Privacy & Data Protection
GDPR, CCPA, state privacy laws, data breach litigation, and data governance
AI Use Threatens Privilege and HIPAA in Legal, Healthcare Sectors
Court rulings and expert warnings reveal that using AI tools may waive attorney-client privilege and breach HIPAA, pushing legal and healthcare professionals to overhaul compliance policies.
States Crack Down on Mishandled Data Opt-Outs, Signal Enforcement Shift
U.S. states step up enforcement of consumer opt-out rights under new privacy laws, targeting businesses that hinder or ignore data sale and targeted ad opt-outs.
Cushman & Wakefield Hit by Breach; Client Data Targeted in Twin Cyber Claims
Cushman & Wakefield confirms client data breach after cybercriminals claim access to Salesforce records. Legal teams face immediate risks under global data privacy laws.
Spanish Supreme Court Expands GDPR Compliance to Data Request Stage
A Spanish Supreme Court ruling holds GDPR applies from the moment data is requested, not just received, impacting U.S. firms handling cross-border EU data.
EFF Urges Stronger Digital Rights Protections in EU Fairness Act
The EFF published recommendations to shape the EU's Digital Fairness Act, urging stronger digital rights protections as new regulations with global impact take form.
OCR Fines Health Plan $245K Over HIPAA Lapses After Ransomware Breach
OCR fined a self-funded group health plan $245,000 for HIPAA failures after a ransomware breach, signaling stricter enforcement. Legal leaders face new risk analysis scrutiny.
Texas Supreme Court Tightens Public Info Act Deadlines for Confidential Data
The Texas Supreme Court clarifies strict deadlines under the Public Information Act, raising stakes for legal and privacy teams defending confidential information at TCEQ.
Colorado, Michigan Advance Child and Consumer Data Privacy Laws
In May 2026, Colorado and Michigan moved forward with key children’s privacy laws, increasing compliance stakes for tech companies and legal teams.
Maryland Bans AI-Driven Pricing in Groceries, Setting US Precedent
Maryland is first in the US to ban AI-powered dynamic pricing in grocery retail and delivery, marking a major step for legal compliance and AI governance.
Amazon’s Woot Faces Lawsuit Over Facebook Tracking Technology
Woot, an Amazon subsidiary, is sued for allegedly using hidden pixel tracking to link shopper data to Meta, raising compliance and litigation risks for e-commerce legal teams.
Tempus AI Faces Consolidated Lawsuits Over Genetic Data Sharing
Tempus AI is facing consolidated class-action lawsuits over alleged mishandling of Ambry Genetics' data, spotlighting privacy and compliance risks in healthcare AI mergers.
California Targets Employer Data Rules in Major CCPA Overhaul
California launches new rulemaking under the CCPA aimed at employee data protection, raising the stakes for employer privacy compliance strategies statewide.
Georgia Court Sets Higher Bar for Standing in Data Breach Cases
A federal judge in Georgia dismissed a class action over the Bitcoin Depot breach, ruling that speculative risk of identity theft is not enough for standing.
Supreme Court: Nonprofit Can Sue over Subpoena for Donor Info
The Supreme Court grants standing to First Choice Women’s Resource Centers to challenge a New Jersey subpoena seeking donor identities, clarifying donor privacy rights.
Congress Unveils SECURE and GUARD Privacy Bills, Eyes National Data Standard
House Republicans introduce SECURE and GUARD privacy bills, aiming for a uniform federal standard—impacting compliance strategies for companies nationwide.
Second Circuit nixes NBCUniversal VPPA pixel lawsuit
The Second Circuit affirmed the dismissal of a VPPA tracking pixel class action against NBCUniversal, joining prior rulings that limit media companies' privacy litigation exposure.
Virginia Bans Sale of Precise Geolocation Data Under New Privacy Law
Virginia becomes the third state to ban the sale of precise geolocation data with SB338, expanding the VCDPA. The move impacts compliance for businesses and privacy counsel.
Federal judge backs Pennsylvania voter roll internet sharing ban
A federal court upheld Pennsylvania’s ban on publishing voter registration rolls online, reinforcing state privacy protections but limiting nonprofit online access.
Supreme Court Scrutinizes Geofence Warrants and Digital Privacy
The U.S. Supreme Court examines the constitutionality of geofence warrants, weighing privacy rights against law enforcement needs in a pivotal digital privacy case.
Maine Governor Vetoes Bill on Automatic Criminal Record Sealing
Governor Janet Mills vetoed L.D. 1911, halting Maine’s proposed automatic sealing of some criminal records and underscoring policy and legal concerns that matter for reform advocates.