Artificial Intelligence (AI)

How to Comply with the EU AI Act: Guidance from the Spanish AI Regulator

December 15, 2025 By Alice Portnoy and Wim Nauwelaerts

On December 10, the Spanish supervisory authority for the EU AI Act (Agencia Española de Supervisión de Inteligencia Artificial, or AESIA) published a set of 16 detailed guidelines and non-binding checklists (available online here in Spanish) designed to help companies navigate their obligations under the AI Act, which entered into force in August 2024. The […]

Unlocking the MIND Act: The Senate To Take on the Challenge of Neurotechnology

September 25, 2025 By Sara Pullen

On September 24, 2025, Ranking Member Cantwell (D-Wash.), Leader Schumer (D-NY), and Senator Markey (D-Mass.) announced they will introduce the “Management of Individuals’ Neural Data Act of 2025” (“MIND Act”). If enacted, the MIND Act will direct the Federal Trade Commission (“FTC”) to conduct a comprehensive study and report on the collection, processing, storage, sale, […]

California Finalizes New and Amended CCPA Regulations

September 24, 2025 By David Keating, Dorian Simmons and Anna von Spakovsky

On September 23, 2025, the California Privacy Protection Agency (“CPPA”) announced that the California Office of Administrative Law (“OAL”) had approved the new and amended California Consumer Privacy Act regulations that the CPPA delivered to OAL for approval following the CPPA’s July 24, 2025 Board meeting. This was the last step under California law to […]

Compliance Deadline for Colorado AI Act Delayed Until June 30, 2026

September 10, 2025 By Maki DePalo and Hyun Jai Oh

On August 28, 2025, Colorado Governor Jared Polis signed Senate Bill 25B-004 (Bill) into law, extending the compliance deadline of the Colorado Artificial Intelligence Act (CAIA) from February 1, 2026, to June 30, 2026. The Bill does not alter the CAIA’s substantive requirements. But it remains uncertain whether the Colorado legislature will introduce further amendments […]

CPPA Board Votes to Adopt CCPA Regulations; Open DROP Rules to Public Comment

July 25, 2025 By Dorian Simmons

On July 24, 2025, the California Privacy Protection Agency (“CPPA”) Board voted to adopt draft regulations under the California Consumer Privacy Act (“CCPA”) concerning cybersecurity audits, risk assessments, automated decisionmaking technologies, and the CCPA’s application to insurance companies. The approved regulations also include certain updates to the existing CCPA regulations. The CPPA will now submit […]