As 2025 drew to a close, the United States Department of Justice (DOJ) announced significant developments in cases relating to the allegedly deficient cybersecurity practices of two Department of Defense (DoD) contractors. These two cases suggest … [Read more] about DOJ Cybersecurity Enforcement Pace Shows No Signs of Slowing Down Going Into 2026
Earlier this month, the Spanish Data Protection Authority (Agencia Española de Protección de Datos, or AEPD) issued new guidance on the privacy and data protection risks associated with uploading images or photos - whether directly or indirectly … [Read more] about Spanish DPA Highlights Privacy Risks in GenAI Content Creation
A Texas state court has issued a temporary restraining order (“TRO”) blocking Hisense, a major Chinese smart TV manufacturer, from collecting data on the content viewers watch via Automatic Content Recognition (“ACR”) technology. Background The … [Read more] about Texas Court Blocks Smart TV Data Collection
The New York Department of Financial Services (NYDFS) has released a new set of Frequently Asked Questions (FAQs 18–23) under 23 NYCRR Part 500, reinforcing its position that multifactor authentication (MFA) remains a critical component of a covered … [Read more] about NYDFS Releases New Prescriptive FAQs on MFA
On December 10, the Spanish supervisory authority for the EU AI Act (Agencia Española de Supervisión de Inteligencia Artificial, or AESIA) published a set of 16 detailed guidelines and non-binding checklists (available online here in Spanish) … [Read more] about How to Comply with the EU AI Act: Guidance from the Spanish AI Regulator