New York is joining California in regulating the most advanced forms of artificial intelligence – frontier models – and creating a state-led US AI regulatory approach in the absence of federal legislation....more
4/2/2026
/ Artificial Intelligence ,
California ,
Disclosure Requirements ,
Emerging Technologies ,
Incident Response Plans ,
New Legislation ,
New Regulations ,
New York ,
Penalties ,
Regulatory Oversight ,
Regulatory Reform ,
Regulatory Requirements ,
Reporting Requirements ,
Risk Assessment ,
Risk Management ,
State and Local Government ,
Transparency
On March 23, 2026, the FCC’s Public Safety and Homeland Security Bureau took the sweeping step of adding all “routers produced in a foreign country” to the FCC’s Covered List....more
3/27/2026
/ Critical Infrastructure Sectors ,
Cybersecurity ,
Department of Homeland Security (DHS) ,
FCC ,
Final Rules ,
Foreign Adversaries ,
Government Agencies ,
Imports ,
Infrastructure ,
National Security ,
New Regulations ,
Regulatory Requirements ,
Risk Management ,
Supply Chain ,
Telecommunications
The California attorney general recently announced one of the agency’s largest-ever settlement agreements for alleged noncompliance with the California Consumer Privacy Act (CCPA) and alleged deception of consumers about data...more
3/26/2026
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Data Privacy ,
Data Protection ,
Data-Sharing ,
Enforcement Actions ,
Online Platforms ,
Opt-Outs ,
Penalties ,
Settlement ,
State Attorneys General ,
State Privacy Laws ,
Targeted Digital Advertising ,
Unfair or Deceptive Trade Practices
On March 20, 2026, the White House released its National Policy Framework for Artificial Intelligence ("the Framework") outlining the administration’s recommended federal approach to AI regulation....more
3/26/2026
/ Artificial Intelligence ,
Copyright ,
Data Centers ,
Emerging Technologies ,
Executive Orders ,
Fair Use ,
First Amendment ,
Infrastructure ,
Innovation ,
Intellectual Property Protection ,
National Security ,
New Legislation ,
Online Safety for Children ,
Popular ,
Preemption ,
Proposed Legislation ,
Regulatory Oversight ,
Regulatory Reform ,
Regulatory Requirements ,
State and Local Government
In a significant development for the venture capital community, the California Department of Financial Protection and Innovation (DFPI) announced on March 17, 2026, that it is suspending implementation and enforcement of the...more
3/19/2026
/ California ,
Data Collection ,
Department of Financial Protection and Innovation (DFPI) ,
Diversity and Inclusion Standards (D&I) ,
Government Agencies ,
New Legislation ,
New Regulations ,
Private Investment Funds ,
Proposed Rules ,
Registration Requirement ,
Regulatory Reform ,
Regulatory Requirements ,
Reporting Requirements ,
Rulemaking Process ,
State and Local Government ,
Venture Capital
California’s Fair Investment Practices by Venture Capital Companies Law (FIPVCC), commonly referred to as Senate Bill 54, as amended by SB 164, requires certain venture capital companies (including venture capital funds) with...more
3/9/2026
/ California ,
Covered Entities ,
Data Collection ,
Department of Financial Protection and Innovation (DFPI) ,
Diversity and Inclusion Standards (D&I) ,
Filing Deadlines ,
Investment Funds ,
New Guidance ,
New Legislation ,
New Regulations ,
Registration Requirement ,
Regulatory Requirements ,
Reporting Requirements ,
Venture Capital
On February 25, 2026, the Federal Trade Commission (FTC) issued a policy statement announcing it will exercise discretion with respect to enforcement of the Children’s Online Privacy Protection Act (COPPA) to enable broader...more
3/3/2026
/ Biometric Information ,
Compliance Monitoring ,
Consumer Privacy Rights ,
COPPA ,
Data Collection ,
Data Privacy ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Innovative Technology ,
New Guidance ,
Online Safety for Children ,
Parental Consent ,
Personal Data ,
Personal Information ,
Regulatory Reform
California’s Fair Investment Practices by Venture Capital Companies Law (FIPVCC), commonly referred to as SB 54, as amended by SB 164, requires certain venture capital companies (including venture capital funds) with a...more
1/29/2026
/ California ,
Covered Entities ,
Data Collection ,
Department of Financial Protection and Innovation (DFPI) ,
Diversity and Inclusion Standards (D&I) ,
Filing Deadlines ,
New Guidance ,
New Legislation ,
New Regulations ,
Private Funds ,
Registration Requirement ,
Regulatory Requirements ,
Reporting Requirements ,
State and Local Government ,
Venture Capital
South Korea’s Act on the Development of Artificial Intelligence and Establishment of Trust (AI Basic Act) took effect on January 22, 2026, joining the European Union AI Act as a comprehensive AI regulatory regime....more
1/28/2026
/ AI Act ,
Artificial Intelligence ,
Compliance Monitoring ,
Corporate Counsel ,
Emerging Technologies ,
Enforcement Actions ,
Extraterritoriality Rules ,
High Risk Sectors ,
Impact Assessments ,
New Legislation ,
Regulatory Oversight ,
Regulatory Requirements ,
Reporting Requirements ,
Risk Management ,
South Korea ,
Transparency
The US Department of Justice’s Data Security Program (DSP) has entered a critical phase. As of October 6, 2025, US persons and entities engaged in certain covered data transactions must be fully compliant with the DSP’s due...more
The Federal Reserve (Fed) has devoted its entire Second Issue 2025 of Consumer Compliance Outlook (Outlook) to fraud – a rare, single-topic focus that underscores regulators’ and industry’s heightened concern for addressing...more
On August 22, 2025, the Consumer Financial Protection Bureau (CFPB) published an advance notice of proposed rulemaking (ANPR) seeking public comment on four substantive aspects of its Section 1033 rulemaking under the...more
As the Consumer Financial Protection Bureau (CFPB) and Federal Trade Commission (FTC) scale back rulemaking and enforcement, states are advancing more prescriptive cybersecurity standards for financial institutions, including...more
7/31/2025
/ Consumer Financial Protection Bureau (CFPB) ,
Cybersecurity ,
Data Privacy ,
Data Security ,
Federal Trade Commission (FTC) ,
Financial Institutions ,
New Legislation ,
NYDFS ,
Popular ,
Reporting Requirements ,
State Legislatures
Next month ushers in two new US state comprehensive consumer privacy laws in Tennessee and Minnesota, which become effective on July 1 and July 31, respectively. While these laws track the current plethora of US state...more
This post is one in a series where we discuss the US Department of Justice’s (DOJ’s) bulk sensitive data rule (rule), which prohibits individuals or entities from certain foreign countries, including China, from accessing...more
On March 24, 2025, Virginia Gov. Glenn Youngkin signed into law SB 754, amending the state’s Consumer Protection Act to prohibit businesses from “[o]btaining, disclosing, selling, or disseminating any personally identifiable...more
A new US Department of Justice (DOJ) rule on “Preventing Access to US Sensitive Personal Data and Government-Related Data by Countries of Concern (including China) or Covered Persons” (rule) prohibits and restricts certain...more
On January 10, 2025, the Consumer Financial Protection Bureau (CFPB) initiated rulemaking processes to examine and create a framework regarding data privacy and consumer protections in the digital payments industry. In a...more
1/17/2025
/ Consumer Financial Protection Bureau (CFPB) ,
Consumer Privacy Rights ,
Cryptocurrency ,
Data Privacy ,
Data Security ,
Digital Assets ,
Electronic Fund Transfer Act ,
Financial Services Industry ,
FinTech ,
Payment Systems ,
Popular ,
Regulation E
On December 3, 2024, the Consumer Financial Protection Bureau (CFPB) issued a notice of proposed rulemaking (NPR) – Protecting Americans from Harmful Data Broker Practices. The CFPB’s proposal would amend Regulation V, which...more
As we previously reported, in October 2023, California enacted SB 54, a law requiring venture capital (VC) firms with a nexus to California to report data regarding the diversity of the founding members of the portfolio...more
The Consumer Financial Protection Bureau (CFPB) published a report on November 12, 2024, examining state and federal privacy protections for consumer financial data....more
On October 24, 2024, the Consumer Financial Protection Bureau (CFPB) issued a consumer financial protection circular explaining that background reports, including scores, obtained from third parties and “used by employers to...more
On October 22, 2024, the Consumer Financial Protection Bureau (CFPB) released its long-awaited final rule implementing Section 1033 of the Consumer Financial Protection Act (CFPA) concerning personal financial data rights....more
On September 30, 2024, the Federal Housing Administration (FHA) published a draft Mortgagee Letter (ML) with updated cyber incident reporting requirements and a call for interested stakeholders to provide feedback to the...more
On July 18, 2024, US District Judge Paul Engelmayer of the Southern District of New York issued a detailed 107-page opinion and order dismissing most of the US Securities and Exchange Commission (SEC) case against SolarWinds...more