On September 1, 2025, the amendments to the Texas Data Broker Act (the Act) became effective. The Act, which originally came into effect on September 1, 2023, defines “data brokers” as business entities that derive their principal source of revenue … [Read more] about Texas Expands Data Broker Act Requirements
On August 27, 2025, the Cybersecurity and Infrastructure Security Agency (CISA), in coordination with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the United States Department of Defense Cyber Crime Center (DC3) … [Read more] about United States, International Coalition Issue Joint Warning of Increasing PRC Backed Threat Activity
The Cybersecurity and Infrastructure Security Agency (CISA) has extended the deadline for it to issue final rules about mandatory incident reporting for critical infrastructure entities. The original deadline of October 2025 was pushed by six months … [Read more] about CISA Gives Itself an Extension for Cyber Incident Reporting Rules
On August 28, 2025, Colorado Governor Jared Polis signed Senate Bill 25B-004 (Bill) into law, extending the compliance deadline of the Colorado Artificial Intelligence Act (CAIA) from February 1, 2026, to June 30, 2026. The Bill does not alter the … [Read more] about Compliance Deadline for Colorado AI Act Delayed Until June 30, 2026
On September 9, 2025, the California Privacy Protection Agency (CPPA) announced a joint investigation sweep targeting businesses that may be failing to honor consumers’ opt-out requests submitted via Global Privacy Control (GPC) signals, in … [Read more] about Multistate Privacy Investigative Sweep Targeting Website Global Privacy Control (GPC) Noncompliance