Privacy & Cybersecurity Litigation

FTC Targets EdTech Data Practices in Final Order Following Major Student Data Breach

June 18, 2026 By Maki DePalo, Jennifer Everett, Yin Tydir and Lili Song

On June 5, 2026, the Federal Trade Commission (“FTC”) gave final approval to a modified consent order against Illuminate Education, Inc. (“EdTech Provider”), a K-12 software vendor, settling allegations that the EdTech Provider did not adequately protect the personal data of more than 10 million students. The action — which follows a public comment period […]

Produce the Prompts: A Court Says Expert AI Inputs Are Fair Game in Discovery

May 27, 2026 By Donald Houser, Gavin Reinke, Ashley Miller and Amanda Wellen

A federal court just delivered one of the clearest messages yet on AI in litigation: if an expert used AI to do the work, the prompts may be discoverable. In Conservation Law Foundation, Inc. v. Shell Oil Company et al., Magistrate Judge Thomas O. Farrish ordered the Plaintiff to produce the prompts its expert used […]

Colorado Replaces Landmark AI Act—Creating New Trails for AI Rules and Private AI Litigation

May 14, 2026 By Daniel Felz, Cynthia Cole and Anna von Spakovsky

On May 12, 2026, the Colorado legislature passed SB 26-189, which repeals and replaces its landmark Artificial Intelligence Act. Colorado is doing away with the concept of “algorithmic discrimination” and moving instead to a notice- and disclosure-based regime focused on automated decision-making. This time, it does so without a carve-out for deployers who are small […]

Your AI Therapist May Need a Lawyer: Pennsylvania Brings Suit Against Chatbot Developer

May 14, 2026 By Jennifer Everett, Sean Sullivan, Jennifer Pike, Sara Pullen and Jonathan Jagoda

Our Health Care Group investigates a lawsuit against Character.AI that raises legal risks for AI platforms presenting themselves as licensed professionals and signals tightening regulatory scrutiny. AI chatbot developers could face regulatory action, private lawsuits, and reputational harm if bots imply professional credentials or offer regulated advice Federal and state authorities are increasing scrutiny of chatbot […]

The Era of AI-Driven Data Breaches Has Arrived

May 13, 2026 By Amanda Wellen, Ashley Miller and Donald Houser

A recent lawsuit signals the rapid convergence of issues relating to artificial intelligence, vendor‑managed platforms, and individual arbitration in the data breach ecosystem. In Woodard v. OpenAI, Inc. & Mixpanel, Inc., Case No. 3:25-cv-10301 in the Northern District of California, Plaintiffs alleged that Mixpanel uses artificial intelligence technologies developed by OpenAI to collect user data. […]