Privacy Day 2026: Why trust is the new competitive advantage
Every year, Privacy Day gives organizations a moment to pause and reflect on how rapidly the data landscape is shifting, but 2026 feels different. The conversation has moved beyond compliance checklists and breach headlines. Privacy is moving beyond legal, shaping customer expectations, regulatory strategy, and even the pace of innovation. Today, even business teams are
What to Watch in 2026: Key EU Privacy & Cybersecurity Developments
As 2026 gets underway, the European Union enters a pivotal year for data protection, AI governance, and cybersecurity regulation, among other matters. EU institutions and national authorities are expected to progress a number of significant digital‑policy files, roll‑out new cyber‑resilience obligations, and make transparency in the privacy space a top priority. Below is an overview
What Does My Inbox Say About Privacy These Days?
I realized that the super random variety of emails, LinkedIn messages, and phone calls that I have weekly offers a unique lens into what’s happening in privacy.
People always ask me, what are other companies doing? So, I figured what better place than this privacy perspective newsletter to share what I’m seeing and what it
California AI and Privacy Legislation Update – January 2026
The new year is off to a quick start. February looms. Businesses are beginning to settle into 2026, and some trends (or at least outlines of such) are beginning to emerge. Businesses are digesting the AI and privacy bills that were signed into law last Fall. California Invasion of Privacy Act (CIPA) litigation shows no
Rhode Island’s New Privacy Law: An Overview and Highlighted Differences
As in Indiana and Kentucky, the start of 2026 brought into effect Rhode Island’s comprehensive consumer privacy law, the Rhode Island Data Transparency and Privacy Protection Act (RIDTPPA). This statute is not simply a replica of what has come before it.
While much of its terminology and mechanics will feel familiar to organizations already
Why Data Inventories Fail (and What Privacy Teams Actually Need Instead)
While I know you’re excited to read ALL about data inventories, I’m most excited to tell you that I’ve been recording a training session all week in California. It’s something I’ve been working on for over a year, and I can’t wait to have it released soon!
Oh, and if you want to hear all
What to Expect in AI Regulation in 2026
The past year set up a clear clash between federal deregulatory efforts and state-level AI rulemaking, and 2026 is poised to be the year that conflict materializes in earnest. The Trump Administration signaled a strong preference for scaling back AI-specific rules while exploring avenues to preempt state and local measures, even as a growing number
The Hidden Legal Minefield: Compliance Concerns with AI Smart Glasses, Part 4: Data Security, Breach Notification, and Third-Party AI Processing Risks
As we have discussed in prior posts, AI-enabled smart glasses are rapidly evolving from niche wearables into powerful tools with broad workplace appeal — but their innovative capabilities bring equally significant legal and privacy concerns.
- In Part 1, we addressed compliance issues that arise when these wearables collect biometric information.
- In Part 2,
HHS Proposes Changes to the Health IT Certification Program and Information Blocking Regulations in HTI-5 Proposed Rule
On December 29, 2025, the U.S. Department of Health and Human Services (“HHS”), through the Assistant Secretary for Technology Policy (“ASTP”)/Office of the National Coordinator for Health Information Technology (“ONC”) (collectively, “ASTP/ONC”), issued a proposed rule to update its Health Data, Technology, and Interoperability (“HTI”) regulations, as well as a notice to withdraw prior proposals