Privacy & Cyber Regulatory Enforcement

Louisiana Delays App Store Accountability Effective Date to July 2027

May 27, 2026 By Maki DePalo, Daniel Felz and Hyun Jai Oh

On May 15, 2026, the Louisiana Governor signed HB 977 (Bill) into law, delaying the effective date of the Louisiana App Store Accountability Act (ASAA) by one year, to July 1, 2027. The amendments to the Louisiana ASAA come amid ongoing First Amendment challenges to similar laws in other states, and resemble recent developments in […]

NYDFS Issues Frontier AI Advisory and Guidance for Heightened Cyber Threat Environment

May 26, 2026 By Kim Peretti, Ashley Miller, Lance Taubin and Taylor Veracka

On May 21, 2026, the New York Department of Financial Services (“NYDFS”) issued two Industry Letters to the organizations it regulates (“Regulated Entities”): “Heightened Cybersecurity Risks Associated with Frontier AI Models” (the “Advisory”) and “Guidance on Measures Regulated Entities Should Consider in a Heightened Cybersecurity Threat Environment” (the “Guidance”) (collectively, the “Letters”). The Letters discuss […]

May Flowers Bring Fresh Insight from CalPrivacy

May 19, 2026 By Cynthia Cole and John Lesko

Increased scrutiny of data brokers, rapid scaling of enforcement operations and active opposition to federal privacy preemption are in bloom in the Golden State. On May 1, 2026, the California Privacy Protection Agency (the “Agency”) Board (the “Board”) held a public meeting to review and discuss enforcement activities, legislative developments, and international data transfer issues. […]

Colorado Replaces Landmark AI Act—Creating New Trails for AI Rules and Private AI Litigation

May 14, 2026 By Daniel Felz, Cynthia Cole and Anna von Spakovsky

On May 12, 2026, the Colorado legislature passed SB 26-189, which repeals and replaces its landmark Artificial Intelligence Act. Colorado is doing away with the concept of “algorithmic discrimination” and moving instead to a notice- and disclosure-based regime focused on automated decision-making. This time, it does so without a carve-out for deployers who are small […]

Your AI Therapist May Need a Lawyer: Pennsylvania Brings Suit Against Chatbot Developer

May 14, 2026 By Jennifer Everett, Sean Sullivan, Jennifer Pike, Sara Pullen and Jonathan Jagoda

Our Health Care Group investigates a lawsuit against Character.AI that raises legal risks for AI platforms presenting themselves as licensed professionals and signals tightening regulatory scrutiny. AI chatbot developers could face regulatory action, private lawsuits, and reputational harm if bots imply professional credentials or offer regulated advice Federal and state authorities are increasing scrutiny of chatbot […]