On June 5, 2025, the UK’s Information Commissioner’s Office (“ICO”) launched its new AI and biometrics strategy. The strategy aims to increase its scrutiny of AI and biometric technologies focusing on three priority situations, namely where: stakes are high;
On June 26, 2025, the Council and the European Parliament reached a provisional agreement on modernizing the EU’s framework for alternative dispute resolution (ADR) in consumer matters.
The current ADR framework—established in Directive 2013/11/EU (ADR Directive)—has not been amended since
On July 8, 2025, the Eighth Circuit issued a per curiam decision that vacated the FTC’s revised Negative Option Rule in its entirety. The opinion will become effective when the court issues its mandate, which should happen within seven weeks
Since the beginning of 2025, there have been a flurry of bills introduced at the state and federal level related to genetic privacy, which follows a similar trend over the past several years. These bills have focused on a range
On June 10, 2025, the Finnish Data Protection Ombudsman published a decision (in FI) where it found that the processing of personal data for enforcing parking violations was unlawful because the enforcement mechanism was not described in the parking rental
On June 6, 2025, President Trump issued an Executive Order (“Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order 14144”) (the “Order”) that modifies certain initiatives in prior Executive Orders issued by
On May 22, 2025, the Cybersecurity and Infrastructure Security Agency (“CISA”), which sits within the Department of Homeland Security (“DHS”) released guidance for AI system operators regarding managing data security risks. The associated press release explains that the guidance provides
In May 2025, the Court of Justice of the EU (“CJEU”) ruled on five cases applying EU consumer protection law. This blog post provides an overview of the decisions.
In February 2025, the European Commission published two sets of guidelines to clarify key aspects of the EU Artificial Intelligence Act (“AI Act”): Guidelines on the definition of an AI system and Guidelines on prohibited AI practices. These guidelines
In February 2025, the European Commission published two sets of guidelines to clarify key aspects of the EU Artificial Intelligence Act (“AI Act”): Guidelines on the definition of an AI system and Guidelines on prohibited AI practices. These guidelines