David Keating

About David Keating

David Keating focuses his practice on matters involving technology and data and co-leads the Privacy, Cyber & Data Strategy Team. He has advised clients on privacy and security issues arising along the entire data lifecycle for more than 20 years. He assists clients with compliance strategies, policy development and implementation, data monetization and data use analyses, new product development, privacy and security issues in transactions, and privacy enforcement matters.

[Read Bio]

California Jumps into AI Procurement with State Governing Principles in an Executive Order

April 1, 2026 By David Keating, Cynthia Cole, Daniel Felz and Santi Villar

On March 30, 2026, California Governor Gavin Newsom signed Executive Order N-5-26 (the “Order”), aimed at governing the responsible procurement and deployment of Generative Artificial Intelligence (“GenAI”) across California’s state government. The Order builds on the foundation laid by Executive Order N-12-23, issued in September 2023, by directing a series of actions across multiple state […]

Texas Court Blocks Smart TV Data Collection

January 5, 2026 By Jennifer Everett, David Keating and Lili Song

A Texas state court has issued a temporary restraining order (“TRO”) blocking Hisense, a major Chinese smart TV manufacturer, from collecting data on the content viewers watch via Automatic Content Recognition (“ACR”) technology. Background The TRO follows lawsuits that Texas Attorney General (“AG”) Ken Paxton filed on December 15, 2025, against Hisense and four other […]

California AG Announces $1.4 Million Settlement with Mobile App Provider for Alleged CCPA Violations

December 1, 2025 By Maki DePalo, David Keating and Hyun Jai Oh

On November 21, 2025, California Attorney General (AG) Rob Bonta announced a $1.4 million settlement with Jam City, Inc. (company), a mobile game app company, for alleged failures to enable in-app opt-outs from the sale and sharing of personal information across many of the company’s mobile apps as required by the California Consumer Privacy Act […]

California Finalizes New and Amended CCPA Regulations

September 24, 2025 By David Keating, Dorian Simmons and Anna von Spakovsky

On September 23, 2025, the California Privacy Protection Agency (“CPPA”) announced that the California Office of Administrative Law (“OAL”) had approved the new and amended California Consumer Privacy Act regulations that the CPPA delivered to OAL for approval following the CPPA’s July 24, 2025 Board meeting. This was the last step under California law to […]

Multistate Privacy Investigative Sweep Targeting Website Global Privacy Control (GPC) Noncompliance

September 10, 2025 By David Keating, Daniel Felz and Hyun Jai Oh

On September 9, 2025, the California Privacy Protection Agency (CPPA) announced a joint investigation sweep targeting businesses that may be failing to honor consumers’ opt-out requests submitted via Global Privacy Control (GPC) signals, in coordination with the Attorneys General of California, Colorado, and Connecticut. The CPPA’s announcement underscores a growing trend of multi-jurisdictional collaboration among […]