On March 20, 2026, the White House released its National Policy Framework for Artificial Intelligence. This Framework contains a sweeping set of legislative recommendations intended to establish a coherent, nationally unified approach to AI governance. While the Framework does not itself create binding legal obligations, it is likely to shape federal AI legislation in
Following the release of the Trump Administration’s new National Cyber Strategy, National Cyber Director Sean Cairncross noted in a virtual interview that the administration is considering changes to the existing cyber incident reporting rules previously promulgated by the Cybersecurity and Infrastructure Security Agency (CISA). According to Cairncross, the administration wants to ensure the rules
State privacy enforcement is entering a new phase, and Connecticut is quickly becoming a jurisdiction to watch. In its third annual Connecticut Data Privacy Act (CTDPA) enforcement report, the Office of Attorney General William Tong disclosed for the first time that it has opened multiple active investigations into how messaging platforms, gaming services, and AI
Two customers shopping for the same product on the same website at the same time may see two different prices. This scenario is a growing reality in today’s data-driven marketplace, and California regulators are paying attention. On Data Privacy Day 2026, California Attorney General Rob Bonta announced a new investigative sweep targeting “surveillance pricing”—a practice
A sharp contrast in the speed of obtaining appellate review is emerging between two key privacy statutes. While the U.S. Supreme Court is set to resolve a circuit split over the Video Privacy Protection Act (VPPA), litigants grappling with the California Invasion of Privacy Act (CIPA)—a statute one federal judge recently described as a “total
Navigating the 2026 CCPA Updates
As forecasted, effective January 1, 2026, businesses that are subject to the California Consumer Privacy Act (CCPA) must comply with newly-updated regulations. For some businesses, complying with these updates will require the implementation of or updates to policies and procedures related to, among other things, risk assessments, cybersecurity
Over the last few years, businesses, nonprofits, and other website operators have seen thousands of lawsuits and arbitrations filed under the California Invasion of Privacy Act (CIPA) alleging that the use of ubiquitous cookies and pixels on websites violates CIPA’s wiretap and pen register provisions. The California legislature considered curbing that explosion of litigation with
On November 7, 2024, Michigan lawmakers in the Senate introduced the Reproductive Data Privacy Act (“RDPA”), also known as Senate Bill 1082 (SB 1082). The bill aims to strengthen privacy protections for sensitive reproductive health data, including information on menstrual cycles, fertility, and contraception.
The RDPA is largely modeled after Washington’s My Health
On Thursday, February 8, the Federal Communications Commission (FCC) finalized its plan to ban robocalls that feature voices generated by artificial intelligence, aiming to stem the tide of AI-generated scams and misinformation campaigns. The FCC’s declaratory ruling formalized its position that the Telephone Consumer Protection Act (TCPA)—specifically, the provision prohibiting the initiation of calls “using
The latest wrinkle in the ever-changing world of data privacy litigation is the recent surge in state wiretap claims. What began as a trickle over the summer of 2020 has grown into a clear wave as plaintiffs have filed dozens of lawsuits against prominent tech, eCommerce, entertainment, and retail companies under state wiretap laws. These lawsuits seek statutory damages for the alleged interception of consumers’ electronic communications through the defendant’s use of various website analytic tools. Insofar as the use of website analytics tools is ubiquitous on the internet, privacy litigators are carefully watching the progress of these state wiretap claims. If successful, state wiretap claims could become the next TCPA, threatening virtually every company with a sizable web presence in the U.S.
Continue Reading Exploring the Rise in State Wiretap Claims