The first updates to the COPPA Rule since 2013 impose new obligations for sharing children’s personal information with third parties.
On April 22, 2025, the Federal Trade Commission (FTC or Commission) published the final...more
5/15/2025
/ Amended Regulation ,
Biometric Information ,
Compliance Dates ,
COPPA ,
Data Privacy ,
Data Security ,
Data-Sharing ,
Federal Trade Commission (FTC) ,
Online Safety for Children ,
Parental Consent ,
Personal Information
Companies with B2C or B2B recurring payment programs that include negative option terms now have until July 14, 2025, to ensure their disclosure, consent, and cancellation practices are compliant with the Negative Option...more
Companies with B2C or B2B recurring payment programs that include negative option terms should review their disclosure, consent, and cancellation practices to ensure compliance with the rule....more
5/9/2025
/ Auto-Renewal ,
Automatic Renewals ,
B2B Transactions ,
Compliance ,
Consumer Protection Laws ,
Disclosure Requirements ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Final Rules ,
FTC Act ,
Negative Option Rule ,
Regulatory Requirements ,
Subscription Services ,
Unfair or Deceptive Trade Practices
New DOJ guidance helps companies understand their obligations under the DSP, which could severely impact investment agreements and ordinary commercial data transactions.
On April 11, 2025, the US Department of Justice...more
The order prioritizes extensive policy reviews, the introduction of a National Resilience Strategy and National Risk Register, and increased reliance on state and local governments to strengthen national infrastructure....more
The new unit aims to protect retail investors and foster innovation by addressing cyber-related misconduct and emerging technology fraud....more
2/24/2025
/ Artificial Intelligence ,
Blockchain ,
Cryptoassets ,
Cybersecurity ,
Digital Assets ,
FinTech ,
Fraud ,
Investors ,
Machine Learning ,
Retail Investors ,
Securities and Exchange Commission (SEC)
The EU AI Act came into effect on 1 August 2024, and the first obligations under the Act will become applicable from 2 February 2025. Providers and deployers of AI systems must ensure that their employees and contractors...more
The Draft Code sets out various obligations relating to transparency, copyright compliance, and management of systemic risks for providers of GPAI models....more
Now that the EU AI Act has come into force, companies deploying high-risk artificial intelligence (AI) systems in the European Union (EU) must prepare to navigate a complex landscape of new obligations by 2 August 2027. This...more
The EU AI Office has just published a consultation on the topics that should be covered by the first general-purpose AI (GPAI) Code of Practice and a call for interest to participate in drafting the Code....more
Artificial intelligence (AI) has become an indispensable tool, but with the rapid advancement in the technology has come a rise in electricity demand, drawing regulatory attention on the natural resources that AI requires....more
7/22/2024
/ Artificial Intelligence ,
Biden Administration ,
Climate Change ,
Electricity ,
Environmental Policies ,
Environmental Social & Governance (ESG) ,
Executive Orders ,
Infrastructure ,
NIST ,
Proposed Legislation ,
Regulatory Oversight ,
Risk Management
Today marks a significant milestone in the regulation of artificial intelligence (AI) as the European Union (EU) AI Act is published in the EU Official Journal. This landmark legislation establishes the world’s first...more
After three years of legislative debate, the Council of the European Union cast its final vote on the European Union (EU) Artificial Intelligence (AI) Act on 21 May 2024. Once published in the EU Official Journal in June, the...more
Businesses need to be proactive in updating their compliance measures to meet the ever-evolving set of privacy laws and regulatory expectations in 2024 and beyond.
Following the notable uptick in state-level privacy laws...more
5/21/2024
/ Compliance ,
Consumer Privacy Rights ,
Data Brokers ,
New Legislation ,
Personal Data ,
PHI ,
Privacy Laws ,
Proposed Legislation ,
Regulatory Requirements ,
Sensitive Personal Information ,
State Privacy Laws
Companies should consider how new AI risk standards may align to their operations and whether to comment on the draft standards to shape their development.
On April 29, 2024, the White House announced that several federal...more
5/14/2024
/ Artificial Intelligence ,
Biden Administration ,
Centers for Medicare & Medicaid Services (CMS) ,
Department of Health and Human Services (HHS) ,
Department of Homeland Security (DHS) ,
Executive Orders ,
Health Care Providers ,
Innovative Technology ,
Machine Learning ,
NIST ,
Proposed Regulation ,
Proposed Standards ,
Technology Sector ,
USPTO
Questions around the governance of artificial intelligence (AI) have come to the fore via recent, prominent US shareholder proposals and first-of-their kind enforcement actions, which we describe in depth here. It is in this...more
A new proposed rule would prohibit impersonating individuals or knowingly providing tools for unlawful impersonation — dramatically expanding the FTC’s AI enforcement capabilities.
On February 15, 2024, the Federal Trade...more
The agency offers a practical test with examples for determining patentability of AI-assisted inventions that is grounded in feedback from stakeholders.
In its continuing effort to respond to President Biden’s AI-related...more
On December 20, 2023, the Federal Trade Commission (FTC or Commission) issued a Notice of Proposed Rulemaking (Notice) recommending amendments to the Children’s Online Privacy Protection Rule (COPPA Rule or Rule).
The FTC...more
1/11/2024
/ COPPA ,
Data Protection ,
Data Retention ,
Data Security ,
Federal Trade Commission (FTC) ,
NPRM ,
Online Platforms ,
Online Safety for Children ,
Parental Consent ,
Personally Identifiable Information ,
Proposed Rules ,
Websites
The agency’s latest report and recent statements indicate its potential enforcement and regulatory priorities regarding artificial intelligence.
On December 18, 2023, the Federal Trade Commission (FTC) released a report...more
1/3/2024
/ Artificial Intelligence ,
Biden Administration ,
Competition ,
Consumer Protection Laws ,
Copyright ,
Enforcement Authority ,
Executive Orders ,
Federal Trade Commission (FTC) ,
Information Reports ,
Innovative Technology ,
Machine Learning ,
Popular ,
Unfair Competition
The Order marks an ambitious effort to stand up a whole-of-government approach to encouraging the benefits and managing the risks of artificial intelligence, with many of its most significant private-sector implications...more
11/6/2023
/ Artificial Intelligence ,
Biden Administration ,
Consumer Financial Protection Bureau (CFPB) ,
Covered Entities ,
Defense Production Act ,
Department of Health and Human Services (HHS) ,
Department of Labor (DOL) ,
Department of Transportation (DOT) ,
Enforcement ,
Executive Orders ,
Federal Trade Commission (FTC) ,
HUD ,
National Security ,
NIST ,
Private Sector ,
Public Agencies ,
Public Sector ,
Regulatory Agenda ,
Regulatory Oversight ,
Risk Management ,
U.S. Commerce Department
The California Attorney General’s investigative sweep is a potential harbinger of increased focus on employers’ data privacy compliance with respect to employee data.
On July 14, 2023, the California Attorney General...more
7/20/2023
/ Artificial Intelligence ,
Automation Systems ,
B2B Organizations ,
Biometric Information Privacy Act ,
California Consumer Privacy Act (CCPA) ,
Compliance ,
Data Collection ,
Data Privacy ,
Employee Monitoring ,
Employee Privacy Rights ,
Employees ,
Enforcement Priorities ,
Fair Credit Reporting Act (FCRA) ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Job Applicants ,
Notice Requirements ,
State Attorneys General
A California court has held that the regulations the California Privacy Protection Agency adopted in March 2023 may not be enforced until March 2024.
On June 30, 2023, a day before the California Consumer Privacy Act...more
Cybersecurity incidents pose legal challenges for in-house counsel, alongside their technical implications. This overview highlights key aspects that legal departments must know when reacting to data breaches.
...more
The stringent law introduces several novel obligations and a unique approach to determining applicability that may broaden its reach.
On June 18, 2023, Texas enacted the Texas Data Privacy & Security Act (TDPSA), which...more
6/21/2023
/ Consumer Privacy Rights ,
Cross-Border Transactions ,
Data Privacy ,
Goods or Services ,
NAICS ,
New Legislation ,
Personal Data ,
SBA ,
Sensitive Personal Information ,
Small Business ,
State Privacy Laws