AI Cybersecurity & Privacy

Your AI Therapist May Need a Lawyer: Pennsylvania Brings Suit Against Chatbot Developer

May 14, 2026 By Jennifer Everett, Sean Sullivan, Jennifer Pike, Sara Pullen and Jonathan Jagoda

Our Health Care Group investigates a lawsuit against Character.AI that raises legal risks for AI platforms presenting themselves as licensed professionals and signals tightening regulatory scrutiny. AI chatbot developers could face regulatory action, private lawsuits, and reputational harm if bots imply professional credentials or offer regulated advice Federal and state authorities are increasing scrutiny of chatbot […]

The Era of AI-Driven Data Breaches Has Arrived

May 13, 2026 By Amanda Wellen, Ashley Miller and Donald Houser

A recent lawsuit signals the rapid convergence of issues relating to artificial intelligence, vendor‑managed platforms, and individual arbitration in the data breach ecosystem. In Woodard v. OpenAI, Inc. & Mixpanel, Inc., Case No. 3:25-cv-10301 in the Northern District of California, Plaintiffs alleged that Mixpanel uses artificial intelligence technologies developed by OpenAI to collect user data. […]

Your AI Scribe May Be Taking Notes (and Plaintiffs Are Too)

April 27, 2026 By Daniel Felz, Jennifer Everett, Jennifer Pike and Sara Pullen

On April 7, 2026, several plaintiffs (“Plaintiffs”) filed a putative class action complaint in the Northern District of California against Sutter Health, Memorial Health Services Inc. and Memorial Care Medical Foundation (the “Providers”). The complaint alleges the Providers illegally recorded Plaintiffs’ confidential medical information by using an AI-powered “ambient clinical documentation” tool to record clinician-patient […]

The World Data Organization: A New Player in Global Data Governance – What Businesses Need to Know

April 23, 2026 By Daniel Felz and Yin Tydir

On March 30, 2026, the World Data Organization (WDO) was officially launched in Beijing. The WDO describes itself as a non-governmental, non-profit organization headquartered in Beijing, with a stated mission of “bridging the data divide, unlocking data’s value, and powering the digital economy.” The WDO is a China-headquartered effort to address a governance gap: while […]

Secure Connectivity for Operational Technology—UK NCSC Publishes New Guidance

April 21, 2026 By Hanna Hewitt, Kelly Hagedorn and Paul Greaves

The UK National Cyber Security Centre (NCSC) published guidance to help organisations design, secure, and manage Operational Technology (OT) environments. It sets out eight core principles to improve resilience, reduce exposure, and support secure architectural decision‑making. The NCSC positions these as goals rather than minimum requirements, and operators of essential services (including those within scope […]