On February 25, 2026, the Federal Trade Commission (“FTC”) issued an enforcement policy statement announcing that the Commission will not bring enforcement actions under the Children's Online Privacy Protection Act ("COPPA") Rule against operators of … [Read more] about The FTC’s COPPA Policy Statement to Incentivize Age Verification Through a More Flexible Enforcement Approach
Two months after the New York Department of Financial Services (“NYDFS”) updated its Frequently Asked Questions (“FAQs”), which we wrote about here, NYDFS has released updated FAQs on multifactor authentication (“MFA”) that further clarify 23 NYCRR § … [Read more] about NYDFS Revises Prescriptive FAQs on Multifactor Authentication
Google Threat Intelligence Group (GTIG) recently reported that cybercriminals—in particular, state-sponsored threat actors from North Korea, Iran, China, and Russia—are misusing Gemini, Google’s large language model (LLM), to support all stages of … [Read more] about Threat Actors Exploit Google’s Gemini to Accelerate Cyberattacks
Almost two years after seeking stakeholder input about a final rule under the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), the Cybersecurity and Infrastructure Security Agency (CISA) announced that it will hold virtual … [Read more] about CISA Revives CIRCIA Rulemaking
On February 13, 2026, a putative class filed a Complaint in the U.S. District Court for the Northern District of Illinois alleging that Tempus AI, Inc. (“Tempus AI”) violated the Illinois Genetic Information Privacy Act (410 ILCS 513/1 et seq., … [Read more] about Genetic Goldmine or Legal Landmine? Tempus AI Confronts GIPA Exposure