Key ECPA decision outlines important exceptions to the Wiretap Act
2/4/26
By: Michael Brown
On January 13, 2026, the U.S. District Court for the Northern District of Illinois issued a significant opinion in Lisota v. Heartland Dental, LLC and RingCentral, Inc., a case involving popular AI-enhanced recording tools in healthcare …
A first look at NIST’s new cyber AI framework
1/26/26
By: Jacob Berlinger and Jason Weiss
The National Institute of Standards and Technology (NIST) recently released their initial preliminary draft of NIST IR 8596, also known as the Cybersecurity Framework Profile for Artificial Intelligence. This new cybersecurity framework signals …
Indiana releases new Consumer Data Protection Bill of Rights
12/15/25
By: Jacob Berlinger and Jason G. Weiss
Indiana is preparing residents for the upcoming Indiana Consumer Data Protection Act (“CDPA”), which takes effect January 1, 2026, by releasing the Consumer Data Protection Bill of Rights (“CDPBR”). On November 25, 2025, …
Florida enters the privacy enforcement arena: Why companies need to take note
12/1/25
By: Jacob Berlinger and Zohar Peleg
The Sunshine State has officially stepped into the privacy-enforcement arena. On October 13, 2025, Florida Attorney General James Uthmeier announced that the Office of Parental Rights filed a civil enforcement action against Roku, Inc. …
Are you actually covered? A cyber insurance warning for real estate attorneys
12/1/25
By: William R. Covino and Nancy M. Reimer
For real estate practitioners, this might be the most important client alert you read this year. Imagine this scenario: you are a real estate closing attorney who has received the funds necessary …
11/19/25
By: Jacob Berlinger and Alexia Roney
In 2023, India enacted the Digital Personal Data Protection Act (“DPDP Act”), the first standalone data protection legislation governing the requirements for collection and processing of digitized personal data. The DPDP Act is guided …
Emerging issues in data breach litigation: Duty of care under Georgia law
11/19/25
By: Jacob Berlinger and David Cole
Beyond the familiar challenges of establishing standing and proving injury from a data breach, courts are increasingly grappling with threshold questions about the viability of plaintiffs’ legal theories. One recurring issue is whether—and to …
Hillsdale decision extends VPPA to free, educational content
11/17/25
By: Michael Brown and Emily Mayfield
A recent decision by the U.S. District Court for the Western District of Michigan has expanded the interpretation of who may qualify as a “video tape service provider” under the Video Privacy Protection Act …
AI-powered cyber threats: What everyone needs to know
11/6/25
By: Jason G. Weiss
A new report from Anthropic, a leading Artificial Intelligence (AI) company, highlights a troubling development in the cybersecurity landscape: threat actors are now using AI to automate nearly every step of a cyber extortion scheme. …
CCPA/CPRA amended regulations approved and effective January 1, 2026
9/25/25
By: Danielle A. Ocampo
The California Office of Administrative Law (OAL) approved the most recent amendments to the CCPA regulations to take effect January 1, 2026.
How Did We Get Here?
The California Consumer Privacy Act (CCPA) of 2018, effective …
“Juice jacking”: A hidden cyber threat in public charging stations
9/23/25
By: Jason G. Weiss
In today’s hyperconnected world, our mobile devices are lifelines for both personal and professional communication. When batteries run low, travelers often rely on the convenience of public-charging stations in airports, hotels, coffee shops and other high-traffic …
Congress ready to implement new cyber incident and ransomware payment reporting legislation
9/8/25
By: Michele B. Focht and Jason G. Weiss
Cybersecurity is about to take a more prominent position within the Federal government. In 2022, the United States Congress passed critical legislation that includes new cybersecurity provisions requiring critical infrastructure providers to …