Alston & Bird Privacy, Cyber & Data Strategy Blog

Jennifer Everett

Jennifer Everett

About Jennifer Everett

Jennifer Everett focuses on regulatory compliance, enforcement, and transactions in data privacy, cybersecurity, health care, and emerging technologies. Jennifer offers strategic guidance to public and private companies across several sectors, including life sciences and health technology, when navigating state, federal, and international privacy regulations.

[Read Bio]

New York Regulates Large Artificial Intelligence Models

By , , , and

On December 19, 2025, just eight days after President Trump issued an executive order titled “Ensuring a National Policy Framework for Artificial Intelligence” to challenge burdensome state laws that regulate artificial intelligence (the “December 2025 EO”), New York Governor Kathy Hochul signed the Responsible Artificial Intelligence (“AI”) Safety and Education Act (the “RAISE Act”). The […]

Texas Court Blocks Smart TV Data Collection

By , and

A Texas state court has issued a temporary restraining order  (“TRO”) blocking Hisense, a major Chinese smart TV manufacturer, from collecting data on the content viewers watch via Automatic Content Recognition (“ACR”) technology. Background The TRO follows lawsuits that Texas Attorney General (“AG”) Ken Paxton filed on December 15, 2025, against Hisense and four other […]

HIPAA Security Rule: Still on Track for Finalization

By , , and

Since the HHS Office for Civil Rights’ (OCR) publication of a proposed rule to overhaul the HIPAA Security Rule in January 2025, many in the health care and privacy community have wondered whether the rule would quietly fade away. Some even hoped it might be “dead in the water.” However, despite sharp criticisms and industry […]

FTC Cracks Down on Messaging App Operator on Child Data Exploitation

By , , , and

On September 29, 2025, the Federal Trade Commission (FTC) announced a legal action against the operator of the anonymous messaging app Sendit and its CEO for violations of multiple consumer protection and privacy laws. The complaint, filed in the United States District Court for the Central District of California by the Department of Justice at […]

Microsoft Announces Two New On-Premises SharePoint Vulnerabilities

By , and

  Introduction On July 19, 2025, Microsoft announced two new vulnerabilities that are actively being exploited (CVE-2025-49704 and CVE-2025-49706) and that relate to on-premises Microsoft SharePoint instances that are exposed to the internet. CVE-2025-49704 is a remote code execution (RCE) vulnerability, which allows an attacker to run malicious code on a target system. CVE-2025-49706 is […]