Unique Insights on Privacy and Data Protection Worldwide
On November 19, 2025, the EU Commission (Commission) published a set of legislative proposals to introduce more flexibility into a number of EU digital regulations, including:
On November 6, 2025, the California, Connecticut, and New York Attorneys General (collectively, the “Attorneys General”) announced a settlement with Illuminate Education, Inc. to resolve allegations that the company violated state privacy laws following a student data breach. The settlement marks the first enforcement actions under the California K-12 Pupil Online Personal Information Protection Act (KOPIPA, formerly known as SOPIPA) and Connecticut’s Student Data Privacy Law, and also constitutes the second major enforcement action under New York Education Law § 2-d.Continue Reading EdTech Provider Agrees to $5.1 Million Settlement with Three State Attorneys General over Student Data Breach
The federal government has been shut down for over a month. We previously reported on implications for the Federal Trade Commission’s (FTC) antitrust work here. What does the shutdown mean for the FTC’s consumer protection, privacy, safety, and AI work?Continue Reading What’s Happening at the FTC During the Government Shutdown?
On October 13, 2025, California concluded a busy legislative term by enacting a slew of key privacy and AI-related bills, aimed at enhancing consumer protection and regulating emerging AI technology applications. These measures address a range of critical issues, including consumer opt-out signals, data broker transparency requirements, age assurance, minors’ safety, companion chatbots, and AI development. We summarize some of the most significant of these privacy and AI bills that were signed into law by California Governor Gavin Newsom, below.Continue Reading California Enacts Nearly a Dozen Key Privacy and AI Bills into Law
On October 9, 2025, the European Commission (EC) and the European Data Protection Board (EDPB) published Draft Guidance on the interplay between the Digital Markets Act (DMA) and the General Data Protection Regulation (GDPR, and the Draft Guidance).Continue Reading Connecting Competition and Privacy: EU Regulators Release Draft Guidance on DMA and GDPR Interplay
Introduction
Artificial intelligence (AI) is increasingly being used in mental healthcare for functions such as clinical decision support, notetaking and transcription, symptom screening and triage, administrative and operational improvements, augmenting the provider-patient relationship, post-visit remote monitoring, and companionship.Continue Reading Legal Framework for AI in Mental Healthcare
