Effective January 1, 2026, new legislation in California and Oklahoma will introduce important updates to each state’s breach notification requirements. These changes may significantly impact breach response obligations for businesses operating in or … [Read more] about Key Breach Notification Updates in California and Oklahoma for 2026
On October 13, 2025, California Governor Gavin Newsom signed Assembly Bill 1043, the Digital Age Assurance Act (Act), into law. Effective January 1, 2027, the Act introduces a device-based age verification system designed to create safer digital … [Read more] about California Enacts Digital Age Verification Law
The day before the recent federal government shutdown, a ten-year old cybersecurity law expired before it could be reauthorized. The Cybersecurity Information Sharing Act of 2015 (“CISA”) provided a mechanism for private companies to share … [Read more] about Government Shutdown Creates Lapse in Cyber Threat Information Sharing
On October 15, 2025, the UK’s Information Commissioner’s Office (ICO) fined Capita plc and Capita Pension Solutions Limited (collectively “Capita”) £14 million (~$18.8 million) for failing to implement adequate security measures to protect the … [Read more] about UK Data Protection Regulator Fines Capita ~$18.8 Million Following a Ransomware Attack
On September 29, 2025, the Federal Trade Commission (FTC) announced a legal action against the operator of the anonymous messaging app Sendit and its CEO for violations of multiple consumer protection and privacy laws. The complaint, filed in the … [Read more] about FTC Cracks Down on Messaging App Operator on Child Data Exploitation