Data Protection

Your AI Therapist May Need a Lawyer: Pennsylvania Brings Suit Against Chatbot Developer

May 14, 2026 By Jennifer Everett, Sean Sullivan, Jennifer Pike, Sara Pullen and Jonathan Jagoda

Our Health Care Group investigates a lawsuit against Character.AI that raises legal risks for AI platforms presenting themselves as licensed professionals and signals tightening regulatory scrutiny. AI chatbot developers could face regulatory action, private lawsuits, and reputational harm if bots imply professional credentials or offer regulated advice Federal and state authorities are increasing scrutiny of chatbot […]

The Era of AI-Driven Data Breaches Has Arrived

May 13, 2026 By Amanda Wellen, Ashley Miller and Donald Houser

A recent lawsuit signals the rapid convergence of issues relating to artificial intelligence, vendor‑managed platforms, and individual arbitration in the data breach ecosystem. In Woodard v. OpenAI, Inc. & Mixpanel, Inc., Case No. 3:25-cv-10301 in the Northern District of California, Plaintiffs alleged that Mixpanel uses artificial intelligence technologies developed by OpenAI to collect user data. […]

Challenge to Utah’s App Store Accountability Act Voluntarily Dismissed Following Statutory Amendments

April 27, 2026 By Maki DePalo and Hyun Jai Oh

On April 21, 2026, the Computer & Communications Industry Association (trade association) voluntarily dismissed its constitutional challenge to the Utah App Store Accountability Act (ASAA). The dismissal follows statutory amendments enacted earlier this year that removed the Utah Attorney General’s (AG) authority to enforce the law. This sequence of events underscores the increasingly complex and […]

The World Data Organization: A New Player in Global Data Governance – What Businesses Need to Know

April 23, 2026 By Daniel Felz and Yin Tydir

On March 30, 2026, the World Data Organization (WDO) was officially launched in Beijing. The WDO describes itself as a non-governmental, non-profit organization headquartered in Beijing, with a stated mission of “bridging the data divide, unlocking data’s value, and powering the digital economy.” The WDO is a China-headquartered effort to address a governance gap: while […]

Britain’s Financial Regulators Raise the Bar on Cyber Reporting and Resilience

April 20, 2026 By Kelly Hagedorn and Kristen Bartolotta

Cyber risk has shifted from a technical issue to a systemic one and Britain’s financial regulators are making that reality unmistakably clear. On March 18, 2026, the Financial Conduct Authority (FCA), Prudential Regulation Authority (PRA), and Bank of England announced a new, unified cyber and operational resilience framework that strengthens the requirements on how firms […]