Privacy & Cyber Regulatory Enforcement

Congress Seeks Comments on Comprehensive Federal Data Privacy Law

February 25, 2025 By Jennifer Pike, Jennifer Everett and Kate Hanniford

Since the first comprehensive state data privacy law went into effect in California in 2020, 18 other states have enacted comprehensive data privacy laws, with 14 others currently moving through their respective state legislative process. The proliferation of such state laws is happening at a breakneck pace, and leaving in their wake regulated entities who […]

UK Government Proposes Targeted Ban on Ransom Payments and Increased Ransomware Incident Reporting

February 5, 2025 By Kelly Hagedorn and Kristen Bartolotta

On January 14, 2025, the United Kingdom government published a consultation on ransomware proposing new measures to increase incident reporting and reduce ransom payments (the “Consultation”). The Consultation outlines three objectives in this regard and is open for responses until April 8, 2025. Proposal 1: Targeted Ban on Ransomware Payments The UK government is proposing […]

State AGs Publish Guidance on How State Laws Apply to AI

February 3, 2025 By Daniel Felz, Jennifer Everett, Alex Brown and Dorian Simmons

On December 24, 2024 and January 13, 2025, the Oregon Attorney General’s Office and the California Attorney General’s Office published advisories (collectively, “Advisories”) explaining how existing statutes may be used to regulate, investigate and enforce against artificial intelligence (“AI”). These Advisories serve to remind AI developers, suppliers and users of heightened regulatory scrutiny of AI, […]

Last Minute Biden Cybersecurity and Artificial Intelligence Executive Orders Survive Initial Trump Revocations

January 25, 2025 By Kim Peretti, Kate Hanniford, Daniel Felz, Alysa Austin and Andrew Rice

In the final week of the Biden Administration’s term in office, former President Biden issued two high profile executive orders that could have significant ramifications for the cybersecurity and technology industries. The first, issued on January 14, 2025, is an “Executive Order on Advancing United States Leadership in Artificial Intelligence Infrastructure” (the “AI Infrastructure Order”). […]

Texas AG Files Complaint Against Major Insurance Company Regarding Data Practices

January 21, 2025 By Jennifer Everett, Kate Hanniford and Carson Kuck

The Texas Office of the Attorney General recently has become increasingly interested in the practices of organizations who collect and utilize consumer data. On January 13, 2025, the Attorney General of Texas, Ken Paxton, (the “Texas AG”) filed a complaint (the “Complaint”) against a large insurance entity and its subsidiary company (“Defendants”). The Complaint outlines […]