Privacy & Cyber Regulatory Enforcement

One Federal Privacy Bill to Rule Them All?

April 29, 2026 By Jennifer Everett, Jennifer Pike and Sara Pullen

On April 21, 2026, Republican lawmakers on the House Energy & Commerce Committee, including Congressman Brett Guthrie and Congressman John Joyce, M.D., Leader of the Energy and Commerce Data Privacy Working Group, introduced the “Securing and Establishing Consumer Uniform Rights and Enforcement over Data Act”, the SECURE Data Act (the “Act”). The Act is designed […]

Challenge to Utah’s App Store Accountability Act Voluntarily Dismissed Following Statutory Amendments

April 27, 2026 By Maki DePalo and Hyun Jai Oh

On April 21, 2026, the Computer & Communications Industry Association (trade association) voluntarily dismissed its constitutional challenge to the Utah App Store Accountability Act (ASAA). The dismissal follows statutory amendments enacted earlier this year that removed the Utah Attorney General’s (AG) authority to enforce the law. This sequence of events underscores the increasingly complex and […]

Britain’s Financial Regulators Raise the Bar on Cyber Reporting and Resilience

April 20, 2026 By Kelly Hagedorn and Kristen Bartolotta

Cyber risk has shifted from a technical issue to a systemic one and Britain’s financial regulators are making that reality unmistakably clear. On March 18, 2026, the Financial Conduct Authority (FCA), Prudential Regulation Authority (PRA), and Bank of England announced a new, unified cyber and operational resilience framework that strengthens the requirements on how firms […]

“Show Your Work, AI”: Congress Pushes for AI Model Transparency

April 8, 2026 By Cynthia Cole, John Lesko and Sara Pullen

On March 26, 2026, a bipartisan group of U.S. lawmakers introduced H.R. 8094, titled the “AI Foundation Model Transparency Act of 2026” (“AI FMTA”). At its core, the AI FMTA would require developers of certain large AI Models, like ChatGPT or Claude, to publicly disclose key information about how the models are trained, what the […]

Key AI, Cybersecurity, and Privacy Takeaways from the NAIC 2026 Spring Meeting

April 1, 2026 By Dorian Simmons

From March 22–25, the National Association of Insurance Commissioners (“NAIC”) held its 2026 Spring National Meeting in San Diego, California. During the meeting, the Innovation, Cybersecurity, and Technology Committee, along with its working groups on Third-Party Data and Models, Big Data and Artificial Intelligence, and Cybersecurity, addressed key developments regarding oversight of third-party data and […]