AI Cybersecurity & Privacy

The Trump Administration’s AI Framework: Key Federal Policy Priorities and Legislative Recommendations

March 27, 2026 By Daniel Felz, Cynthia Cole and John Lesko

On March 20, 2026, the Trump Administration released its National Policy Framework for Artificial Intelligence (“AI Framework”), a legislative recommendation document intended to guide Congress in establishing a unified federal approach to artificial intelligence (“AI”) governance. The White House’s new AI Framework follows closely behind Senator Marsha Blackburn’s March 18, 2026, legislative discussion draft (“AI […]

U.S. Senator Marsha Blackburn Proposes National AI Legislative Framework

March 23, 2026 By Daniel Felz and John Lesko

On March 18, 2026, U.S. Senator Marsha Blackburn issued an artificial intelligence (“AI”) legislative framework discussion draft (“AI Discussion Draft”) titled the “Trump America AI Act.” According to Senator Blackburn, this intends to codify President Trump’s December 11, 2025, executive order for establishing a uniform federal AI policy. Senator Blackburn stated, “[President Trump] called on […]

CalPrivacy Seeks Input on Reducing Friction in Privacy Rights Experience and Challenges with Opt-Out Preference Signals

March 16, 2026 By Maki DePalo and Hyun Jai Oh

On March 6, 2026, the California Privacy Protection Agency (CalPrivacy) published an Invitation for Preliminary Comments seeking public input on whether regulatory changes are needed in two related areas under the California Consumer Privacy Act (CCPA): (1) reducing friction in exercising privacy rights ; and (2) the operation and use of opt-out preference signals (OOPS). […]

Threat Actors Exploit Google’s Gemini to Accelerate Cyberattacks

March 3, 2026 By Seol Namgoong and Kim Peretti

Google Threat Intelligence Group (GTIG) recently reported that cybercriminals—in particular, state-sponsored threat actors from North Korea, Iran, China, and Russia—are misusing Gemini, Google’s large language model (LLM), to support all stages of their attack lifecycle. Specifically, GTIG observed threat actors using Gemini to code and script tasks, accelerate reconnaissance, research publicly known vulnerabilities, and enable […]

Spanish DPA Releases Agentic AI Guidance

February 23, 2026 By Alice Portnoy and Wim Nauwelaerts

On 18 February 2026, the Spanish Data Protection Authority (Agencia Española de Protección de Datos or ‘AEPD’) published an 81‑page guidance document on the privacy aspects of AI systems operating as agents – commonly referred to as ‘agentic AI’. The guidance is aimed at companies that process personal data under the EU General Data Protection […]