The increasing prevalence of cyberstalking, harmful deepfakes and online harassment is creating profound risks for individuals and organizations. So much so that Congress has implemented a federal statute designed to shift liability toward online platforms and provide victims with enforceable removal rights.
APAC is awash with recent changes in AI, privacy and cybersecurity regulations. Part one of this article examines the specifics of those changes and the paradigm shift they are precipitating.
On Oct. 9, 2025, the Colorado attorney general’s (AG) office announced final revisions to the proposed draft amendments to the Colorado Privacy Act (CPA) rules. This article provides background on the rulemaking and provide an overview of the revisions.
The continued, rapid advancement of artificial intelligence technologies comes with increasing risks for businesses, demanding that they navigate such issues more carefully than ever. Considering recent privacy class action trends detailed in this article, companies that utilize AI in their business operations should immediately review and modify their compliance programs as necessary to mitigate legal risk and liability exposure.
As AI becomes more embedded in everyday life and business operations, companies are facing a growing regulatory maze at the intersection of state privacy laws and emerging AI standards. This article explores the privacy laws that impact the use of AI and automated decision making and offers a practical guide for business leaders that aligns AI innovation with privacy expectations.
Large amounts of data including personally identifiable information can be compromised in the event that debtors file for bankruptcy, and sell the information to pay back creditors.
Five new state privacy laws took effect in January 2025 — Delaware (DPDPA), Iowa (ICDPA), Nebraska (NDPA), New Hampshire (NHPA), and New Jersey (NJDPA) — adding to the compliance maze for businesses operating across state lines. This latest wave of legislation creates a patchwork of requirements that include critical variations in three key areas: applicability thresholds, covered data categories and enforcement protocols.
In a show of continuity between administrations, the Biden-era Executive Order 14117 — designed to restrict foreign access to Americans’ most sensitive personal data — has been allowed to take effect in the second Trump administration.The Department of Justice’s implementing regulation for this Order, finalized in late December 2024, became enforceable in April 2025.
The New Jersey Data Privacy Act (NJDPA), went into effect this past Jan. 15. The NJDPA represents New Jersey’s entry into the burgeoning field of data privacy laws, as it joins 18 other states that have passed such laws.
While the amount of AI legislation introduced in various states is relatively limited, the scope of issues being legislated is quite broad. Despite the many uncertainties that remain to be clarified, there are actually many parallels between how data privacy laws took shape five years ago, and how AI legislation is developing today.
