Effective January 1, 2026, new legislation in California and Oklahoma will introduce important updates to each state’s breach notification requirements. These changes may significantly impact breach response obligations for businesses operating in or handling data related to residents of these states. Below is a summary of the key provisions under each law. California – Senate […]
Data Protection
California Enacts Digital Age Verification Law
On October 13, 2025, California Governor Gavin Newsom signed Assembly Bill 1043, the Digital Age Assurance Act (Act), into law. Effective January 1, 2027, the Act introduces a device-based age verification system designed to create safer digital environments for children under 18. The Act underscores a trend of state laws that require age verification or […]
Unlocking the MIND Act: The Senate To Take on the Challenge of Neurotechnology
On September 24, 2025, Ranking Member Cantwell (D-Wash.), Leader Schumer (D-NY), and Senator Markey (D-Mass.) announced they will introduce the “Management of Individuals’ Neural Data Act of 2025” (“MIND Act”). If enacted, the MIND Act will direct the Federal Trade Commission (“FTC”) to conduct a comprehensive study and report on the collection, processing, storage, sale, […]
California Finalizes New and Amended CCPA Regulations
On September 23, 2025, the California Privacy Protection Agency (“CPPA”) announced that the California Office of Administrative Law (“OAL”) had approved the new and amended California Consumer Privacy Act regulations that the CPPA delivered to OAL for approval following the CPPA’s July 24, 2025 Board meeting. This was the last step under California law to […]
Chilean Regulator Launches Public Consultation on New Cybersecurity Law
On 16 September 2025, the Chilean Cybersecurity Agency (Agencia Nacional de Ciberseguridad, ‘ANCI’) launched a public consultation on its provisional list of companies that may be classified as ‘operators of vital importance’ (Operadores de Importancia Vital, ‘OVI’) under the recently enacted Chilean Cybersecurity Law (Ley Marco de Ciberseguridad No. 21.663, ‘LMC’). This list (available online […]