On December 22, the Federal Trade Commission (“FTC”) issued an order setting aside its 2024 final consent order against Rytr, LLC (“Rytr”) on the grounds that the facts alleged in the Rytr complaint did not violate Section 5. The Commission further found that the Rytr order did not provide any benefit to consumers and thus unduly
2026 Year in Preview: Global Minors’ Privacy and Online Safety Predictions
In 2025, lawmakers and enforcement agencies around the globe have kept one issue firmly in the spotlight: the privacy and safety of minors online. This heightened focus shows no sign of abating, with early indications that companies should expect to see more legislative and regulatory initiatives in the year ahead.
In this post, we identify
Welcome to Privacy Perspectives
As someone who’s been in the privacy world for the better part of the last decade, I think 2026 is going to be a pivotal year. In fact, I think that there are some big things coming that could completely shake everything up.
I’m always asked what am I seeing in the privacy space? What
German Government Proposes GDPR Reform to Shift Responsibility to Manufacturers
On December 4, 2025, the German Federal Government published its Federal Modernization Agenda, setting out a series of suggested amendments to the GDPR and the Federal Data Protection Act (Bundesdatenschutzgesetz). Among the key measures, Germany seeks to shift certain responsibilities from users to manufacturers and providers of standard IT products—following the model of the
NIST Publishes Preliminary Draft of Cybersecurity Framework Profile for Artificial Intelligence for Public Comment
On December 16, 2025, the U.S. National Institute of Standards and Technology (“NIST”) published a preliminary draft of the Cybersecurity Framework Profile for Artificial Intelligence (“Cyber AI Profile” or “Profile”). According to the draft, the Cyber AI Profile is intended to “provide guidelines for managing cybersecurity risk related to AI systems [and] identify[] opportunities for
The Intersection of Privacy and AI Governance: What Companies Need to Know
Let’s say your marketing team needs better deadline tracking for its social media campaigns.
Instead of adapting the project management system the company already uses—the one with established workflows, integrations, and historical data—the marketing department goes all in on a new tool specifically “built for marketing teams.”
Now marketing is entering deadlines in two places,
On the Tenth Day of Data… Looking Back at 2025 and Ahead to NYDFS Enforcement Priorities in 2026
While 2025 may have brought questions about the level of enforcement we would see from federal regulators, there was no question that state regulators would continue to be active, especially in the financial privacy space. In 2025, we saw the New York Department of Financial Services (NYDFS) implement the final phases of amendments to its
The Hidden Legal Minefield: Compliance Concerns with AI Smart Glasses, Part 3 –Privacy, Surveillance, and Labor Law Violations
As we have discussed in prior posts, AI-enabled smart glasses are rapidly evolving from niche wearables into powerful tools with broad workplace appeal — but their innovative capabilities bring equally significant legal and privacy concerns. In Part 1, we addressed compliance issues that arise when these wearables collect biometric information. In Part 2,
On the Ninth Day of Data… State of the States: This Year’s Key Privacy Law Developments Across the U.S. States
The continued absence of a comprehensive federal privacy law once again positioned state legislatures as the primary forces behind data privacy developments in the U.S. this year. In 2025, eight new comprehensive state privacy laws took effect, adding to a growing patchwork of regulations that now spans 20 states. These laws generally reinforce established standards
On the Eighth Day of Data… AI Regulation – A 2025 Recap and a Look Ahead to 2026
In 1950, reflecting on the future of machine intelligence, Alan Turing observed: “We can only see a short distance ahead, but we can see plenty there that needs to be done.” With several large language models, most notably OpenAI’s GPT-4.5, passing the Turing Test in 2025, some governments have taken steps towards stricter regulation this