Inside Privacy

Website: https://www.insideprivacy.com/
Follow:

Inside Privacy Blogs

Inside Privacy

Blog Authors

ABCDEFGHIJKLMNOPQRSTUVWXYZ
Wade Ackerman
Christopher Adams
Bolatito Adetula
Jasmine Agyekum
Christian Ahlborn
Samar Amidi
Fredericka Argent

Latest from Inside Privacy

The Cybersecurity Information Sharing Act of 2015 (“CISA 2015”), which provides liability protections and other safeguards for sharing certain cybersecurity information with the U.S. federal government and private entities, was reauthorized as part of the funding bill enacted on February 3, 2026. CISA 2015’s information‑sharing provisions, which had been scheduled to sunset on January 30

The Federal Trade Commission (FTC) is poised to re-start a rulemaking process regarding disclosures and requirements for subscription and auto-renewing products and services.  On January 30, 2026, the FTC submitted a draft Advance Notice of Proposed Rulemaking (ANPRM) on the Rule Concerning the Use of Prenotification Negative Option Plans (the Rule), commonly known as the

AI agents have arrived. Although the technology is not new, agents are rapidly becoming more sophisticated—capable of operating with greater autonomy, executing multi-step tasks, and interacting with other agents in ways that were largely theoretical just a few years ago. Organizations are already deploying agentic AI across software development, workflow automation, customer service, and e-commerce,

On his last day in office, January 20, 2026, former New Jersey Governor Phil Murphy signed an amendment to the New Jersey Data Privacy Act, A5017. The bill amends the state’s comprehensive privacy law to add new data- and entity-level exemptions and to expand the definition of de-identified data. The amendment took effect immediately.

Following a trend from the past few years, several states have introduced bills related to genetic privacy in recent months. These bills have focused on a range of issues, including the privacy practices of direct-to-consumer (“DTC”) genetic testing companies, the national security implications of “foreign adversaries” accessing genetic information, and other topics related to genetic

As 2026 gets underway, the European Union enters a pivotal year for data protection, AI governance, and cybersecurity regulation, among other matters. EU institutions and national authorities are expected to progress a number of significant digital‑policy files, roll‑out new cyber‑resilience obligations, and make transparency in the privacy space a top priority. Below is an overview

On 20 January 2026, the European Commission published a proposal to amend the Directive (EU) 2022/2555 (NIS2) as part of a broader package to streamline the EU’s cybersecurity framework. The Commission also issued a proposal to revise the EU Cybersecurity Act (CSA2), which we cover in a separate blog post.

The proposed amendments build

On 20 January 2026, the European Commission published a proposal for a Regulation to update and replace the Cybersecurity Act (Regulation 2019/881). The proposal—known as the Cybersecurity Act 2 (CSA2)—forms part of a wider package aimed at modernizing and streamlining the EU’s cybersecurity framework and is closely linked to the Commission’s parallel proposal to amend

On January 8, 2026, the California Privacy Protection Agency (“CalPrivacy”) announced an enforcement action against Rickenbacher Data LLC (d/b/a “Datamasters”), an information reseller, for failing to register as a data broker under the California Delete Act.  Datamasters agreed to pay a $45,000 administrative fine, among other remedial measures.  In November, CalPrivacy launched a Data Broker