On 18 February 2026, the Spanish Data Protection Authority (Agencia Española de Protección de Datos or ‘AEPD’) published an 81‑page guidance document on the privacy aspects of AI systems operating as agents – commonly referred to as ‘agentic AI’. The guidance is aimed at companies that process personal data under the EU General Data Protection […]
AI Cybersecurity & Privacy
Federal Court Rules using AI Tools can Waive Privilege, Even if Privileged Information is Input into Them
On February 10, 2026, the U. S. District Court for the Southern District of New York held that a criminal defendant could not claim attorney-client privilege over documents he produced using a commercially available artificial intelligence (“AI”) tool – even though he had input privileged information from his lawyers into the tool. This case is […]
California Attorney General Announces Investigative Sweep into “Surveillance Pricing”
On January 28, 2026, California Attorney General (“AG”) Rob Bonta announced an investigative sweep targeting “surveillance pricing” practices among businesses in the retail, grocery, and hotel sectors. The investigation focuses on companies that use consumers’ personal information to set individualized prices. According to the AG’s press release, surveillance pricing practices could violate the California Consumer […]
New York Regulates Large Artificial Intelligence Models
On December 19, 2025, just eight days after President Trump issued an executive order titled “Ensuring a National Policy Framework for Artificial Intelligence” to challenge burdensome state laws that regulate artificial intelligence (the “December 2025 EO”), New York Governor Kathy Hochul signed the Responsible Artificial Intelligence (“AI”) Safety and Education Act (the “RAISE Act”). The […]
Spanish DPA Highlights Privacy Risks in GenAI Content Creation
Earlier this month, the Spanish Data Protection Authority (Agencia Española de Protección de Datos, or AEPD) issued new guidance on the privacy and data protection risks associated with uploading images or photos – whether directly or indirectly identifying individuals – into generative AI tools. The guidance is particularly focused on situations where those images are […]