On October 13, 2025, California concluded a busy legislative term by enacting a slew of key privacy and AI-related bills, aimed at enhancing consumer protection and regulating emerging AI technology applications. These measures address a range of critical issues, including consumer opt-out signals, data broker transparency requirements, age assurance, minors’ safety, companion chatbots, and AI
Is a CCPA “Risk Assessment” Required When Using Dashcams?
Key Takeaways
- Outlines basic steps to determine whether a business may need to perform a risk assessment under the California Consumer Privacy Act (CCPA) in connection with its use of dashcams
- Provide a resource for exploring the basic requirements for conducting and reporting risk assessments
If you have not reviewed the recently approved, updated CCPA
Happy Cyber Awareness Month
Happy October and Cyber Awareness Month! While October ends with ghosts and goblins and other scary monsters for Halloween, the entire month of October is dedicated to raising awareness of cyber security and preventing (and if necessary responding to) cyber security incidents.
It is hard in this day and age not to be aware of
Building Cybersecurity Programs That Meet Privacy Regulations
October has rolled around again. It’s a month that marks two big events: Cybersecurity Awareness Month and Halloween.
But if you think we’re going to play off horror movie tropes to talk about the importance of cybersecurity, surprise! We’re taking things in another direction this year. Instead of scary scenarios, we’re going to talk about
Legal Framework for AI in Mental Healthcare
Introduction
Artificial intelligence (AI) is increasingly being used in mental healthcare for functions such as clinical decision support, notetaking and transcription, symptom screening and triage, administrative and operational improvements, augmenting the provider-patient relationship, post-visit remote monitoring, and companionship.
Your Year-end U.S. Privacy “To Do” List – don’t wait until the holiday crush to become 2026-ready
The California Consumer Privacy Act (CCPA) requires that privacy notices be updated annually, and that the detailed disclosures it proscribes be in those notices reflect the 12-month period prior to the effective (posting) date. Interestingly, failure to make annual updates was one of several alleged CCPA violations that resulted in a recent $1.35 Million administrative
AI Adoption Surges Among S&P 500 Companies—But So Do the Risks
According to Cybersecurity Dive, artificial intelligence is no longer experimental technology as more than 70% of S&P 500 companies now identify AI as a material risk in their public disclosures, according to a recent report from The Conference Board. In 2023, that percentage was 12%.
The article reports that major companies are no longer
Why Security Awareness Training Matters
New CCPA Rules Are Here: Is Your Business Ready for What’s Next?
In a significant step toward strengthening consumer privacy protections, the California Privacy Protection Agency (CPPA) board has officially adopted a comprehensive set of updates to the California Consumer Privacy Act (CCPA) regulations. These long-anticipated regulations—covering cybersecurity audits, risk assessments, and automated decision-making technology (ADMT)—mark a pivotal shift in the state’s data privacy enforcement landscape.
Italy’s Law No. 132/2025 on Artificial Intelligence
On September 23, 2025, Italy adopted Law no. 132/2025 on Artificial Intelligence (AI). The law will enter into force on 10 October 2025 and aims, inter alia, to complement the Regulation EU 2024/1689 (EU AI Act).