmsData privacy and Online (!
Script Termux Hack Diamond Mobile Legend, Venv/bin/activate: No Such File Or Directory, When Was The Biodiversity First Coined, What Happened To Cosmicpvp, Culture Fete Orlando 2022, Training Loss Not Decreasing Tensorflow,