Inside Privacy

Updates on developments in data privacy and cybersecurity

Subscribe via RSS
Visit Blog

Blog Authors

ABCDEFGHIJKLMNOPQRSTUVWXYZ
Wade Ackerman
Christopher Adams
Bolatito Adetula
Christian Ahlborn
Gustavo Akkerman
Samar Amidi
Fredericka Argent

Latest from Inside Privacy

A federal court recently addressed whether plaintiffs alleging misleading commercial email practices in violation of Washington’s Commercial Electronic Mail Act (“CEMA”) have Article III standing to pursue claims. The ruling suggests that alleged violations of CEMA, standing alone, could constitute a concrete injury for Article III standing, where the asserted harm aligns with the statute’s

On May 28, 2026, the European Union Agency for Cybersecurity (“ENISA”) published the third edition of its NIS360 report, an annual benchmarking tool that assesses the cybersecurity maturity of entities in the sectors set out in Annex I of the NIS2 Directive (which includes certain entities in the energy, transport, healthcare, digital infrastructure, and

On 20 May 2026, Brazil adopted Presidential Decree No. 12,976, establishing a comprehensive framework to address violence against women online. Adopted alongside a parallel decree (No. 12,975) reforming intermediary liability, it reflects a more assertive approach to regulating online harms, including those driven or amplified by AI. Together, these measures will require

On June 2, 2026, the White House issued an executive order titled “Promoting Advanced Artificial Intelligence Innovation and Security” (the “Order”).  The Order reflects the Administration’s stated policy of advancing U.S. leadership in artificial intelligence (“AI”) while addressing national security risks associated with increasingly capable AI systems.  To accomplish these policy goals, the

Last month, the Illinois Department of Human Rights (“IDHR”) released draft regulations addressing employers’ use of AI in employment decisions and invited public comment. The IDHR will hold a hearing on the draft regulations on June 10, and the public comment period will close on June 29.

Background

HB 3773 (the “Amendment”), which amended

On May 27, 2026, the Connecticut governor signed SB 4, an omnibus privacy law, which among other things, amends the Connecticut Data Privacy Act (“CTDPA”), establishes a data broker registry and accessible deletion mechanism, imposes restrictions on the use of price setting devices and surveillance pricing, and creates requirements for direct-to-consumer genetic testing companies.

Earlier this month, the Cybersecurity & Infrastructure Security Agency (CISA), in collaboration with the National Security Agency and other international partners, released guidance for organizations on adopting agentic artificial intelligence systems (i.e., systems composed of one or more agents that fundamentally rely on an AI model, such as an LLM, to interpret and reason about

On May 11, 2026, the Department of Justice, acting on notification from the Federal Trade Commission, and the Illinois Attorney General, filed a complaint against “Premium Home Service” and its owner for alleged violations of Section 5 of the FTC Act, the Consumer Reviews Rule, and the Gramm-Leach-Bliley Act (GLB Act).  The Complaint seeks injunctive