May 2026

On 7 May 2026, negotiators from the Council of the European Union, the European Parliament, and the European Commission reached a provisional agreement on the terms of the Digital Omnibus on AI, marking the first set of amendments to the EU AI Act since its adoption in June 2024. The final package of amendments reflects

As we previously covered, the Tenth Circuit in Cline v. Sunoco, Inc. (R&M), 159 F.4th 11711 (10th Cir. 2025) adopted the majority view that “administrative feasibility” for identifying class members is not an independent requirement for certifying a class under Rule 23.  Instead, the Tenth Circuit held that ascertainability only requires the party moving

On May 7, 2026, the Department of Defense (“DoD”) issued a proposed rule that would fundamentally expand the scope of foreign ownership, control, or influence (“FOCI”) disclosure and risk mitigation requirements for a significant number of companies that serve the national defense. The proposed rule, together with DoD Instruction (“DoDI”) 5205.87 (issued in 2024), would

On May 1, the Connecticut legislature passed an artificial intelligence (“AI”) safety, transparency, and consumer protection bill (“SB 5”). While the Colorado legislature takes steps to streamline existing requirements for developers and deployers of AI systems, Connecticut has passed a multi-part framework that will impose requirements on large frontier developers, operators of AI companions, developers

Over one year ago, on May 2, 2025, the FAR Council took the first concrete step in the administration’s “Revolutionary FAR Overhaul” (“RFO”) initiative by issuing the initial round of rolling model deviation guidance—a deliberate move to translate reform of the Federal Acquisition Regulation (“FAR”) from an abstract policy goal into acquisition text.  That moment

The European Commission (“Commission”) has launched a four-week feedback period — open until June 3, 2026 — on a draft delegated act to revise the European Sustainability Reporting Standards (“ESRS 2.0”).  Ultimately, EU companies in scope of the EU’s Corporate Sustainability Reporting Directive (“CSRD”) will have to draft their annual sustainability statements in accordance with

On April 17, 2026, the Italian data protection authority (the “Garante”) published Provision No. 284 setting out guidelines on the use of “tracking pixels” in emails (the “Guidelines”). This publication closely follows the recommendation issued by the French data protection authority on the same topic, which is discussed in a separate blog post available here

On 30 April, the UAE adopted Cabinet Decision No. (59) of 2026 (“the 2026 Executive Regulations”), setting out the executive regulations for Federal Decree-Law No. (36) of 2023 on the Regulation of Competition. The 2026 Executive Regulations replace the previous implementing regulations adopted in 2014 under the former UAE competition law. They are expected to

The European Commission has set a clear timeline for rolling out age verification across the EU:

  • by June 30, 2026, Member States are encouraged to submit implementation plans; and
  • by December 31, 2026, at least one EU‑compliant age verification solution should be available in each Member State.

This timeline, set out in the Commission’s (non-binding)