Alston & Bird Privacy, Cyber & Data Strategy Blog

“Show Your Work, AI”: Congress Pushes for AI Model Transparency

April 8, 2026 By Cynthia Cole, John Lesko and Sara Pullen

On March 26, 2026, a bipartisan group of U.S. lawmakers introduced H.R. 8094, titled the “AI Foundation Model Transparency Act of 2026” (“AI FMTA”). At its core, the AI FMTA would require developers of certain large AI Models, like ChatGPT or Claude, to publicly disclose key information about how the models are trained, what the models are designed to do, where the limitations and risks lie, and how the models are evaluated and monitored. To be clear, the purpose is to provide the public with … [Read more] about “Show Your Work, AI”: Congress Pushes for AI Model Transparency

Key AI, Cybersecurity, and Privacy Takeaways from the NAIC 2026 Spring Meeting

April 1, 2026 By Dorian Simmons

From March 22–25, the National Association of Insurance Commissioners (“NAIC”) held its 2026 Spring National Meeting in San Diego, California. During the meeting, the Innovation, Cybersecurity, and Technology Committee, along with its working groups … [Read more] about Key AI, Cybersecurity, and Privacy Takeaways from the NAIC 2026 Spring Meeting

California Jumps into AI Procurement with State Governing Principles in an Executive Order

April 1, 2026 By David Keating, Cynthia Cole, Daniel Felz and Santi Villar

On March 30, 2026, California Governor Gavin Newsom signed Executive Order N-5-26 (the “Order”), aimed at governing the responsible procurement and deployment of Generative Artificial Intelligence ("GenAI") across California's state government. The … [Read more] about California Jumps into AI Procurement with State Governing Principles in an Executive Order

Connecticut Proposes Mandatory Forensic Investigation and Reporting for Large Scale Data Breaches

March 31, 2026 By Kim Peretti and Alysa Austin

Connecticut lawmakers have introduced legislation that, if enacted, would significantly expand breach-response obligations for organizations affected by large-scale cybersecurity incidents. As proposed, Raised Senate Bill 117 (SB 117), would create a … [Read more] about Connecticut Proposes Mandatory Forensic Investigation and Reporting for Large Scale Data Breaches

CISA Warns Organizations to Harden Endpoint Management Systems Following Cyberattack on Stryker Corporation

March 31, 2026 By Kim Peretti and Andrew Rice

On March 18, 2026, the Cybersecurity and Infrastructure Security Agency (CISA) issued an alert (the Alert) urging U.S. organizations to harden their endpoint management systems following the March 11, 2026 cyberattack against medical technology firm … [Read more] about CISA Warns Organizations to Harden Endpoint Management Systems Following Cyberattack on Stryker Corporation