Companies of all types are deploying chatbots using generative artificial intelligence (GenAI). While these tools offer significant potential benefits, they also present legal and regulatory risks that must be managed. GenAI...more
11/25/2025
/ Artificial Intelligence ,
Bots ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Consumer Protection Laws ,
COPPA ,
Data Privacy ,
Disclosure Requirements ,
Enforcement Actions ,
Regulatory Requirements ,
Risk Management ,
State Privacy Laws ,
Wiretap Act ,
Wiretapping
The regulatory environment has transformed cybersecurity failure into a core legal, financial, and compliance risk. Today, organizations must navigate a complex maze of conflicting deadlines across state and federal...more
11/21/2025
/ California Consumer Privacy Act (CCPA) ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Data Breach ,
DFARS ,
False Claims Act (FCA) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Incident Response Plans ,
Regulatory Requirements ,
Reporting Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC)
Cybersecurity risks are evolving, in part because bad actors – including scammers and fraudsters – are leveraging widely available artificial intelligence (AI) tools for nefarious purposes. In the escalating fraud landscape,...more
11/13/2025
/ Artificial Intelligence ,
Best Practices ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Protection ,
Data Security ,
Financial Crimes ,
FinCEN ,
Fraud ,
Identity Theft ,
Information Sharing ,
Know Your Customers ,
Phishing Scams ,
Ransomware ,
Risk Management ,
Risk Mitigation
The New York State Department of Financial Services (DFS) recently announced a $19 million aggregate penalty against eight auto insurance companies for violations of its cybersecurity regulation. As a result of inadequate...more
10/21/2025
/ Compliance ,
Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Data Security ,
Department of Financial Services ,
Enforcement Actions ,
Insurance Industry ,
NYDFS ,
Penalties ,
Regulatory Requirements ,
Reporting Requirements ,
Risk Management
New state laws aimed at age verification and parental consent for online apps will take effect in 2026, imposing significant compliance obligations and raising enforcement risks for app developers as well as app stores....more
10/16/2025
/ App Developers ,
COPPA ,
Enforcement Actions ,
Minors ,
Mobile Apps ,
New Legislation ,
Online Safety for Children ,
Parental Consent ,
Privacy Laws ,
Private Right of Action ,
Regulatory Requirements ,
Software Developers ,
State Attorneys General ,
State Legislatures ,
State Privacy Laws ,
Telecommunications
Following several years of intensive rulemaking, the California Privacy Protection Agency (CPPA) has finalized new regulations under the California Consumer Privacy Act (CCPA) that govern three critical areas: (1) mandatory...more
10/9/2025
/ Artificial Intelligence ,
Audits ,
Automated Decision Systems (ADS) ,
California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
New Regulations ,
Regulatory Requirements ,
Risk Assessment ,
Risk Management
In response to 2024 legislative amendments to the Colorado Privacy Act (CPA), Colorado’s Department of Law (CO DOL) has issued a Notice of Proposed Rulemaking, proposing draft amendments to the CPA rules (Proposed Rules)...more
8/18/2025
/ Colorado ,
Comment Period ,
Consent ,
Consumer Privacy Rights ,
Data Privacy ,
Data Protection ,
Minors ,
Notice of Proposed Rulemaking (NOPR) ,
Online Safety for Children ,
Personal Data ,
Proposed Rules ,
Rulemaking Process ,
State Privacy Laws
President Trump issued a cybersecurity Executive Order, “Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity” (Trump EO), along with a corresponding Fact Sheet on June 6, 2025. The Trump EO clears some of the...more
6/16/2025
/ Artificial Intelligence ,
Biden Administration ,
China ,
Cloud Computing ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Executive Orders ,
Federal Contractors ,
FedRAMP ,
Government Agencies ,
Internet of Things ,
National Security ,
National Security Agency (NSA) ,
NIST ,
OMB ,
Popular ,
Regulatory Reform ,
Software ,
Supply Chain ,
Trump Administration
State enforcement agencies are keeping the pressure on businesses, with two new enforcement actions announced this week in California and Texas. This activity signals to companies – both within and outside of the United...more
This week in our March Privacy Forecast, we discuss privacy and data security enforcement trends at the state and federal levels. Particularly as state privacy laws continue to expand and evolve, companies should understand...more
This week in our March Privacy Forecast, we discuss a growing trend at both the federal and the state level – new laws and regulations that specifically target data brokers.
At the federal level, two new legal frameworks...more
With 13 comprehensive state privacy laws already in effect, the state privacy law landscape is complex. While there are several common threads throughout many of these frameworks that can allow companies to implement a...more
Welcome to our new series, the March Privacy Forecast. In this weekly series, during the month of March, we will delve into the evolving landscape of data privacy, explore new laws, proposed legislation and enforcement...more
3/10/2025
/ Consent ,
COPPA ,
Data Privacy ,
Data Protection ,
Federal Trade Commission (FTC) ,
New Legislation ,
Online Safety for Children ,
Personal Data ,
Privacy Laws ,
Sensitive Personal Information ,
State Privacy Laws
As we enter the New Year, Wiley is looking ahead to the top privacy developments and trends to watch in 2025. On the state side, 2025 kicked off with several new privacy laws going into effect in January, and states continue...more
1/9/2025
/ Biometric Information ,
Consumer Privacy Rights ,
Corporate Counsel ,
Data Brokers ,
Data Privacy ,
Data Protection ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Personal Data ,
Privacy Laws ,
State Attorneys General ,
State Privacy Laws
On October 16, 2024, the Federal Trade Commission (FTC or Commission) announced its adoption of a final “click-to-cancel” Rule that regulates both sign-up and cancellation processes for subscriptions or other recurring...more
The Texas Attorney General’s (AG) office announced its first enforcement action under a new children’s and teens’ state privacy law that went into effect a mere month ago. Texas’ Securing Children Online Through Parental...more
10/8/2024
/ Chat Rooms ,
Corporate Counsel ,
Data Sellers ,
Data-Sharing ,
Digital Service Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Message Boards ,
Minors ,
Online Safety for Children ,
Personal Information ,
Social Media ,
State Attorneys General ,
State Privacy Laws ,
Texas ,
TikTok