Texas is getting into the AI action, with a new law (the Texas Responsible Artificial Intelligence Governance Act) that will place restrictions not only on AI use by government agencies, but businesses as well. In particular,...more
7/17/2025
/ Artificial Intelligence ,
Biometric Information ,
Business Entities ,
Compliance ,
Data Privacy ,
Healthcare ,
New Legislation ,
Privacy Laws ,
Regulatory Requirements ,
State Privacy Laws ,
Technology ,
Technology Sector ,
Texas
The US “comprehensive” law landscape continues to expand, with two more states—Tennessee (July 1) and Minnesota (July 31) —joining the “comprehensive” privacy law club. Five of these -Delaware, Iowa, Nebraska, New Hampshire,...more
Montana’s privacy law has received a refresh and updates will go into effect October 1, 2025 – exactly one year since the law took effect. The law was modified with SB 297, and changes include coverage, approach with minors,...more
North Dakota recently passed a law establishing new rules for certain financial companies operating in the state – specifically “financial corporations.” The new obligations will take effect on August 1, 2025. They will apply...more
6/17/2025
/ Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Data Security ,
Financial Institutions ,
Financial Services Industry ,
New Legislation ,
Regulatory Requirements ,
Reporting Requirements ,
Risk Assessment ,
Risk Management ,
State Privacy Laws
Nebraska’s governor signed a bill into law that, among other things, creates the Parental Rights in Social Media Act. The provisions of the law will go into effect July 1, 2026, unless challenged. The law is similar to...more
Virginia’s governor recently signed into law a bill that amends the Virginia Consumer Data Protection Act. As revised, the law will include specific provisions impacting children’s use of social media. Unless contested, the...more
5/16/2025
/ Children's Online Games ,
Data Protection ,
New Legislation ,
Online Safety for Children ,
Parental Consent ,
Privacy Laws ,
Proposed Legislation ,
Regulatory Requirements ,
Social Media ,
State Privacy Laws ,
Virginia
Over half of US states require annual compliance certifications from insurance providers. While the filing time frames for this year draw to a close, companies may want to keep them in mind not only for next year, but as a...more
4/15/2025
/ Certifications ,
Compliance ,
Cybersecurity ,
Data Security ,
Filing Deadlines ,
Information Security ,
Insurance Industry ,
Privacy Laws ,
Regulatory Requirements ,
Risk Management ,
State Privacy Laws
The Virginia law, like the Colorado Act, would have imposed various obligations on companies involved in the creation or deployment of high-risk AI systems that influence significant decisions about individuals in areas such...more
3/31/2025
/ Algorithms ,
Artificial Intelligence ,
New Legislation ,
Privacy Laws ,
Proposed Legislation ,
Regulatory Reform ,
Regulatory Requirements ,
Risk Management ,
State and Local Government ,
State Legislatures ,
State Privacy Laws ,
Technology ,
Texas ,
Virginia
Utah’s governor recently signed the first law which puts age restrictions on app downloads. The law (the App Store Accountability Act, SB 142), was signed yesterday (Wednesday, April 26, 2025). We anticipate that the law may...more
Oregon’s Attorney General released a new report this month, summarizing the outcomes since Oregon’s “comprehensive” privacy law took effect six months ago. A six-month report isn’t new: Connecticut released a six month report...more
The California privacy regulator recently settled with a data broker (Key Marketing Advantage LLC) that it alleged had violated the state’s data broker law. Under the Delete Act, data brokers must, among other things,...more
At the end of 2024 the Italian Data Protection Authority issued a 15 million euro fine in the first generative AI-related case brought under GDPR. According to Garante (the Italian authority), OpenAI trained ChatGPT with...more
1/29/2025
/ Artificial Intelligence ,
Bots ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Protection Authority ,
Enforcement Actions ,
EU ,
General Data Protection Regulation (GDPR) ,
Italy ,
Personal Data ,
Privacy Laws ,
Regulatory Requirements
In the fifth in our series of California developments, we turn to data broker obligations. There are two of note. First, the California privacy agency is moving forward Delete Act regulations it proposed earlier this year....more
The FTC updated its Negative Option Rule last month and gave it a new name to emphasize the expanded scope of programs to which it applies. It will now be the “Rule Concerning Recurring Subscriptions and Other Negative Option...more
As we enter the end of the summer, the AI regulatory steam is not slowing down. Colorado is now the first US state to have a comprehensive AI law (going into effect February 1, 2026), and the EU published its sweeping AI law...more
8/14/2024
/ Algorithms ,
Artificial Intelligence ,
Automation Systems ,
Colorado ,
Computer Programmers ,
Enforcement ,
EU ,
General Data Protection Regulation (GDPR) ,
Innovative Technology ,
Machine Learning ,
New Legislation ,
Non-Discrimination Rules ,
Popular ,
Regulatory Reform ,
Regulatory Requirements ,
Risk Management ,
Software Developers
Minnesota’s governor has now signed into law that state’s comprehensive privacy law. For those keeping count – that is number 19 of state “comprehensive” privacy laws, with six in 2024 alone. The Minnesota law will go into...more
6/10/2024
/ Consumer Privacy Rights ,
Data Collection ,
Data Protection ,
Legislative Agendas ,
New Legislation ,
Notice Requirements ,
Opt-Outs ,
Personal Data ,
Popular ,
Privacy Laws ,
Recordkeeping Requirements ,
Regulatory Requirements ,
Sensitive Business Information ,
State Privacy Laws
Maryland’s new comprehensive data privacy law, the Maryland Online Data Privacy Act, was recently signed into law by Governor Moore. This brings the total number of state “comprehensive” privacy laws to 18, five of which have...more
5/21/2024
/ Consumer Privacy Rights ,
Data Privacy ,
Data Protection ,
Legislative Agendas ,
New Legislation ,
Personal Data ,
Privacy Laws ,
Regulatory Requirements ,
State and Local Government ,
State Legislatures ,
State Privacy Laws