We recently published an alert that highlights recent developments in the case filed by X.AI LLC seeking to enjoin enforcement of Colorado’s Senate Bill 24-205 (SB-24-205), often referred to as the Colorado AI Act (the AI Act). The AI Act
Current approaches to agentic AI governance seem more focused on trying to apply governance after a system is developed, like a Band-Aid, instead of baking in reasonable governance and controls into the guts of the system. In the same way
A popular public AI tool has been accused in federal court of practicing law without a license. Please see the post on the Artificial Intelligence page of Inside Tech Law: AI in litigation series: Complaint accuses OpenAI of practicing law
We recently drafted an article that discussed court decisions that reached very different conclusions about how the attorney-client privilege and work product doctrine apply to materials submitted to and created by generative AI (GenAI) tools. A recent decision from the
Every year, Privacy Day gives organizations a moment to pause and reflect on how rapidly the data landscape is shifting, but 2026 feels different. The conversation has moved beyond compliance checklists and breach headlines. Privacy is moving beyond legal, shaping
The ICO has kicked off 2026 with sharing its early thoughts on the data protection implications of agentic AI in its ICO tech futures: Agentic AI report. The report considers the novel data protection risks presented by agentic AI.
On November 10, 2025, New York’s disclosure law on algorithmic pricing went into effect. This post will describe the law, a recent federal court case, and some potential effects, using precise geolocation data as an example.
The law
The law
The EU Commission recently held a call for evidence on “simplification” of legislation in the data, cybersecurity, and AI space, ahead of a “Digital Omnibus” Act. These changes look to make the EU’s digital rulebook more innovation-friendly, supporting the Commission’s
On September 23, 2025, Italy adopted Law no. 132/2025 on Artificial Intelligence (AI). The law will enter into force on 10 October 2025 and aims, inter alia, to complement the Regulation EU 2024/1689 (EU AI Act).
The Court of Justice of the European Union (CJEU) has delivered its judgment on case C 413/23 P European Data Protection Supervisor (EDPS) v Single Resolution Board (SRB). The CJEU has confirmed that pseudonymised