The Legal 500 United States recognizes practice area teams and practitioners who are “providing the most cutting edge and innovative advice to corporate counsel,” according to the publisher. The recognitions are based on feedback from more than 300,000 clients worldwide, law firm submissions, and interviews with private practice lawyers, in addition to The Legal 500’s independent research.

Click here to see the full list of Greenberg Traurig attorneys and practices recognized in The Legal 500 United States 2025 edition.

The recently issued guidance makes evident NSD’s intent to make the DSP an enforcement priority for this administration. Access to Americans’ bulk sensitive or personal data or U.S. government-related data increases the ability of countries of concern to engage in a wide range of malicious activities. The DSP is currently subject to a 90-day initial enforcement period, which is a limited enforcement window to give individuals and companies additional time to bring their transactions and processes into compliance with the DSP. After July 8, 2025, NSD will implement full enforcement of the DSP.

Click here to continue reading the full GT Alert.

Notable Court Decisions

The Salesforce Decision

A recent decision by the Fifth Circuit held that a suit brought by sex trafficking victims against Salesforce for allegedly participating in a sex trafficking venture could move forward. The Court ruled that under certain circumstances, companies such as Salesforce that provide web-based business services to entities or individuals engaged in sex trafficking may be civilly liable as a beneficiary of a sex trafficking venture. The decision interprets Section 230 of the Communications Decency Act (“Section 230”), which generally protects web platform hosts from liability for content created by users. This is the most recent in a series of decisions limiting Section 230’s protections for entities that fail to take measures to prevent the use of their services by criminal actors engaged in sex trafficking.

The plaintiffs in Doe v. Salesforce are a group of sex trafficking victims who were trafficked through Backpage.com (“Backpage”), a Craigslist-type platform notorious for its permissiveness and encouragement of sex trafficking advertisements. They seek to hold Salesforce civilly liable under 18 U.S.C. § 1595, which creates a cause of action for victims against anyone who “knowingly benefits ... from participation in a [sex trafficking] venture.” Salesforce allegedly provided Backpage cloud-based software tools and related services, including customer relationship management support. The Plaintiffs allege that Salesforce was aware that Backpage was engaged in sex trafficking, citing, inter alia, emails between Salesforce employees and a highly publicized Congressional report that found that Backpage actively facilitated prostitution and child sex trafficking.

Salesforce moved for summary judgment, arguing that Section 230 served as a complete bar to liability. While courts have generally interpreted Section 230 broadly in dismissing claims against internet platform hosts that are premised on the ways in which others use those platforms, the statute has been increasingly under fire by legislators and courts alike. Lawmakers on both sides of the aisle have discussed amending or repealing Section 230 in recent years and courts have slowly chipped away at the broad immunity by interpreting the statute more narrowly. This trend has been especially stark in cases dealing with sex trafficking and child sexual abuse. The Fifth Circuit’s decision in Doe v. Salesforce is a prime example of this, and a substantial step away from the breadth of protections afforded under earlier interpretations of Section 230.

The Fifth Circuit rejected a “but-for test,” which would shield a defendant if a cause of action would not have accrued without content created and posted by a third party. Salesforce advocated for what the court dubbed the “only-link” test, which would protect defendants when the only link between the defendant and the victims is the publication of third-party content. The Court rejected that argument, instead ruling that “the proper standard is whether the duty the defendant allegedly violated derives from their status as a publisher or speaker or requires the exercise of functions traditionally associated with publication.” The key question is whether the claim treats the defendant as a publisher or speaker. The Fifth Circuit found that the duty the plaintiffs alleged Salesforce breached was “a statutory duty to not knowingly benefit from participation in a sex-trafficking venture.” Because this duty is unrelated to traditional publishing functions, Section 230 does not serve as a shield. This decision underscores the need for companies to establish processes that will identify potential dangers of trafficking in or in relation to their businesses including but not limited to facilitation of trafficking using online platforms. Without proper safeguards, even businesses providing neutral tools and operations support may be held civilly liable for the harms the users of their services perpetrate.

Garcia v. Character Technologies, Inc. et al.

The mother of a fourteen year old boy prevailed on a motion to dismiss her lawsuit against Character Technologies, Google, Alphabet, and two individual defendants in connection with the suicide of her child. The plaintiff alleged that her son was a user of Character A.I., which the Court describes as “an app that allows users to interact with various A.I. chatbots, referred to as ‘Characters.’” The Court also describes these “Characters” as “anthropomorphic; users interactions with Characters are meant to mirror interactions a user might have with another user on an ordinary messaging app.” In other words, it is intended to and gives the impression to the user that he is communicating with a real person. The plaintiff alleged that the app had its intended impact on her child; she asserted that her son was addicted to the app and could not go one day without communicating with his Characters, resulting in severe mental health issues and problems in school. When his parents threatened to take away his phone, he took his own life. The plaintiff filed suit asserting numerous tort claims, along with an alleged violation of Florida’s Unfair Trade and Deceptive Practices Act and under a theory of unjust enrichment

In denying the motion to dismiss, Judge Anne Conway, District Court Judge for the Middle District of Florida, made several notable rulings. Among them, she found that the plaintiff had adequately pled that Google is liable for the “harms caused by Character A.I. because Google was a component part manufacturer” of the app, deeming it sufficient that plaintiff pled that Google “substantially participated in integrating its models” into the app, which allegedly was necessary to build and maintain the platform. She also found that the plaintiff sufficiently pled that Google was potentially liable for aiding and abetting the tortious conduct because the amended complaint supported a “plausible inference” that Google possessed actual knowledge that Character’s product was defective. The Court further found that the app was a product, not a service, and that Character A.I.’s output is not speech protected by the First Amendment. The Court determined that plaintiff had sufficiently pled all her tort claims with the exception of her claim of intentional infliction of emotional distress, along with allowing her claims to go forward under Florida’s Deceptive and Unfair Trade Practices Act, and a theory of unjust enrichment.

New York v. TikTok

In October 2024, the Attorney General for State of New York filed suit against TikTok to hold it “accountable for the harms it has inflicted on the youngest New Yorkers by falsely marketing and promoting” its products. The following day, Attorney General James released a statement indicating that she was co-leading a coalition of 14 state Attorneys General each filing suit against TikTok for allegedly “misleading the public” about the safety of the platform and harming the mental health of children. Lawsuits were filed individually by each member of the coalition and all allege that TikTok violated the law “by falsely claiming its platform is safe for young people.” The press release can be found here.

The New York complaint includes allegations regarding the addictive nature of the app and its marketing and targeting of children, causing substantial mental health harm to minors. The complaint additionally includes allegations that TikTok resisted safety improvements to its app to boost profits, made false statements about the safety of the app for minors, and misrepresented the efficacy of certain safety features. The complaint asserts nine causes of action, including violations of New York law relating to fraudulent business conduct, deceptive business practices, and false advertising, along with claims asserting design defects, failure to warn, and ordinary negligence. In late May, Supreme Court Justice Anar Rathod Patel mostly denied TikTok’s motion to dismiss in a brief order that did not include her reasoning, allowing the case to proceed.

Federal Legislative and Regulatory Developments

President Trump Signs the TAKE IT DOWN Act; The Kids Online Safety Act (KOSA) is reintroduced

President Trump signed the “TAKE IT DOWN Act” on May 19, 2025. The bill criminalizes the online posting of nonconsensual intimate visual images of adults and minors and the publication of digital forgeries, defined as the intimate visual depiction of an identifiable individual created through various digital means that, when viewed as a whole, is indistinguishable from an authentic visual depiction. The statute also criminalizes threats to publish such images. The bill additionally requires online platforms to establish no later than one year from enactment clear processes by which individuals can notify companies of the existence of these images and a requirement that the images be removed “as soon as possible, but not later than 48 hours” after receiving a request. The bill in its entirety can be found here.

Also in May, the Kids Online Safety Act (KOSA) was reintroduced in the Senate by a bipartisan group of legislators. In connection with their announcement of the revised version of KOSA, Senators Blackburn and Blumenthal thanked Elon Musk and others at X for their partnership in modifying KOSA’s language to “strengthen the bill while safeguarding free speech online and ensuring it’s not used to stifle expression” and noted the support of Musk and X to pass the legislation by the end of 2025. In its May announcement, the senators noted that the legislation is supported by over 250 national, state and local organizations and further gained the support of Apple. KOSA provides that platforms “shall exercise reasonable care in the creation and implementation of any design feature to prevent and mitigate” listed harms to minors where those harms were reasonably foreseeable. Those harms include eating disorders, depressive and anxiety disorders, compulsive use, online harassment, and sexual and financial exploitation. It requires that platforms provide minors (and parents) with readily accessible and easy to use safety tools that limit communication with the minor and limit by default access to and use of certain design features by minors. The legislation further mandates reporting tools for users and the establishment of internal processes to receive and substantively review all reports. The current version of KOSA is lengthy and contains numerous additional mandates and notice requirements including third party audits and public reporting regarding compliance. The most recent version of KOSA can be found here.

New COPPA Rule Takes Effect June 23, 2025

The Federal Trade Commissions (FTC) has amended the Children’s Online Privacy Protection Rule (“COPPA Rule”) effective June 23, 2025. COPPA imposes obligations on entities operating online that collect the personal information of children under the age of thirteen. The new COPPA Rule seeks to address new challenges in the digital landscape.

Under the new COPPA Rule, the FTC will consider additional evidence in determining whether a website or online service is directed at children. COPPA applies wherever children under the age of thirteen are a website or service’s intended or actual audience, and the FTC applies a multifactor test for assessing this. Under the new COPPA Rule, the FTC will now consider “marketing or promotional materials or plans, representations to consumers or to third parties, reviews by users or third parties, and the age of users on similar websites or services.” While FTC has stated that this amendment simply serves to clarify how it analyzes the question of whether a website is child-directed (rather than acting as a change in policy), online operators should note that whether they are subject to COPPA depends in part on elements outside of their control—such as online reviews and the age of users of their peer websites and services.

The type of information protected by COPPA will also expand. COPPA mandates that websites and online services directed at children under the age of thirteen obtain verifiable parental consent before collecting, using, or disclosing any personal information from children. To date, this has included details like names, addresses, phone numbers, email addresses, and other identifiable data. The new COPPA Rule expands this definition to include biometric identifiers “that can be used for the automated or semi-automated recognition of an individual, such as finger prints; handprints; retina patterns; iris patterns; genetic data, including a DNA sequence; voiceprints; gait patterns; facial templates; or faceprints[.]” The definition will also include government identifiers such as social security or passport numbers, and birth certificates.

Data security requirements have also been enhanced. Operators subject to COPPA must maintain a written data security program, designate one or more employees to coordinate it, and conduct an annual assessment of risks. If they share any protected data with third parties, the disclosing party must ensure that the third party has sufficient capability and policies in place to maintain the data securely and within the bounds of COPPA regulations. Notably, the new COPPA Rule forbids indefinite retention of data, requiring that operators only retain protected information as long as is reasonably necessary to serve the purposes for which it was collected.

The new COPPA Rule contains a number of other policy changes, such as enhanced requirements for parental notice and control regarding the data collected, stored, and shared with third parties, new mechanisms for obtaining parental consent, and changes to an exception to the bar on collecting children’s data without parental consent for the limited purpose of determining whether a user is a child under the age of thirteen.

Entities operating a business or service online that may be used by children under the age of thirteen—even where children are not the intended audience—should carefully review the new rule, and take steps to ensure they are in full compliance. The new rule underscores the FTC’s continued interest in this space and its desire to take action against online services for practices it views as posing unacceptable risks to children’s privacy and online safety.

Senate Judiciary Committee, Subcommittee on Privacy, Technology, and the Law Holds Hearing on AI-Generated Deep Fakes

On May 21, the Senate Judiciary Committee’s subcommittee on privacy, technology and the law held a hearing titled, “The Good, the Bad, and the Ugly: AI-Generated Deep Fakes in 2025.” Witnesses included representatives of the Recording Industry Association of America, Consumer Reports, and YouTube, along with multi-award winning musician Martina McBride. They all testified about the potential benefits of AI, but also the potential harms to creators, including musicians, and different but substantial harms to consumers. The witnesses discussed specific examples of the images and voices of both known and lesser-known innocent individuals used to defraud and exploit others, impacting reputations and livelihoods. A representative from the National Center on Sexual Exploitation (NCOSE) also testified about the pervasive and harmful impact of deep fakes on adults and children when their images are used to create pornography, which is then spread worldwide and unchecked on the internet. All of the witnesses testified in support of the NO FAKES Act of 2025, a bipartisan bill and a compliment to the TAKE IT DOWN Act. The language of the current legislation can be found here. The bill currently provides for a civil cause of action with a detailed penalty regime for individuals who have their image or voice used without their permission and protects online service providers from liability if those providers have systems in place to identify and address the publication and dissemination of deep fakes. The bill also provides for legal process for individuals to obtain information from providers regarding the source of the published materials. The current version additionally endeavors to preempt state law, stating that the “rights established under this Act shall preempt any cause of action under State law for the protection of an individual’s voice and visual likeness rights in connection with a digital replica, as defined in this Act, in an expressive work.”

What are we discussing with clients?

• Note what is NOT publicly available data. That might impact interpretation of other laws with this term.
• Note what IS “reasonably likely to be accessed by minors” for the same reason. It is a very broad term here.
• The duty of care is vague (result based) and thus a tall order to follow.
• Note the legal obligation to have terms of use and community standards (a first?).
• Note the very extensive transparency obligations. This is a privacy notice PLUS PLUS, with detail and retention terms for every feature and information on the algorithms.

In more detail

It applies if you:

• Conduct business in Vermont.
• Generate a majority of your annual revenue from online services.
• Are reasonably likely to be accessed by a minor.
• Determine the purpose and means of processing of personal data.

The law includes a lot of unique carve outs from “publicly available information,” so the following is still personal data:

• Biometric data collected without knowledge.
• Information that is collated and combined to create a consumer profile.
• Information that is made available for sale.
• Genetic data.

Is the data “reasonably likely to be accessed by minors?” Consider:

• Directed at children under COPPA.
• The service or product is determined, based on either (1) competent and reliable evidence regarding audience composition, or on (2) internal company research or (3) knew or should have known audience to be routinely accessed by an audience that is composed of at least TWO PERCENT minors.
• Data minimization: Only collect/retain/share data that is necessary to provide the service/feature with which the covered minor is actively and knowingly engaged with additional limitation on algorithmic recommendations.

Minimum duty of care

The use of the personal data and the design of an online service, product, or feature or the content of the media viewed will not result in:

• Reasonably foreseeable emotional distress to a covered minor.
• Reasonably foreseeable compulsive use of the online service, product, or feature by a covered minor.
• Discrimination against a covered minor.
• Default settings set to highest levels of privacy which includes blocking known adult users from seeing the minor’s account or specific content or commenting or direct messaging and not displaying the covered minor’s location to other users.

Provide transparency which includes:

• Terms of use, privacy notice and community standards.
• Detailed disclosure per feature, including data retention.
• Purpose of each algorithmic recommendation system.
• Inputs used by the algorithmic recommendation system and how they are used, influence recommendations.

Putting It Into Practice: This amendment demonstrates a growing concern by law makers and regulators around data collected in motor vehicles. We anticipate seeing similar developments in coming months.

Expanded Scope: In what is seen as a general trend, SB 01295 broadens the reach of the CTDPA by lowering exemption thresholds: The law will apply to organizations that control or process the personal data of 35,000 consumers or more, controls or processes any sensitive data, or engage in the sale of personal data. The bill also expands the definition of sensitive data, thereby increasing the number of covered entities.  

Signaling another important trend, the amendment would remove the entity-level exemption for financial institutions under the Gramm-Leach-Bliley Act (GLBA), and instead only exempt data subject to the GLBA. Notably, however, certain types of financial institutions may continue to enjoy entity-level exemptions.

Stricter Regulations for Minors: Social media platforms and online services targeting minors (individuals under 18) would also be subject to heightened obligations and standards, including restrictions related to processing minors’ personal data related to certain risks and automated decisions.

Additional Changes: Additionally, the amended changes would include additional responsibilities placed on data controllers, including those related to consumer rights requests, data protection assessments and privacy notices and disclosures.

***

Although this legislative season has not seen revolutionary new laws passed, amendments in states like Connecticut, Colorado, and Montana are important reminders that changes to existing laws can have significant impacts–both in broadening the scope of their application and in current compliance regimes.

With the amendments, nonprofits are no longer exempt unless they are set up to detect and prevent insurance fraud. Insurers are now similarly exempt.

When a consumer requests confirmation that a controller is processing their data, the controller can no longer disclose but must identify possession of: (1) social security numbers, (2) ID numbers, (3) financial account numbers, (4) health insurance or medical identification numbers, (5) passwords, security questions, or answers, or (6) biometric data.

Privacy notices must now include: (1) personal data categories, (2) controller’s purpose in possessing personal data, (3) categories controller sells or shares with third parties, (4) categories of third parties, (5) contact information for the controller, (6) explanation of rights and how to exercise them, and (7) the date privacy notice was last updated. Privacy notices must be accessible to and usable to people with disabilities and available in each language in which the controller provides a product or service. Any material changes to the controller’s privacy notice or practices require notices to affected consumers and the opportunity to withdraw consent. Notices need not be Montana-specific, but controllers must conspicuously post them on websites, in mobile applications, or through whatever medium the controller interacts with customers.

The amendments further clarified information the attorney general must publicly provide, including an online mechanism for consumers to file complaints. Further, the attorney general may now issue civil investigative demands and need not issue any notice of violation or provide a 60-day period for the controller to correct the violation.

Under the new requirements, covered entities must create a written information security program and designate a person to oversee that program. Covered entities must base their information security programs on a written risk assessment that identifies risks to their customers’ information. The program includes breach response and reporting provisions for incidents that impact customer information. Covered entities will also have to periodically complete new risk assessments to evaluate their security measures and monitor the efficacy of the program.

The law also creates new rules for reporting data breaches. Namely, covered financial companies must notify the North Dakota Commissioner of the Department of Financial Institutions if there is a “notification event.” A notification event occurs when an unauthorized person accesses unencrypted customer information. If this event involves the information of at least 500 customers, the company must notify the Commissioner as soon as possible, but no later than 45 days after discovering the issue. The law states that a covered entity “discovers” an event as soon as any employee, officer, or agent of the corporation learns about it.

Putting it Into Practice: Financial corporations regulated by the North Dakota department of financial institutions should take note of these changes and make updates as might be needed to their security program and incident response plan prior to August 1^st.

Last week, I had the privilege to attend one of the Midwest’s largest artificial intelligence conferences dedicated to AI developers, users, and enthusiasts: Cincy AI Week. During the three-day event, which brought together over 950 local professionals, I spoke on a panel entitled “Managing Risk in the Age of AI and Automation.”

Here are six important observations I shared during that panel:

1.  Organizations needs to shift risk posture from reactive to proactive.

AI technologies are increasingly influencing decision-making, data handling, and customer interactions. Accordingly, legal risks – from security incidents and data breaches to algorithmic bias – are no longer hypothetical, but imminent. Organizations must embed legal and ethical oversight into each stage of AI development and deployment, rather than addressing issues only after they arise. This means engaging legal counsel early, implementing clear accountability frameworks (see below), and ensuring transparency and auditability in AI systems. Doing so not only mitigates risk, but also builds trust with regulators, clients, and stakeholders in a rapidly evolving legal landscape.

2. Data governance, vendor risk, and internal misuse remain major vulnerabilities for organizations adopting AI tools.

As organizations rapidly adopt AI tools, many overlook risk exposure in data governance, vendor risk, and internal misuse; each posing significant legal and regulatory exposure. Inadequate data governance can lead to incidents of unauthorized use of sensitive or non-compliant data in model training. Such unauthorized use could constitute violations of data protection laws such as GDPR, CCPA, HIPAA, and various state consumer privacy laws. Meanwhile, reliance on third-party AI vendors without thorough due diligence or contractual safeguards can expose organizations to hidden liability such as intellectual property infringement and undisclosed model risks. Internally, the misuse of AI – whether through employee error, lack of oversight, or improper prompts – can result in biased outputs, misinformation, or breaches of confidentiality. Without a comprehensive legal strategy to address these gaps, businesses risk serious reputational, financial, and legal consequences.

3. Legal and technical teams need to collaborate on AI risk management.

Effective AI risk management demands close collaboration between legal and technical teams because the challenges posed by AI straddle both legal obligations and technical complexities. Legal teams bring critical expertise in regulatory compliance, intellectual property, privacy, and liability. Technical teams, on the other hand, understand how AI models are built, trained, and deployed; thereby giving technical teams insight into an AI model’s limitations and potential for unintended outcomes. Without alignment, organizations risk (a) legal teams overlooking how a system actually functions, and (b) technical teams missing key regulatory implications. Instead, by working together from the beginning of the AI development or adoption lifecycle, these teams can design and procure AI systems that are not only innovative and efficient, but also legally sound, transparent, and defensible under regulatory scrutiny. This integrated approach is necessary to mitigate risk, ensure accountability, and maintain trust in an increasingly AI-driven environment.

4.  NIST and ISO frameworks are a great starting point for AI-specific cybersecurity planning.

The National Institute of Standards and Technology (NIST) AI Risk Framework offers structured guidance on identifying, assessing, and mitigating risks unique to AI systems, such as data poisoning, model inversion, and adversarial attacks. Adapting cybersecurity policies, such as those modeled on ISO/IEC 27001 or the NIST Cybersecurity Framework, to address AI-specific vulnerabilities ensures a more resilient security posture. In-house and outside counsel play a critical role in this process by ensuring that these frameworks are aligned with regulatory requirements and contractual obligations; particularly in sectors handling sensitive or high-risk data. Organizations that leverage these frameworks into their AI development lifecycle are better positioned to manage evolving threats while demonstrating compliance and due diligence to regulators, customers, and stakeholders.

5.  Transparency and explainability are essential for managing AI risk.

Legal scrutiny around algorithmic decision-making has intensified over the last two years. Transparency and explainability are not just ethical ideals; they are practical safeguards.  Transparent AI systems allow organizations to understand how decisions are made, which is essential for identifying and mitigating bias, ensuring compliance with anti-discrimination and data protection laws, and responding effectively to audits and litigation. Explainability strengthens accountability by enabling organizations to justify automated decisions to regulators, courts, and impacted individuals in high-risk environments like finance, healthcare, and employment. Lack of explainability, on the other hand, can lead to regulatory penalties, reputational damage, or invalidated outcomes. Building AI systems with transparency and explainability from the outset is a key step in reducing legal risk and fostering trust.

6. Security-first cultures do not need to slow innovation.

Building a security-first culture does not mean stifling progress. Instead, a security-first approach means adopting smart, scalable safeguards into the innovation process from day one (in other words, security-by-design). By aligning legal, security, and technical teams early in the development or adoption lifecycle, organizations can proactively address risks without creating bottlenecks. Clear policies, ongoing employee training, and cross-functional collaboration through an AI Governance Committee ensure that security is treated as a shared responsibility instead of a final checkpoint. This approach empowers teams to innovate with confidence by knowing that privacy, compliance, and risk management are integrated rather than obstructive. 

As AI reshapes how organizations operate, the intersection of cybersecurity, legal compliance, and responsible innovation has never been more critical. The six observations I shared during Cincy AI Week underscore a central theme: managing AI risk is not just a technical or legal challenge; instead, it is a strategic imperative that demands proactive, cross-disciplinary coordination. By merging legal oversight into the development process, embracing transparency, leveraging established frameworks, and fostering a culture where security and innovation go hand-in-hand, organizations can mitigate risk and build resilient, trustworthy AI systems. In other words, as AI continues to evolve, so too must risk strategies.

For more information on data privacy and security regulations, AI, and other data privacy questions, please visit Taft’s Privacy and Data Security Insights blog

As employers prepare for this change, compliance should align hiring practices with broader legal and ethical standards. Transparency and fairness are important considerations associated with the responsible use of AI, and Ontario’s mandatory disclosure requirements take these into account. By being mindful of transparency and fairness when using AI, employers can reduce the risk of running afoul of disclosure requirements while demonstrating a commitment to ethical hiring practices in an increasingly automated landscape.

AI Disclosure Requirements Under Bill 149

Bill 149 amends the ESA by introducing several new requirements, including requirements with respect to AI, which it defines broadly as “a machine-based system that, for explicit or implicit objectives, infers from the input it receives in order to generate outputs such as predictions, content, recommendations or decisions that can influence physical or virtual environment.”[2]

With respect to AI, Bill 149 provides that employers must disclose if AI is used in assessing or selecting candidates in any publicly posted job.

For a detailed summary of the various changes implemented by Bill 149, see our blog post: Ontario’s Working for Workers Four Act receives royal assent | Global law firm | Norton Rose Fulbright.

Scope and Exceptions

These rules apply to external job postings accessible to the public. Notably, Bill 149 exempts:

• Internal postings (for current employees only).
• General “help wanted” signs.
• Recruitment for work performed outside Ontario.

Employers with fewer than twenty-five (25) employees are not currently subject to these obligations.[3]

Legal and Human Rights Considerations

Automated decision-making is increasingly being used by organizations to attract top talent, streamline the hiring process or aid in performance evaluations.[4] However, potential impact of algorithmic bias and the need for transparency generally remain important considerations around the fair and responsible use of AI.

The Ontario Human Rights Commission (OHRC) has flagged AI use in employment as a growing risk, citing the potential for indirect discrimination through algorithmic bias.[5] For example, AI tools trained on historical hiring data could replicate unfair requirements and biased language in job advertisements. This could unintentionally favor certain demographics and exclude others with certain characteristics, thereby potentially infringing rights under the Ontario Human Rights Code (the “Code”).

This means failure to adhere to Bill 149’s AI disclosure requirements may not only trigger ESA enforcement but also human rights complaints under the Code, particularly if AI-driven decisions lead to discriminatory outcomes.

Practical Risk Mitigation Strategies

Although a regulation accompanying Bill 149 was released in late 2024[6] and provides a definition of AI, it does not clarify which specific tools, systems, or processes fall within this definition and would therefore trigger the disclosure requirement for publicly advertised job postings.

The current lack of clarity around what constitutes AI use in job postings under Bill 149 may lead to inconsistent reporting (either underreporting or overreporting) which could inadvertently increase the risk of non-compliance. In the absence of further guidance from the Government of Ontario and given the AI disclosure requirements that are expected to take effect next January, employers should use the intervening months to prepare for compliance and consider taking the following steps:

• Conduct Algorithmic Impact Assessments: Regular audits can identify biased outputs or data gaps in AI tools. Employers should document AI decision logic and test for discriminatory patterns.
• Develop Transparent Disclosure Practices: While Bill 149 does not clarify the exact language to meet the AI disclosure requirements, to err on the side of caution, job postings should clearly state how AI is used in the recruitment and onboarding process, and at what stages.
• Integrate Human Oversight: Employers already using AI should consider a “human-in-the-loop” approach for hiring practices. This helps ensure final hiring decisions are reviewed and contextualized by HR professionals in order to limit overreliance on algorithmic judgment and prevent undesired results (for example, inadvertently excluding certain demographics from the hiring pool due to poor training data relied-upon by AI models). The OHRC also recommends that employers demonstrate a reasonable degree of transparency associated with the AI solutions that are leveraged during the course of the hiring process.
• Train HR and Legal Teams: Staff should be possessed of a clear understanding of how AI is deployed by their organizations, as well as having a firm grasp of what their associated legal disclosure and privacy obligations are. This includes reviewing and auditing existing practices and policies and conducting gap analyses to prepare for new obligations under Bill 149, such as the adoption of an AI governance framework for the responsible use of AI.
• Review Vendor Agreements: If an employer is using third-party AI solutions to assist with hiring, it would be advisable to confirm that such solutions will be compliant with Bill 149, and to the extent there are compliance gaps, remediate same by way of contractual amendments.

Key Takeaways

Ontario’s Bill 149 introduces new AI disclosure requirements that reflect the growing role of AI use in hiring practices. As these rules come into effect, businesses should begin assessing how AI is used in their recruitment processes and take steps to align with evolving legal expectations. While the focus is on transparency and fairness, these principles now carry legal weight across employment, human rights, and privacy frameworks. This is particularly important in the context of a gatekeeping function such as the hiring of employees. Employers must remain aware of and make efforts to mitigate against the risks associated with AI systems that may have a material adverse impact on individuals, whether by act or omission. Preparing early can help organizations navigate these changes smoothly and responsibly.

[1] Bill 149, Working for Workers Four Act, 2024.

[2] Section 2(1), Employment Standards Act, Ontario regulation 476/24, 2024.

[3] Section 2(1), Employment Standards Act, Ontario regulation 476/24, 2024.

[4] AI eases the burden of repetitive HR work, but the human touch is still needed, Globe and Mail (2024).

[5] Ontario Human Rights Commission Submission to the Standing Committee on Social Policy Regarding Bill 149, Working for Workers Four Act, 2023.

[6] Section 2(1), Employment Standards Act, Ontario regulation 476/24, 2024.

If the law goes unchallenged, unlike other states it creates a private right of action. Anyone who violates the act may be subject to a lawsuit brought by an injured party. They may be ordered to pay damages, attorney’s fees, and other relief. In addition, the Nebraska Attorney General can enforce the law and seek penalties of up to $2,500 per violation.

Obligations placed on social media companies under the law include:

• Age verification: Social media companies (or their vendors) will need to verify the ages of all people that attempt to create an account. It would restrict anyone under 18 from creating an account. And, the law specifically requires that social media companies delete identifying information they get when checking user ages.
• Parental consent: The law requires parental consent before minors can create social media accounts. They must also give parents mechanisms to revoke their consent. If a parent revokes their consent, the social media company must remove the account of that parent’s child and must stop a child from creating a new account unless the parent provides consent.
• Parental supervision: Parents will need to be given a way to supervise their children’s social media use. This includes access to their children’s posts and messages, and controls over their privacy and account settings. In addition, parents must be able to monitor and limit the amount of time the minor spends using the social media site.

Putting it Into Practice: Nebraska joins a growing number of states attempting to regulate children’s use of social media. We will continue to monitor the status of this new Nebraska law before mid-2026, but anticipate seeing other similar legislation from other states.

AI-Generated Phishing & Social Engineering

Cybercriminals now use generative AI to craft near-perfect phishing messages—complete with accurate tone, logos, and language—making them hard to distinguish from real communications . Voice cloning tools enable “deepfake” calls from executives, while deepfake video can simulate someone giving fraudulent instructions.

Thanks to AI, according to Tech Advisors, phishing attacks are skyrocketing—phishing surged 202% in late 2024, and over 80% of phishing emails now incorporate AI, with nearly 80% of recipients opening them. These messages are bypassing filters and fooling employees.

Adaptive AI-Malware & Autonomous Attacks

It is not just the threat actors but the AI itself that drives the attack. According to Cyber Defense Magazine reporting:  

Compared to the traditional process of cyber-attacks, the attacks driven by AI have the capability to automatically learn, adapt, and develop strategies with a minimum number of human interventions. These attacks proactively utilize the algorithms of machine learning, natural language processing, and deep learning models. They leverage these algorithms in the process of determining and analyzing issues or vulnerabilities, avoiding security and detection systems, and developing phishing campaigns that are believable.

As a result, attacks that once took days now unfold in minutes, and detection technology struggles to keep up, permitting faster, smarter strikes to slip through traditional defenses.

Attacks Against AI Models Themselves

Cyberattacks are not limited to business email compromises designed to effect fraudulent transfers or to demand a ransom payment in order to suppress sensitive and compromising personal information. Attackers are going after AI systems themselves. Techniques include:

• Data poisoning – adding harmful or misleading data into AI training sets, leading to flawed outputs or missed threats.
• Prompt injection – embedding malicious instructions in user inputs to hijack AI behavior.
• Model theft/inversion – extracting proprietary data or reconstructing sensitive training datasets.

Compromised AI can lead to skipped fraud alerts, leaked sensitive data, or disclosure of confidential corporate information. Guidance from NIST, Adversarial Machine Learning A Taxonomy and Terminology of Attacks and Mitigations, digs into these quite a bit more, and outlines helpful mitigation measures.

Deepfakes & Identity Fraud

Deepfake audio and video are being used to mimic executives or trusted contacts, instructing staff to transfer funds, disclose passwords, or bypass security protocols.

Deepfakes have exploded—some reports indicate a 3,000% increase in deepfake fraud activity. These attacks can erode trust, fuel financial crime, and disrupt decision-making.

Supply Chain & Third-Party Attacks

AI accelerates supply chain attacks, enabling automated scanning and compromise of vendor infrastructures. Attackers can breach a small provider and rapidly move across interconnected systems. These ripple-effect attacks can disrupt entire industries and critical infrastructure, far beyond the initial target. We have seen these effects with more traditional supply chain cyberattacks. AI will only amplify these attacks.  

Enhancing Cyber Resilience, Including Against AI Risks

Here’s some suggestions for stepping up defenses and mitigating risk:

1. Enhance Phishing Training for AI-level deception
   Employees should recognize not just misspellings, but hyper-realistic phishing, voice calls, and video
 impersonations. Simulations should evolve to reflect current AI tactics.
2. Inventory, vet, and govern AI systems
   Know which AI platforms you use—especially third-party tools. Vet them for data protection, model integrity, and update protocols. Keep a detailed registry and check vendor security practices. Relying on a vendor’s SOC report simply may not be sufficient, particularly is not read carefully and in context.
3. Validate AI inputs and monitor outputs
   Check training data for poisoning. Test and stress AI models to spot vulnerabilities. Use filters and anomaly detection to flag suspicious inputs or outputs.
4. Use AI to defend against AI
   Deploy AI-driven defensive tools—like behavior-based detection, anomaly hunting, and automated response platforms—so you react in real time.
5. Adopt zero trust and multi-factor authentication (MFA)
   Require authentication for every access, limit internal privileges, and verify every step—even when actions appear internal.
6. Plan for AI-targeted incidents
   Update your incident response plan with scenarios like model poisoning, deepfake impersonation, or AI-driven malware. Include legal, communications, and other relevant stakeholders in your response teams.
7. Share intelligence and collaborate
   Tap into threat intelligence communities, “Information Sharing and Analysis Centers” or “ISACs”, to share and receive knowledge of emerging AI threats.

Organizations that can adapt to a rapidly changing threat landscape will be better position to defend against these emerging attack vectors and mitigate harm.

The government first announced plans for the new DUA Act in the King’s speech back in July 2024. The DUA Act introduces reforms to data protection and e-privacy laws and also includes a strong emphasis on wider data related policy initiatives, focussed on facilitating digital identities and securing access to ‘smart’ or ‘open’ data sets. 

The long awaited DUA Act proposes very limited changes to the UK data protection regime which are unlikely to have a material impact on day-to-day compliance for most businesses operating in the UK.

The specific areas of reform proposed include (see our previous Privacy Matters blog for more information on the changes) :

• Creating a statutory definition of scientific research to help clarify how the various provisions in the UK GDPR which refer to ‘research’ are intended to be applied.
• Introducing the concept of ‘recognised legitimate interests’ to provide a presumption of legitimacy to certain processing activities that a controller may wish to carry out under Article 6(1)(f) (legitimate interests).
• Removing the requirement to establish a qualifying lawful basis before conducting automated decision making (the requirement currently at Article 21(2) UK GDPR), except where special category data is used.  
• Granting the Secretary of State the authority to designate new special categories of personal data and additional processing activities that fall under the prohibition of processing special category data in Article 9(1) of the UK GDPR.
• Introducing reforms to the rules on cookie consent.
• Aligning the UK GDPR / DPA and PECR enforcement regimes.
• Introducing amendments that are designed to clarify the UK’s approach to the transfer of personal data internationally and the UK’s approach to conduct of adequacy assessments.
• Introducing reforms to the ICO, including a name change to an Information Commission, rather than a Commissioner, introducing a formal Board structure with an appointed CEO.

In the final stages of the DUA Act’s passage through Parliament, much of the debate focused on the House of Lords’ repeated proposed amendments to ensure transparency around data scraping and the use of text and data to train GPAI models. The proposed amendments required developers of AI models to publish information used in the pre-training, training, fine-tuning and retrieval-augmented generation of the AI model, and to provide an effective mechanism to allow copyright owners to identify all individual works that they own. However, the government argued that the DUA Act was not the correct place to deal with this difficult issue and the amendments were ultimately dropped.

What next?

The DUA Act now awaits royal assent but could potentially come into law before Parliament breaks for summer recess in July.

Although some key changes have been introduced, the majority of the DUA Act simply reflects established principles or guidance and introduces minor changes around the edges of existing governance requirements, without overhauling them completely. Some of the more innovative elements (around smart data access and use) are still unclear as we await the detail of secondary legislation.

Below is the twenty third weekly update on the status of proposed state privacy legislation in 2025. As always, the contents provided below are time-sensitive and subject to change.

Table of Contents

1. What’s New
2. AI Bills
3. Bill Tracker Chart

1. What’s New

The big news this week comes out of Vermont where Governor Phil Scott signed the Vermont Age-Appropriate Design Code Act (S.69) into law.

In other children’s privacy news, New York’s S.4505 (social media warning labels) passed the Senate on June 12. The New York Senate adjourned as scheduled on June 12. However, the Assembly reportedly extended its session to June 17.

Meanwhile, Louisiana’s legislature passed HB 570 (app stores). This is the third legislature – following Utah and Texas – to pass an app store bill this year.

Turning to consumer data privacy bills, Michigan’s bill (SB 359) was voted out of committee on June 12 and referred to the Senate floor.

Finally, last week we reported that the Nevada legislature passed SB 63 (children’s privacy). However, it appears that there was a late amendment in the Assembly and the bill was unable to repass the Senate prior to the legislature closing.

2. AI Bills

Our latest edition of Byte Back AI is now available to subscribers. Subscriptions start as low as $50/month. In this edition, we provide:

• Updates on new laws in Nevada and Maine, bills passing the legislatures in New York and Oregon, and bills crossing chambers in Rhode Island and New York.
• A summary of the work session for Oregon’s HB 3592 (AI commission and Chief AI Officer).
• Our special feature this week – a summary of Nebraska’s LB 77 (Ensuring Transparency in Prior Authorization Act).
• Our “three things to know this week.”
• An updated state AI bill tracker chart.

Click here for more information on paid subscriptions.

3. Bill Tracker Chart

For more information on all of the privacy bills introduced to date, including links to the bills, bill status, last action, and hearing dates, please see our bill tracker chart.

State Legislation

Montana SB 163

On May 1, the Montana governor signed SB 163 to amend the state’s Genetic Information Privacy Act (“MT GIPA”), which was originally enacted in 2023.  Effective October 1, 2025, there will be several changes to the law, including:

• Creating Deidentification Exemption: The original version of MT GIPA did not contain an express exemption for deidentified data.  SB 163 amends the law to include an express exemption for the use of deidentified genetic data for certain research purposes.  Specifically, SB 163 includes an exemption for “deidentified genetic data obtained from a third party to the extent that the data is used to conduct internal, medical, or scientific research.”  The deidentification standard is similar to the standard adopted under many comprehensive state privacy laws and other state DTC genetic privacy laws.
• Waiver of Certain Rights in the Clinical Trial Context: The law provides that consumers’ rights to access and delete data, destroy samples, and revoke consent must be waived in a limited context related to the collection of genetic data as part of a clinical trial if certain conditions are met, including prescriptive requirements for consent.  Specifically:
  • The relevant entity generally must obtain express and informed written consent for participation in a clinical research trial, including the collection and use of any genetic data, which must, among others, be in accordance with the good clinical practice (“GCP”) guideline issued by the international council for harmonisation of technical requirements for pharmaceuticals for home use and include the entity’s biological sample and data retention, sharing, and use policies.
  • The biological sample and genetic data must be utilized for clinical research purposes only.

SB 163 states that these requirements are meant to “supersede all exceptions to, and waivers of” informed consent pursuant to the federal Common Rule.  However, it is not clear how this new limited exemption is meant to interact with the existing exemption for entities that are engaged in collecting, using, or analyzing genetic data or biological samples in the context of scientific or clinical research with express consent of the individual and in accordance with human subject research frameworks, including GCP, the federal Common Rule, or FDA’s human subjects research regulations at 21 C.F.R. parts 50 and 56.

• Neural Data: The obligations under the law will now also apply to “neurotechnology data” defined as “information that is captured by neurotechnologies, is generated by measuring the activity of an individual’s central or peripheral nervous systems, or is data associated with neural activity, which means the activity of neurons or glial cells in the central or peripheral nervous system, and that is not nonneural information.”  Montana becomes the third state to enact a privacy law that specifically protects neural data.  

Texas HB 130

On May 23, the Texas legislature passed HB 130 (the “Texas Genomic Act of 2025”), which seeks to protect genetic information of Texas residents by regulating the collection, storage, and use of genome sequencing data.  The bill is focused on ensuring that “foreign adversaries” (as defined in 15 C.F.R. § 791.4(a) and includes China, Cuba, Iran, North Korea, Russia, and Venezuela) are unable to access the genetic information of Texas residents.  Notably, the definitions of “foreign adversaries” aligns with the countries that are identified as “countries of concern” in the U.S. Department of Justice’s recently finalized Data Security Program (“DOJ DSP”), which focuses on access to bulk U.S. sensitive personal data (including human genomic data) by these countries and certain “covered persons.”  

The bill would go into effect on September 1, 2025. Key provisions are summarized below:

• Broad Applicability: The bill would apply to a “medical facility, research facility, company, or nonprofit organization that conducts research on or testing of genome sequencing or the human genome” in Texas.
• Storage and Access to Genome Sequencing Data: The bill would impose obligations on regulated entities with respect to their storage of genome sequencing data of Texas residents within the borders of a foreign adversary, including access to such data within the borders of a foreign adversary.  Notably, these requirements do not apply to the storage of genome sequencing data by the regulated entities that is collected as part of a clinical trial or biomedical research study subject to, or conducted in accordance with, the DOJ DSP.  The bill also contains substantive provisions related to the use of genomic sequencing equipment or software produced by or on behalf of a foreign adversary or certain related parties.
• Sale or Transfer of Genomic Sequencing Data: The bill would prohibit the sale or transfer of genomic sequencing data of Texas residents as part of a bankruptcy proceeding to a foreign adversary, state-owned enterprise of a foreign adversary, or a company domiciled in a country that is a foreign adversary or its subsidiary or affiliate. 
• Annual Certification: By December 31 of each year, each regulated entity must certify its compliance with the Texas Genomic Act of 2025 to the Texas Attorney General.
• Private Right of Action and AG Enforcement: Texas residents can seek recovery for alleged violations, including actual damages or statutory damages up to $5,000 per violation.  The Attorney General can also seek up to $10,000 for each violation. 

Florida SB 768

Notably, the Florida governor recently signed a bill, SB 786, which is similar to certain provisions of the Texas Genomic Act of 2025, but is generally narrower in scope.  Specifically, the bill amends the provisions of Florida law that apply to the licensing of laboratories to require that the laboratory not use any operational or research software for genetic sequencing that is produced by a “foreign country of concern.”  “Foreign country of concern” aligns to “foreign adversaries” under the Texas Genomic Act of 2025, though also includes Syria. 

Federal Legislation

On May 22, 2025, a bipartisan group of Senators introduced the “Don’t Sell My DNA Act” which would amend the federal Bankruptcy Code, including to impose a notice and affirmative consumer consent requirement before genetic information is used, sold, or leased in a bankruptcy proceeding.

This is the second genetic privacy bill introduced during this Congress, with Senators Cassidy (R-LA) and Peters (D-MI) having introduced the Genomic Data Protection Act (“GDPA”) earlier this session in March, which specifically focuses on the privacy practices of DTC genomic testing companies.  Shortly after being introduced, the GDPA was referred to committee and has not advanced further.  We covered the GDPA in a prior Inside Privacy post, available here.

Sarah Stalnecker is the Global Privacy Director at New Balance Athletics, Inc., where she leads the integration of privacy principles across the organization, driving awareness and compliance through education, streamlined processes, and technology solutions.

 

body.single-post p, body.single-post li{131313;} body.single-post li a{E33E2B; font-weight: 400 !important;} .center-block{margin:0 auto;float:none;display:block;clear: both; margin-bottom: 0px;text-align: center;} .podwrap {margin-top:20px; }.podwrap img{margin-right:10px; width:98%; margin: 0px; } .podwrap.last{margin-bottom:12px; margin-top: 0px !important;}.podwrap.pod1{margin-bottom:0px;} .podwrap div{display:inline-block; width:21%;} iframe{text-align: center;display: block; margin: 20 auto; float : none;} .iframe-container{ position: relative;width: 100%;padding-bottom: 56.25%; height: 0;}.iframe-container iframe{position: absolute;top:0;left: 0;width: 100%;height: 100%;}
@media screen and (max-width: 640px){ .podwrap { width: 100%; position: relative; display: inline-block!important;}.podwrap div{width:36%;}.podwrap img{margin-bottom: 0px !important;} }

Here’s a glimpse of what you’ll learn:

• Sarah Stalnecker’s 20-year career journey from digital marketing to Global Privacy Director at New Balance
• How to build privacy programs that balance business needs with regulatory compliance
• Tips for using consumer personalization expectations to guide privacy conversations
• Why privacy teams are naturally positioned to lead AI governance and mitigate AI risks
• Methods to embed privacy requirements into company workflows
• How to evaluate and select privacy technology tools
• Tips for measuring privacy program success beyond traditional metrics

In this episode...

Operationalizing privacy programs starts with translating legal requirements into actions that work across teams. This means aligning privacy with existing tools and workflows while meeting evolving privacy regulations and adapting to new technologies. Today’s consumers also demand both personalization and privacy, and building trust means fulfilling these expectations without crossing the line. So, how can companies build a privacy program that meets regulatory requirements, integrates into daily operations, and earns consumer trust?

Embedding privacy into business operations involves more than just meeting regulatory requirements. It requires cultural change, leadership buy-in, and teamwork. Rather than forcing company teams to adapt to new privacy processes, organizations need to embed privacy requirements into existing workflows and systems that departments already use. Leading with consumer expectations instead of legal mandates helps shift mindsets and encourages collaborative dialogue about responsible data use. Documenting AI use cases and establishing an AI governance program also helps assess risks without reactive scrambling. Teams should also leverage privacy technology to scale processes and streamline compliance to ensure privacy becomes an embedded, organization-wide function rather than a siloed concern.

In this episode of She Said Privacy/He Said Security, Jodi and Justin Daniels chat with Sarah Stalnecker, Global Privacy Director at New Balance Athletics, about operationalizing privacy programs. Sarah shares how her team approaches data collection, embeds privacy into existing workflows, and uses consumer expectations to drive internal engagement. She also highlights the importance of documenting AI use cases and establishing AI governance to assess risk. Sarah provides tips on selecting and evaluating privacy technology and how to measure privacy program success beyond traditional metrics.

Resources Mentioned in this episode

• Jodi Daniels on LinkedIn
• Justin Daniels on LinkedIn
• Red Clover Advisors’ website
• Red Clover Advisors on LinkedIn
• Red Clover Advisors on Facebook
• Red Clover Advisors’ email: info@redcloveradvisors.com
• Data Reimagined: Building Trust One Byte at a Time by Jodi and Justin Daniels
• Sarah Stalnecker on LinkedIn
• New Balance

Sponsor for this episode...

This episode is brought to you by Red Clover Advisors.

Red Clover Advisors uses data privacy to transform the way that companies do business together and create a future where there is greater trust between companies and consumers.

Founded by Jodi Daniels, Red Clover Advisors helps companies to comply with data privacy laws and establish customer trust so that they can grow and nurture integrity. They work with companies in a variety of fields, including technology, e-commerce, professional services, and digital media.

To learn more, and to check out their Wall Street Journal best-selling book, Data Reimagined: Building Trust One Byte At a Time, visit www.redcloveradvisors.com.

@media screen and (max-width: 1023px){section[data-id=”block_a90991ffb9b62e2105117a77adedbfcf”]{ margin-top: -100px; margin-bottom: -50px;}}@media screen and (min-width: 1024px) and (max-width: 1365px){section[data-id=”block_a90991ffb9b62e2105117a77adedbfcf”]{ margin-top: -100px; margin-bottom: -50px;}}@media screen and (min-width: 1366px){section[data-id=”block_a90991ffb9b62e2105117a77adedbfcf”]{ margin-top: -100px; margin-bottom: -50px;}}

(function($){
$(‘[data-id=”block_a90991ffb9b62e2105117a77adedbfcf”]’).find( ‘.accordion-title’ ).on(‘click’, function(e) {
e.preventDefault();
$(this).toggleClass(‘active’);
$(this).next().slideToggle(‘fast’);
});
})(jQuery);

@media screen and (max-width: 1023px){section[data-id=”block_1d18ca1eab812f4116b726b97f95eb4f”]{ }}@media screen and (min-width: 1024px) and (max-width: 1365px){section[data-id=”block_1d18ca1eab812f4116b726b97f95eb4f”]{ }}@media screen and (min-width: 1366px){section[data-id=”block_1d18ca1eab812f4116b726b97f95eb4f”]{ }}

The post Operationalizing Privacy Across Teams, Tools, and Tech appeared first on Red Clover Advisors.

Our previous posts examined Ferguson’s broad regulatory philosophy of “staying in our lane” and his priority enforcement areas in children’s privacy and location data. This post explores Ferguson’s approach to emerging privacy issues that don’t fit neatly into established legal frameworks.

Skepticism of “Sensitive Categories” Designation

Ferguson has expressed significant skepticism about the FTC designating certain categories of data as inherently “sensitive” without clear statutory basis. In his September 2024 statement on the Social Media and Video Streaming Services Report, Ferguson criticized this approach:

“I am skeptical that this is the kind of injury the law should try to address… I doubt it could. Any such line would tend toward arbitrariness and is not a stable system on which to decide whether advertisements are illegal.”

Ferguson’s critique reflects his broader concern that creating subjective lists of “sensitive” data categories raises several problems:

1. Arbitrary line-drawing – Determining which categories qualify as “sensitive” is inherently subjective and potentially politicized.
2. Lack of statutory basis – Section 5 does not provide clear guidance on which categories of data should receive special protection.
3. Inconsistent application – When regulators decide which categories deserve protection, the resulting lists may reflect the decision-makers’ preferences rather than objective criteria.

Ferguson’s December 2024 concurrence in the Mobilewalla case provides the clearest view of his position on sensitive data categorization, where he wrote: “The FTC Act does not limit how someone who lawfully acquired those data might choose to analyze those data, or the conclusions that one might draw from them.” This reveals a fundamental distinction in his approach: While he believes the initial collection of sensitive data without consent may violate Section 5, he is skeptical that the FTC can regulate how lawfully obtained data is subsequently categorized or analyzed.

Ferguson’s analogy to private investigators is particularly telling: Just as investigators may legally observe someone entering a church and conclude they practice that religion, Ferguson believes that drawing conclusions from lawfully collected data is not, in itself, a Section 5 violation.

Surveillance Pricing: Fact-Finding Over Speculation

Ferguson has demonstrated a measured approach to emerging data practices like surveillance pricing — the use of consumer data to set personalized prices. In July 2024, he supported the FTC’s 6(b) study into these practices, explaining:

“One of the most important duties with which Congress has entrusted us is studying markets and industries and reporting to the public and Congress what we learn… These studies may inform future Commission enforcement actions, but they need not.”

His statement emphasized the importance of thorough fact-finding before developing policy positions, noting:

“Congress and the American people should be made aware of whether and how consumers’ private data may be used to affect their pocketbooks.”

However, in January 2025, Ferguson joined Commissioner Melissa Holyoak in dissenting from the release of preliminary “research summaries” on surveillance pricing. His dissent criticized the rushed release of early findings:

“Issuing these research summaries degrades the Commission’s Section 6(b) process. The Commission should not be releasing staff’s early impressions that ‘can be outdated with new information’ because the fact gathering process on the very issues being presented to the public is still underway.”

This suggests a commitment by Ferguson to thorough investigation of privacy issues before regulation, particularly with emerging practices that implicate consumer data.

Balancing Evidence and Action

Ferguson’s approach to both sensitive data categories and surveillance pricing illustrates his broader privacy philosophy:

1. Demand robust evidence – Before taking regulatory action on privacy practices, Ferguson wants complete factual records that demonstrate actual harm.
2. Favor established laws over novel theories – His skepticism of “sensitive categories” shows preference for established legal frameworks rather than expanding statutory interpretations.
3. Emphasize procedural integrity – His objection to preliminary research summaries reveals concern with fair, thorough processes before reaching conclusions about data practices.

Ferguson appears to maintain a genuine openness to evidence that might show consumer benefits from practices such as data categorization or personalized pricing. His insistence on completing thorough market studies reflects not just procedural formalism but a substantive commitment to evidence-based regulation that considers both potential harms and benefits.

What This Means for Businesses

Based on Ferguson’s positions, here are some considerations for businesses:

For Data Categorization:

• Focus on consent mechanisms for data collection rather than worrying about how lawfully collected data is analyzed.
• Document legitimate business purposes for data analysis.
• Keep watch for potential future legislation that might specifically designate certain data categories for special protection.
• Distinguish clearly between initial data collection practices (which face greater scrutiny) and subsequent analysis of lawfully collected data (which faces less scrutiny).

For Surveillance Pricing and Similar Practices:

• Expect continued scrutiny of personalized pricing practices, but through careful study rather than immediate regulation.
• Maintain transparency about how customer data influences pricing.
• Document how pricing algorithms use personal data.
• Consider implementing clear opt-out mechanisms for data-based pricing.
• Document instances where personalized pricing benefits consumers through lower prices or increased access, as Ferguson’s evidence-based approach may be receptive to such benefits.

Evolution Rather Than Revolution

Ferguson’s approach suggests the FTC under his leadership will maintain strong privacy enforcement but with a focus on clear statutory violations rather than expanding interpretations of unfairness. For data categorization and surveillance pricing, this means:

1. Continued fact-finding – The commission will likely invest in thorough market studies before developing policy positions.
2. Focus on deception over unfairness – Companies making false or misleading claims about data practices will face scrutiny, while novel “unfairness” theories will receive more skepticism.
3. Emphasis on consent and transparency – Proper notice, consent, and transparency will remain central to the FTC’s privacy enforcement.

This approach represents evolution rather than revolution in the commission’s privacy work, with a measured path that balances consumer protection with business certainty and technological innovation.

• Was the data trained on minorities?
• How long will the retailer retained data that wasn’t matched?
• Data minimization techniques (including when to share among stores and when to add to a watchlist).
• How accurate should the match be to trigger consideration (92.5%)?

According to a June 7 article in India Today, KiranaPro suffered a massive data wipe affecting critical business information and customer data. The company’s CEO believes the incident was likely the result of a disgruntled former employee, though he has not ruled out the possibility of an external hack, according to reporting. TechCrunch explained:

The company confirmed it did not remove the employee’s access to its data and GitHub account following his departure. “Employee offboarding was not being handled properly because there was no full-time HR,” KiranaPro’s chief technology officer, Saurav Kumar, confirmed to TechCrunch.

Unfortunately, this is not a uniquely Indian problem. Globally, organizations invest heavily in technical safeguards—firewalls, multi-factor authentication, encryption, endpoint detection, and more. These tools are essential, but not sufficient.

The Silent Risk of Inactive Accounts

One of the most common (and preventable) vectors for insider incidents or credential abuse is failure to promptly deactivate system access when an employee departs. Whether termination is amicable or not, if a former employee retains credentials to email, cloud storage, or enterprise software, the organization is vulnerable. These accounts may be exploited intentionally (as suspected in the KiranaPro case) or unintentionally if credentials are stolen or phished later.

Some organizations assume their IT department is handling these terminations automatically. Others rely on inconsistent handoffs between HR, legal, and IT teams. Either way, failure to follow a formal offboarding checklist—and verify deactivation—may be a systemic weakness, not a fluke.

It’s Not Just About Tech—It’s About Governance

This breach illustrates the point that information security is as much about governance and process as it is about technology. Managing who has access to what systems, when, and why is a core component of security frameworks such as NIST, ISO 27001, and the CIS Controls. In fact, user access management—including timely revocation of access upon employee separation—is a foundational expectation in every major cybersecurity risk assessment.

Organizations should implement the following best practices:

1. Establish a formal offboarding procedure. Involve HR, IT, and Legal to ensure immediate deactivation of all accounts upon separation.
2. Automate user provisioning and deprovisioning where possible, using identity and access management (IAM) tools.
3. Maintain a system of record for all access rights. Periodically audit active accounts and reconcile them against current employees and vendors.
4. Train supervisors and HR personnel to notify IT or security teams immediately upon termination or resignation. There also may be cases where monitoring an employee’s system activity in anticipation of termination may be prudent.

The Takeaway

Wherever your company does business and regardless of industry, the fundamentals are the same: a lapse in basic access control can cause as much damage as a ransomware attack. The KiranaPro incident is a timely cautionary tale. Organizations must view cybersecurity not only as a technical discipline but as an enterprise-wide responsibility.

Background

IAB Europe is a non-profit association that represents the digital advertising and marketing sector at the European level. It developed the TCF to standardize the way online publishers, advertisers, and other participants in the ad-tech ecosystem collect user consent for data processing in accordance with the GDPR.

The TCF is widely applied in the context of a real-time auctioning system used to acquire advertising space for the display of targeted advertisements online. A key component of the TCF is the TC String.

The TC String is a combination of letters and characters which encodes and records user preferences through consent management platforms (“CMPs”) when users visit a website or app. The TC String is then shared with ad platforms and other participants of the ad-tech ecosystem; the CMP also places a specific cookie on the user device. When combined, the TC String and this cookie can be linked to the user’s IP address.

In February 2022, the Belgian DPA decided that:

• the TC String constitutes personal data under Art. 4(1) GDPR,
• IAB Europe qualifies as a controller under Art. 4(7) GDPR, and
• the TCF, as implemented, did not meet certain GDPR requirements (for details see our previous blogpost).

IAB Europe appealed the decision, and in the course of proceedings, the Brussels Court of Appeal referred several key legal questions to the CJEU. In March 2024, the CJEU confirmed that:

• the TC String may constitute personal data under Art. 4(1) GDPR if it can be combined with other data to identify a user.
• IAB Europe can, under certain circumstances, be considered a controller under Art. 4(7) GDPR.
• IAB Europe is not automatically a controller for further processing activities by third parties if it does not determine the purposes or means of those processing activities (for details see our previous blogpost).

Findings of the Brussels Court of Appeal

The Brussels Court of Appeal partially annulled the Belgian DPA’s original €250,000 fine against IAB Europe —but solely on procedural grounds. Substantively, the Court confirmed the Belgian DPA’s main findings.

The key rulings include:

• Personal Data Classification: in line with the CJEU, the Court confirmed that the TC String qualifies as personal data when combined with additional identifying information such as the user’s IP address.
  
• Controller Status: the Court agreed that IAB Europe acts as a (joint) controller within the meaning of Art. 26 GDPR for processing operations within the TCF. However, IAB Europe was found not to be a controller for processing activities conducted solely within the OpenRTB protocol framework, over which it has no control.
  
• GDPR Violations Identified:
  • IAB Europe failed to establish a valid legal basis under Art. 6(1) GDPR for processing personal data via the TC String. In particular, legitimate interest under Art. 6(1)(f) GDPR could not be relied upon, as the necessity of the processing was not demonstrated.
  • Lack of Transparency: the framework failed to provide users with clear and accessible information, in violation of Art. 12–14 GDPR.
  • No Data Protection Impact Assessment (“DPIA”): a DPIA required under Art. 35 GDPR was not conducted.
  • Additional Violations: the Court found further infringements of Art. 5(1)(f), 25, 32, and 37 GDPR, concerning data security, privacy by design, and data protection officer obligations.

Conclusion

At first glance, the judgement provides important guidance on the compliance of IAB Europe when implementing the TCF.

However, it remains to be seen what the consequence of the judgement will be. It is worth noting that the judgment applies specifically to TCF versions 1.0 and 2.0. The currently deployed version – TCF 2.2 – was not subject to review in this case. Whether future implementations of the TCF will satisfy GDPR requirements remains an open question and may be subject to future regulatory scrutiny. Many of the points criticized have already been rectified in the version 2.2 of the TCF. The remaining uncertainty concerns the fact of whether and under which circumstances IAB Europe can qualify as a (joint) controller in relation to the TC String in its current version. This largely depends on whether IAB Europe has real decision-making power over the purposes and means of processing.

Moreover, the question of whether an individual company is in breach of GDPR when using the TCF remains a matter for national data protection authorities to decide on a case-by-case basis.

Background

In this case, persons who violated certain applicable rules for parking in a designated area (e.g., did not display a badge indicating their right to park), set out in a property rental agreement, faced collection actions for alleged parking violations from a third-party debt collection company.  However, the rental agreement made no mention of such enforcement of the rules or any requirement to display a parking permit.  Despite this, the debt collection agency processed the renter’s personal data to pursue contested parking fines.

Upon review, the Data Protection Ombudsman determined that the absence of any contractual provision pertaining to the enforcement of the parking rules in the rental agreement meant there was no lawful basis for processing the renter’s personal data for enforcement purposes.  In this case, the third-party debt collection company may not rely on Article 6(1)(b) of the GDPR (“processing [that] is necessary for the performance of a contract to which the data subject is party”).  From a contract law perspective, the agreement between the party renting out the parking spaces and the third-party debt collection company did not bind individual renters, as the terms were not referenced in the latter’s rental agreement.

Why Service Descriptions Matter in Contracts

While the General Data Protection Regulation (GDPR) requires a lawful basis for personal data processing, EU consumer law—specifically the Consumer Rights Directive (CRD) and the Unfair Commercial Practices Directive (UCPD)—requires that consumers receive clear, comprehensive information about the characteristics of products and services before entering into a contract.  This includes details on enforcement mechanisms, such as fines or collection actions, if they are part of the service.

• The CRD (Directive 2011/83/EU) obliges traders to inform consumers about the main characteristics of services and any conditions for enforcement or termination before the contract is concluded.
• The UCPD (Directive 2005/29/EC) prohibits misleading omissions, ensuring consumers are not left in the dark about key contract features.

If enforcement mechanisms are not clearly described and agreed upon, not only may the consumer’s right to information be infringed, but any data processing for enforcement purposes may lack a lawful basis under the GDPR.

Implications for Service Providers

For service providers, the key takeaways are:

• Review and update contract templates to ensure that all enforcement mechanisms and data processing purposes for fulfilling and enforcing the contract are clearly described.
• Before processing personal data with the intention of enforcing contractual terms that have been breached or other purposes, verify that the contract with the consumer expressly covers these activities.

*              *              *

Covington & Burling continues to monitor and advise companies on navigating EU data protection law and its intersection with EU consumer protection law.  Please do reach out if you need assistance in these areas.

(This blog post was written with the contribution of Alberto Vogel.)

The potential applications of quantum computing are wide-ranging and industry-agnostic. For instance, they could be used to enhance the analysis of large, complex data sets, optimize supply-chain processes, and enhance artificial intelligence (“AI”) technologies and improve machine learning algorithms.

Given the potential applications, quantum computing could have a significant impact on companies in the life sciences sector, and more specifically could be used to improve:

1. Drug discovery

Classical computational methods play a crucial role in the drug discovery and design process by providing tools and techniques to model, predict and analyze the behavior of chemical systems. Quantum computing technologies have the potential to offer a more powerful, accurate and efficient alternative to classical computers, and can simulate more intricate chemical structures and interactions, leading to more optimized drug design.

Quantum computing can also be used as a complementary technology in conjunction with AI, which is already being used for drug discovery, thus exponentially increasing the accuracy and speed of the drug discovery process and potentially reducing the associated costs.

2. Clinical development

Quantum computers are far superior to classical computers when handling problems with multiple variables and complex datasets and it is exactly these capabilities that can be leveraged in clinical development phases.  For example, quantum computing can be used to optimize the design of clinical trials; to enhance the data analysis and modelling process post-clinical trial by quickly detecting complex patterns and correlations; to monitor and adapt clinical trials in real-time, allowing for dynamic adjustments to protocols to maximize individual patient outcomes and address emerging safety concerns.

Quantum computers can be used in conjunction with AI, specifically machine learning, to analyze genetic and biomolecular data in order to better predict individual responses to specific treatments and create optimal treatment plans tailored to the genetic makeup and health condition a specific patient.

3. Diagnostics

Quantum computing technologies have the potential to enhance patient diagnosis and personalized care. Not only can quantum computing improve image reconstruction and quality, but it also has the potential to aid faster, more accurate and more precise image analysis and interpretation by considering multiple data points at the same time, when compared to classical computing methods.

In additions, quantum sensing is an emerging technology that uses quantum technology principles to detect or ‘sense’ changes in physical qualities such as temperature, motion, light and chemical composition. The high sensitivity and resolution of this technology offers the possibility of more efficient and accurate medical diagnosis, and it is likely we will see more of quantum sensing not just in classical medical diagnostic imaging settings, but also in wearables and health monitors. 

For life sciences companies operating in the medical imaging field, quantum computing offers a real and unprecedented opportunity to tackle complex diagnostic challenges.  For patients, the exploitation of quantum technologies could dramatically improve disease diagnosis and prognosis.

4. Therapy

Quantum computers have the potential to vastly advance the field of personalized medicine.  The exponential power of a quantum computer, compared to a classical computer, can be utilized to more efficiently and accurately calculate dosing regimens, improve treatment plans, and predict and improve individual patient outcomes.

5. Manufacturing and supply chain processes

Quantum computing technologies have the potential to optimize both the manufacturing and distribution of products. Quantum computing’s near real-time data processing capabilities can be used for more effective inventory management, demand forecasting and route planning, leading to a more robust supply chain particularly in the context of the pharmaceutical cold chain.

6. Generation of Synthetic Data

As the world becomes increasingly driven by data, the most valuable resource of the future will likely be data itself.  One potential issue is that there will not be enough credible, high-quality data to meet demand. Quantum computing has the power to generate higher-quality, more accurate synthetic data that simulates real-world data, thereby working towards alleviating the data scarcity issue. 

Quantum computing and emerging quantum technologies have the potential to reduce the costs associated with research and development, and thus has the potential to open up research in rare, complex, and underfunded disease areas. However, the benefits of quantum computing are not without risk. Most significantly for the life sciences sector, there is a concern that in the future, quantum technologies may have the ability to solve the complex mathematical problems that underpin currently used cryptography methods, posing a threat to personal and sensitive patient data.

It remains to be seen how and when the field of quantum computing will develop, and how its potential impacts will be seen and felt. Quantum computing is still in the early stages of development and government policy, investment and regulation will likely play a crucial role in the growth of this technology in the EU, UK, U.S. and beyond.

Covington is monitoring developments globally in this fast-growing area.

Visit Covington’s Quantum Computing web page for additional updates.  Please reach out to a member of the team with any inquiries.

One that’s especially popular, though, is “build the plane while flying it.” 

This phrase evokes agility, responsiveness, and innovation—even if it doesn’t speak to a totally-thought-through roadmap. But the fact is, in plenty of contexts—iterative product launches, new market expansions—it’s not a bad approach. Sometimes you have to get off the ground before adjusting midair.

But when it comes to employee privacy? You need the plane fully built before takeoff.

Otherwise, you’re not just looking at some harmless turbulence. You’re facing regulatory headwinds, damaged employee trust, potential lawsuits, and a lot of metaphorical oxygen masks dropping from the ceiling.

Why employee privacy matters more now than ever

How companies collect, store, and manage employee data has changed—and so have the expectations around how that information should be handled.

Today, employee information lives across cloud-based HR platforms, payroll systems, benefits portals, third-party vendors, collaboration apps, and AI-driven business tools. At the same time, remote work has made employee data more vulnerable.

Employees are also paying closer attention. They want to know how their personal information is used, who has access to it, and what rights they have to control it.

Regulators have responded to this shift. Laws like the California Consumer Privacy Act (CCPA) and the European Union’s General Data Protection Regulation (GDPR) establish enforceable rights for employees over their data. Under these frameworks, companies are required to:

• Disclose what they collect and why—before collecting it
• Provide employees access to their data, and allow them to correct, delete, or limit its use
• Enforce data minimization and retention policies
• Monitor third-party vendors that process employee information

These regulations are broad in scope. GDPR, for example, applies to organizations that are processing data on those in the EU, even if the company itself is based in the US. (This goes for the California Consumer Privacy Act (CCPA) too—a global company based outside of California, for example, would be in scope for the law if it has employees in the state.) Remote work makes jurisdictional boundaries even harder to manage, adding risk for businesses that apply inconsistent standards across locations.

Just as employee privacy is spread across numerous systems, risk is spread across multiple spheres: regulatory, brand credibility, and talent retention. 

What a good employee privacy notice does

At its core, a strong employee privacy notice accomplishes three things:

1. First, it keeps you compliant with CCPA and GDPR.     
2. Second, it explains what data is collected, used, stored, and shared, as well as the various privacy rights of the employees. 
3. Finally, it makes your privacy posture visible to said employees, so they don’t have to wonder how their data is handled.  

But what goes into a “good” employee privacy notice? This will depend on your organization’s needs, but at minimum, your notice should answer:

• What personal data do you collect?
• Why are you collecting it?
• Who can access it?
• How long will you keep it?
• What rights do employees have regarding accessing, correcting, or deleting their information?

But the best notices go beyond listing facts. They show real thinking about how employee data moves through your systems—and how your company upholds employee rights in practice.

For example:

• If you use productivity monitoring software, the notice should spell out precisely what’s tracked—keystrokes, browsing history, login times—and who can see that information. It should also explain how the data is protected, when it’s deleted, and, if required, how employees’ written consent is obtained before monitoring begins.

• If you collect health information for benefits programs, employees should know if that information stays internal, is shared with vendors, or is segregated from other HR files.
• And if employees have the right to request data access, correction, or deletion (as they do under CCPA and GDPR), the notice must explain the process clearly, without legalese.

Bridging the gap between policy and practice

Most companies have gaps between their employee privacy notice and their daily practices. The key is to identify where those breakdowns occur and address them systematically.

Here are some of the most common problems businesses are facing—and practical steps to close the gaps:

Problem: employee data sprawl with no real oversight

Employee data doesn’t live in one clean database. But without a unified view, it’s almost impossible to protect employee data or respond promptly (and correctly) to a rights request.

How to fix it: Conduct a complete employee data inventory across all departments and vendors. Map what you collect, where it’s stored, how it’s used, who has access, and how long it’s retained. 

Start simple: spreadsheets are fine. For closer management, label sensitive fields like Social Security numbers, bank information, or health records. Update your inventory quarterly or anytime a new system goes live or anytime new data is collected or used in a different manner. 

Problem: over-collecting information without a clear purpose

Organizations often default to “gather it all” thinking, such as those extra fields on onboarding forms, surveys, and benefits enrollment portals that don’t have an immediate critical necessity. 

However, the more data you collect, the more regulatory and security exposure you create.

How to fix it: Audit every point where employee data is collected. If you can’t point to a legal requirement or a documented business purpose for a field, eliminate it. Focus especially on sensitive categories where laws may impose stricter standards. 

Moving forward, incorporate data minimization reviews into annual HR processes.

Problem: shadow IT and unsanctioned tools

When teams adopt business tools without going through a privacy review, employee information can end up in unsecured environments. This makes it impossible to enforce retention, access, or deletion rights.

How to fix it: Formalize a lightweight software approval workflow. Require teams to submit a quick intake form describing any new tool that touches employee data. Privacy and IT teams can review access controls, vendor practices, and data sharing settings before approval. 

Make sure employee training programs—especially those related to AI usage—explain why entering sensitive data into tools like chatbots is risky.

Problem: no real system for handling employee rights requests

Under laws like the CCPA and GDPR, employees have the legal right to access, correct, or delete their personal data. That means your company needs a defined way to intake, verify, and respond to those requests—whether you get five a year or fifty.

Manual processes aren’t necessarily non-compliant. But they can create delays, confusion, or missed steps—especially if requests span multiple systems, involve sensitive data, or require input from more than one team.

How to fix it: Establish a clear workflow for handling employee rights requests. Assign responsibility for verifying identity, coordinating across departments, and tracking deadlines. If requests are rare, this might be a well-documented manual process. If volume or complexity increases, consider adding software to log activity, route requests, and maintain an audit trail.

Let’s get your employee privacy notice off the ground.

At Red Clover Advisors, we help businesses turn privacy from a compliance headache into a real operational advantage. Whether you need a clear employee privacy notice, a working data inventory, a rights request process, or all of the above, we’ll help you make privacy something you can be proud of, not something you scramble to fix later.

@media screen and (max-width: 1023px){section[data-id=”block_b40b45cd0e824aa385725dd450be5cc0″]{ margin-top: 0px; }}@media screen and (min-width: 1024px) and (max-width: 1365px){section[data-id=”block_b40b45cd0e824aa385725dd450be5cc0″]{ margin-top: -50px; }}@media screen and (min-width: 1366px){section[data-id=”block_b40b45cd0e824aa385725dd450be5cc0″]{ margin-top: -50px; }}

The post Employee Privacy Notice: Why Your Business Can’t Afford to Wing It   appeared first on Red Clover Advisors.

Last year, we wrote about updates from the Department of Justice (DOJ) and the DOJ’s proposed enforcement efforts and regulations implementing Executive Order 14117 “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Data by Countries of Concern” (Rule).

A year later, the DOJ has finalized the Rule and developed guidance on what companies handling (i) bulk U.S. sensitive personal data or (ii) U.S. Government-related data must know, especially when interacting with persons and entities in ”Countries of Concern,” which currently include:

• China (includes Hong Kong and Macau)
• Cuba
• Iran
• North Korea
• Russia
• Venezuela

In April of this year, the DOJ’s National Security Division (NSD) issued its Data Security Program and corresponding Compliance Guide (DSP) and Frequently Asked Questions (FAQs) providing information that all U.S. entities must understand and follow to comply with the Rule. The NSD’s stated primary mission with respect to the implementation and enforcement of the DSP is to protect U.S. national security from Countries of Concern that may seek to collect and weaponize both government data and Americans’ most sensitive personal data.

As we have written previously, the DSP will require U.S. organizations to look deeply into their data collection and data sharing practices to determine whether they are (i) providing covered data to a Country of Concern and (ii) subject to the DSP’s requirements.

All U.S. organizations handling government-related data and bulk U.S. sensitive personal data must make good-faith efforts to comply with the DSP by July 8, 2025.

Specifically between now and then, those organizations need to consider quickly doing the following:

• Assess Applicability. U.S. organizations first need to understand if they process and share either “government-related data” or “bulk transfers of sensitive personal information as part of “covered transactions” with “covered persons” in Countries of Concern
  
• Evaluate Compliance Status and Address Any Gaps. Assuming the law applies to a U.S. organization’s data processing operations, the organization should conduct necessary diligence and take steps to comply. The DOJ has stated while the Rule is currently in effect, it will commence enforcement on July 8, 2025.

To assist in this endeavor, the following is a general overview of what U.S. organizations should understand and be working on as the applicable compliance deadlines approach. As with all Taft PDS posts, this is not intended to be an exhaustive summary or legal advice. Businesses considering compliance should consult qualified legal counsel. 

Part 1: The Basics

A. What is the DSP’s Purpose? In line with the DSP’s stated purposes to protect the data of the United States and its citizens, the DSP establishes export controls that prevent foreign adversaries in Countries of Concern, and those subject to their control and direction, from accessing U.S. Government-related data and bulk U.S. sensitive personal data.

B. What is “U.S. Government-Related Data” and “Bulk U.S. Sensitive Personal Data?”

1. U.S. Government-Related Data. There are two types of government-related data.
   • The first type is any precise geolocation data, regardless of volume, for any location within any area enumerated on the Government-Related Location Data List. Examples of such locations include: (i) worksite or duty station of Federal Government employees or contractors who occupy a national security position; (ii) a military installation; or (iii) facilities or locations that otherwise support the Federal Government’s national security, defense, intelligence, law enforcement, or foreign policy missions.
   • The second type of government-related data is any sensitive personal data, regardless of volume, that a transacting party markets as linked or linkable to current or recent former employees or contractors, or former senior officials, of the United States Government, including the military and the intelligence community.
     
     The terms “recent former employees” or “recent former contractors” mean employees or contractors who worked for or provided services to the United States Government, in a paid or unpaid status, within the past two years of a potential Covered Data Transaction (defined below) with a Country of Concern or Covered Person (defined below).
     
2. Bulk U.S. Sensitive Personal Data. The term “bulk U.S. sensitive personal data” means a collection or set of sensitive personal data relating to U.S. persons, in any format, regardless of whether the data is anonymized, pseudonymized, de-identified, or encrypted, (emphasis added), where such data meets or exceeds the applicable “bulk” threshold set forth below.
   • “Sensitive personal data” means covered personal identifiers, precise geolocation data, biometric identifiers, human ‘omic data, personal health data, personal financial data, or any combination thereof.
   • “Bulk” means any sensitive personal data that meets or exceeds the following thresholds at any point in the preceding 12 months, whether through a single Covered Data Transaction or aggregated across Covered Data Transactions involving the same U.S. person and the same foreign person or Covered Person:
     • Human `omic data collected about or maintained on more than 1,000 U.S. persons, or, in the case of human genomic data, more than 100 U.S. persons;
     • Biometric identifiers collected about or maintained on more than 1,000 U.S. persons;
     • Precise geolocation data collected about or maintained on more than 1,000 U.S. devices;
     • Personal health data collected about or maintained on more than 10,000 U.S. persons;
     • Personal financial data collected about or maintained on more than 10,000 U.S. persons;
     • Covered personal identifiers collected about or maintained on more than 100,000 U.S. persons; or
     • Combined data, meaning any collection or set of data that contains more than one of the categories above, or that contains any listed identifier linked to categories in paragraphs (a) through (e) in § 202.205, where any individual data type meets the threshold number of persons or devices collected or maintained in the aggregate for the lowest number of U.S. persons or U.S. devices in that category of data.

C. Which Entities Must Abide by the DSP? The NSD expects all U.S. organizations
to understand their transactions and comply with the DSP. Specifically, U.S.
organizations should know:

• any Covered Person, including vendors, contractors, employees in a Country of Concern that the organization interacts with;
• the kinds of data the organization collects or maintains on U.S. persons or U.S. devices;
• the volume of data the organization collects or maintains on U.S. persons or U.S. devices (including whether this volume meets the “bulk” thresholds under the Rule);
• how the organization uses the data;
• whether the organization engages in Covered Data Transactions; and
• how such data is marketed, particularly with respect to current or recent former employees or contractors, or former senior officials, of the United States government, including the military and intelligence community (e.g., if the organization collects certain data from members that are military/government employees).

D. What is a Covered Data Transaction under the Rule and DSP? A Covered Data
Transaction is a transaction that (1) involves any access by a Country of Concern or
Covered Person to any government-related data or bulk U.S. sensitive personal data
and (2) that involves: (a) data brokerage; (b) a vendor agreement; (c) an employment
agreement; or (d) an investment agreement. These transactions are further classified
as prohibited and restricted transactions, with specific obligations and restrictions
that attach to each class of transaction.

The DSP does not address purely domestic data transactions between U.S.
persons—such as the collection, maintenance, processing, or use of data by
U.S. persons within the United States—unless such U.S. persons are designated
as Covered Persons by the NSD.

E. Who are Covered Persons? There are five classes of Covered Persons under the Rule and DSP, which include:

• an entity owned by, controlled by, or subject to the jurisdiction or direction of a Country of Concern;
• a foreign person who is an employee or contractor of such an entity;
• a foreign person who is an employee or contractor of a Country of Concern;
• a foreign person who is primarily resident in the territorial jurisdiction of a Country of Concern;
• those persons NSD designates and publicly identifies (including both foreign and U.S. persons) as Covered Persons. The NSD will add designated persons to the Covered Persons List published in the Federal Register. Designated Covered Persons retain their Covered Persons status, even when located in the United States.

F. Prohibitions, restrictions, and exemptions.

• Prohibitions. U.S. companies are prohibited from knowingly engaging in data brokerage transactions, the sharing of government related data, or the bulk transfer of sensitive personal data with Covered Persons in COC. U.S. companies must not knowingly engage in the sharing of Covered Data as part of Covered Transactions with Covered Persons in COC after April 8, 2025.  Likewise, companies should not direct other entities or foreign individuals to do so.  This knowledge requirement is met if a U.S. organization has “actual knowledge or reasonably should have known that the transaction involved access to covered data by a covered person.”
• Restrictions. The Rule also places certain restrictions on other Covered Transactions involving vendor, employment or investment agreements.  Restricted transactions are allowed, provided the business or person:
  • CISA safeguards. The organization must adhere to cybersecurity requirements issued by the Cybersecurity and Infrastructure Security Agency (CISA);
  • Compliance program. The organization must establish and maintain an individualized, risk-based and written data compliance program, which meets several minimum requirements.
  • Annual audits. The organization must conduct independent audits on an annual basis that address the requirements of the DSP. Record requirements. The organization must also comply with applicable recordkeeping and reporting obligations.
• Exemptions. The Rule, through the DSP, also provides the following exemptions from the Rule’s requirements:
  • personal communications that do not involve the transfer of anything of value;
  • importation or exportation of any information or informational materials (which is limited to expressive material); activities or transactions ordinarily incident to travel from any country and related transactions;
  • conducted for official U.S. government business;
  • ordinarily incident to and part of the provision of financial services described in the regulations;
  • corporate group transactions to the extent that they are ordinarily incident to and part of administrative or ancillary business operations (such as, among other things, payroll transactions or business taxes);
  • transactions required or authorized by federal law or international agreement, or necessary to comply with federal law; investment agreements subject to a Committee of Foreign Investment in the United States (CFIUS) action defined under the regulations. DSP obligations apply until and unless CFIUS takes action;
  • ordinarily incident to telecommunications services, including the provision of voice and data communications services, but not all internet-based services, like cloud computing. This exemption does not apply for transactions involving data brokerage; and certain drug, biological product and medical device authorizations, and other clinical investigations and post-marketing surveillance data.
  • certain drug, biological, product and medical device authorizations, and other clinical investigations and post-marketing surveillance data.

Part 2. Implementation, Compliance and Enforcement

A. What are the Penalties for Violating the DSP? The NSD, under the International Emergency Economic Powers Act (IEEPA) and the DSP, has the authority to bring both civil enforcement actions and criminal penalties for violations of the DSP’s requirements. Unlawful acts under the IEEPA may lead to penalties up to the greater amount of $368,136 or twice the value of each violative transaction. Willful violations of IEEPA are punishable by imprisonment of up to 20 years and a $1,000,000 fine.

B. Relevant Compliance Timeline & Grace Period

The NSD’s core prohibitions and restrictions on Covered Data Transactions took effect April 8, 2025. The NSD stated a grace period is in effect and it will not prioritize its civil enforcement of the DSP until July 8, 2025. However, the NSD will immediately pursue enforcement for willful and egregious violations of the DSP.

Additional DSP compliance requirements, including those related to due diligence, auditing and reporting take effect on October 6, 2025.

C. Business Considerations During the DSP Grace Period

All U.S. organizations handling government-related data and bulk U.S. sensitive personal data must make good-faith efforts to comply with the DSP. Specifically between now and the end of the enforcement grace period on July 8, 2025, the NSD has identified initial efforts for covered entities to include:

• conducting an internal review of access to sensitive personal data, including whether transactions involving access to such data flows constitute data brokerage;
• reviewing internal datasets and datatypes to determine if they are potentially subject to the DSP
• renegotiating vendor agreements or negotiating contracts with new vendors;
• transferring products and services to new vendors;
• conducting due diligence on potential new vendors;
• negotiating contractual onward transfer provisions with foreign persons who are the counterparties to data brokerage transactions
• adjusting employee work locations, roles, or responsibilities;
• evaluating investments from Countries of Concern to Covered Persons;
• renegotiating investment agreements with Countries of Concern or Covered Persons;
• implementing the Cybersecurity and Infrastructure Agency (CISA) Security Requirements, including the combination of data-level requirements necessary to preclude Covered Person access to regulated data for restricted transactions.

The robust initial steps prescribed by the NSD show that DSP compliance is not something companies should place on the back burner. While the steps above may seem daunting and time-consuming, the first step every U.S. organization should take is determining whether your organization interacts with Covered Persons/ is doing business in a Country of Concern. From there, working with legal counsel to get up to speed on DSP compliance is imperative. The NSD also encourages the public to contact the Division at nsd.firs.datasecurity@usdoj.gov with questions or information about the DSP and the guidance NSD has released.

Taft’s Privacy & Data Security team will continue to monitor updates from the DOJ on the Rule, DSP compliance and DSP enforcement actions. For more data privacy & security-related updates, please visit Taft’s Privacy & Data Security Insights blog.

The DAA intends to meet with relevant stakeholders, such as trade associations, advertisers, publishers, and ad tech over the coming weeks to consider the following issues:

• the appropriate industry participants;
• the current and anticipated use cases for IBA data by AI systems and tools;
•  consumer expectations around the collection and use of such data; and
• the legal and regulatory gaps/overlaps with any such guidance

While it is too early to tell what specific guidance will entail, the CEO of the DAA stated in the DAA’s announcement that the goal of the review is to “look at the steps companies can take to ensure they are providing appropriate information and control to consumers around the collection and use of IBA data by those [artificial intelligence] systems.”

The first section below provides a summary of revisions to existing federal government policy.  The second section provides a chart of new directives to federal government departments and agencies.

Amendments to Prior Orders

The new Order seeks to amend existing federal government policies and regulations (as previously set by Executive Orders 14144 and 13694) to: (i) remove certain requirements for secure software development attestations, directives tied to acceptance of digital identity documentation, and certain technical hardening measures for identity verification and email encryption, and (ii) more expressly focus cybersecurity-related sanctions authorities specifically to foreign (as opposed to any) cyber threat actors that target U.S. critical infrastructure.

• Secure Software Acquisition:  The Order removes certain requirements relating to secure software attestations that federal government contractors must submit to contracting agencies.  This includes elimination of the requirement that attestations must be in machine readable format.  This also includes elimination of the directive for centralized validation of software attestations by the Cybersecurity and Infrastructure Security Agency (“CISA”).  Likewise, the associated directive to the Federal Acquisition Regulatory Council to amend the Federal Acquisition Regulation (“FAR”) to incorporate those requirements has also been eliminated.  The Fact Sheet accompanying the Order notes that one goal was to eliminate requirements for “imposing unproven and burdensome software accounting processes that prioritized compliance checklists over genuine security investments.”  However, the Order did not address the more general requirement for software attestations that appeared in the May 2021 Executive Order No. 14028 “Improving the Nation’s Cybersecurity,” as implemented through Office of Management and Budget (“OMB”) Memoranda (M-23-16 and M-22-18) and the CISA Common Self-Attestation Form.  Thus, it is unclear whether this Administration will promulgate regulations that would implement those requirements from the 2021 EO within the FAR, suspend any requirement for further attestations until NIST issues the final update of its Secure Software Development Framework required by the Order, eliminate the requirement for attestations altogether, or impose attestation requirements  on a contract-by-contract basis and continue to maintain the CISA repository for those forms.

• Solutions to Combat Cyber Crime and Fraud:  The Order removes prior directives for federal government agencies to accept digital identity documentation (e.g., digital driver’s licenses) for public benefit programs.

• Identity Technologies: The Order removes prior requirements for the Federal Civilian Executive Branch (“FCEB”) to deploy commercial phishing-resistant standards such as “WebAuthn.”

• Email Encryption: The Order removes a directive to OMB to require the expanded use of authenticated transport-layer encryption (“TLS”) between email servers used by FCEB agencies to send and receive emails.

• Quantum Computing:  The Order scales back quantum computing initiatives, included as part of National Security Memorandum 10 (“NSM-10”)(“On Promoting United States Leadership in Quantum Computing While Mitigating Risk to Vulnerable Cryptographic Systems,” May 4, 2022) implemented through OMB Memorandum (M-23-02), that required federal agencies to adopt post-quantum cryptography (“PQC”) as quickly as feasible and encourage technology vendors to do the same, as well as pushing for it being accepted internationally.  The Order retains only a requirement for CISA to maintain a list of product categories where PQC-enabled tools are widely available.

• Artificial Intelligence (“AI”): The Order amends E.O. 14144’s existing approach to security with and within AI as well as E.O. 14110 (“Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence,” October 30, 2023), which encouraged AI-driven collaboration across industry and had tasked federal agencies with aggressively exploring artificial intelligence for cybersecurity defense.  The Order instead takes a more focused view, requiring agencies to make existing datasets for cyber defense research accessible to the academic community to the extent feasible and for agencies to incorporate AI software vulnerabilities and compromises into their existing processes for vulnerability management and disclosure.

• Focus on “Foreign” Cyber Threat Actors: The Order amends existing cybersecurity-related sanctions authorities for malicious actors engaged in cyber-enabled activities that pose a threat to U.S. national security, foreign policy, economic health, or financial stability, including those targeting U.S. critical infrastructure, to limit these authorities to foreign malicious actors and thereby more clearly excluding domestic individuals or activities from the scope of the authorities.  The accompanying Fact Sheet further explains that the focus on foreign malicious actors is to prevent “misuse” of the sanctions authorities “against domestic political opponents,” and clarifies that “sanctions do not apply to election-related activities.”  The Order and the accompanying Fact Sheet do not provide any additional information about whether the amendments are intended to exempt foreign cyber operations directed at U.S. election activities, though the underlying sanctions authorities do still address malicious cyber-enabled activities that involve “tampering with, altering, or causing a misappropriation of information with the purpose of or that involves interfering with or undermining election processes or institutions.”

The Federal Communications Commission’s cybersecurity labeling program, Cybersecurity Labeling for Internet of Things (proposed rule, 47 CFR Part 8) has remained.  This program was modeled after the Energy Star efficiency label and will certify internet-connected consumer products, such as IoT devices, based on whether they meet certain cybersecurity criteria verified by accredited labs.

Timeline of New Directives

The below table outlines the directives to federal government departments and agencies, including: the Departments of Commerce, Defense, Energy, and Homeland Security as well as CISA, OMB, the National Institute of Standards and Technology (“NIST”), the Office of the Director of National Intelligence (“ODNI”), the National Security Agency (“NSA”), the National Science Foundation (“NSF”), the Office of Science and Technology Policy (“OSTP”), and the Office of the National Cyber Director (“ONCD”).[2]

Table 1:  Summary of directives to Departments and Agencies.

[1] Section 2 also provides, “Except as specifically provided for in subsection 4(f) of [Executive Order 14144], sections 1 through 7 of [Executive Order 14144] shall not apply to Federal information systems that are NSS or are otherwise identified by the Department of Defense or the Intelligence Community as debilitating impact systems.”

[2] For example, the Order does not rescind or modify Biden’s Executive Order 14028 (“Including Biden’s Executive Order 14028”). 

The plaintiff, Allen Satz, brought a suit against the Jewish Link, Organization For The Resolution Of Agunot, Keshet Starr, Beis Medrash, and Rabbi Neal Turk after they circulated a flyer in the Jewish Link, a Jewish newspaper, encouraging Satz to grant his wife a religious divorce. Id at *1. Satz alleged there was an unflattering picture of him in the flyer and that the flyer called for a protest outside his parents’ home. Id.

The defendants argued that Satz was targeting their First Amendment rights; therefore, the complaint was subject to dismissal under UPEPA. Id. The defendants’ reply brief included an order to show cause, seeking attorney’s fees and costs under UPEPA. Id. Satz voluntarily dismissed his complaint. Id. The defendants asked the trial court to reopen the case for the limited purpose of ruling on their motion for relief and order to show cause under UPEPA. Id at *2. The trial court denied their motion because they had not answered the complaint (even though they had had the opportunity to answer). Id.

The defendants appealed this decision, arguing that their motion should have been granted because there is a strong public interest in ensuring that a plaintiff can’t just dismiss its complaint to avoid liability under UPEPA. Id. The defendants asserted that by allowing the trial court’s decision to stand, the Court of Appeals would create a loophole in UPEPA that would allow other litigants to bring similar suits to punish public participation. Id.

In a decision delivered by Appellate Judge Hany Mawla, the New Jersey Court of Appeals reversed the trial court’s decision and remanded the case, directing the trial court to hear the defendants’ order to show cause according to the UPEPA procedures. Id at *5. The court held that allowing the trial court’s ruling to stand would “contravene legislative intent and create a loophole in the UPEPA allowing SLAPP plaintiffs to financially harm New Jersey residents who are the subject of their lawsuits and then strategically dismiss their suits.” Id. The Court of Appeals concluded that the trial court misapplied New Jersey law and that the plain language of N.J.S.A. 2A:53A-51 does not require a defendant to have filed an answer before moving to dismiss a complaint. Id at *4. The Court of Appeals also ruled, contrary to the trial court’s reasoning that the defendants could file a separate suit for fees, that UPEPA contemplates applications for fees and costs to be heard on orders to show cause. Id. Since the Uniform Law Commission adopted UPEPA on July 15, 2020, 13 states have enacted some version of  UPEPA as their anti-SLAPP law: Hawaii, Idaho, Iowa, Kentucky, Maine, Minnesota, Montana, New Jersey, Ohio, Oregon, Pennsylvania, Utah, and Washington.[1] The Satz decision likely will be cited all over the country as support for protecting the intent of UPEPA and protecting defendants from groundless lawsuits brought to curtail free speech. Every year more states adopt UPEPA, so the Satz decision’s importance will only grow as time goes on.

[1] Public Expression Protection Act, Uniform Law Commission, last visited June 4, 2025, https://www.uniformlaws.org/committees/community-home?communitykey=4f486460-199c-49d7-9fac-05570be1e7b1.

The guidance’s stated goals include raising awareness of the potential data security risks of AI systems, providing best practices for securing AI, and establishing a strong foundation for data security in AI systems.  The first part of the guidance outlines a set of cybersecurity best practices for AI systems, after which the guidance provides additional detail on three separate risk categories for AI systems (data supply chain risks, maliciously modified data, and data drift) and describes mitigation recommendations for each risk category.

The guidance outlines ten cybersecurity best practices that are specific to AI systems, and refers to the NIST SP 800-53 “Security and Privacy Controls for Information Systems and Organizations” for additional details on general cybersecurity best practices (though does not specify any particular applicable baseline).  Several of the best practices, such as “source reliable data and track data provenance,” and “verify and maintain data integrity during storage and transport,” align with the data supply chain risks discussed in greater detail further below in the guidance.   Many of the other best practices build on security practices described in NIST SP 800-53 other common security frameworks, such as classifying data, leveraging access controls and trusted infrastructure, encrypting data, and storing and deleting data securely.  The guidance’s best practices also reference leveraging privacy-preserving techniques, such as data depersonalization or differential privacy, and conducting ongoing data security risk assessments.

In the section of the guidance devoted to data supply chain risks, the guidance discusses general risks and identifies three specific risks.  The general risks section warns that “one cannot simply assume that [web-scale] datasets are clean, accurate, and free of malicious content.”  The guidance offers several mitigation strategies, including dataset verification, using content credentials to track the provenance of data, requesting assurances of a foundation model trained by another party, requiring certification from dataset providers, and securely storing data after ingest. 

In addition to this general risk, the guidance identifies “curated web-scale datasets” as the first of three specific data supply chain risks.  The guidance notes that curated AI datasets are vulnerable to a technique known as “split-view poisoning” which can arise when someone purchases an expired domain and manipulates the data.  The second risk is “collected web-scale datasets,” which are vulnerable to “frontrunning poisoning techniques.”  This occurs when malicious examples are injected just before crowd-sourced content is collected from a website.  The third risk is “web-crawled datasets,” which is described as an inherently risky type of dataset because it is less curated.  The guidance provides a variety of mitigation strategies that include broad recommendations like dataset verification to detect abnormalities to more specific recommendations including using raw data hashes with hash verification.

Next, the guidance identifies risks and mitigation strategies for maliciously modified data, explaining that “deliberate manipulation of data can result in inaccurate outcomes, poor

decisions, and compromised security.”  The risks include adversarial machine learning threats, bad data statements, statistical bias, data poisoning from inaccurate information, and data duplications.   The guidance proposes various mitigation strategies to address these risks.  For example, it recommends sanitizing the training data to reduce the impact of outliers and poisoned inputs.  Similarly, it suggests that metadata validation may be helpful to check the completeness and consistency of metadata before it is used for AI training.

Finally, the guidance describes risks associated with data drift.  The guidance explains that data drift occurs naturally over time as the statistical properties of input data become different from those of the original data used to train the model.  The guidance suggests that data drift can be mitigated by “incorporating application-specific data management protocols” including continuous monitoring, retraining a model with new data, and data cleansing.  The mitigation strategies in this section focus on data management which can include continuous monitoring and data cleansing.  Many of the mitigation strategies posed in the earlier sections are good practices that can be applied here as well. Overall, the guidance notes that “organizations can fortify their AI systems against potential threats and safeguard sensitive, proprietary, and mission critical data used in the development and operation of their AI systems” by identifying risks and adopting best practices.  The guidance serves as a reminder to organizations of the importance of data security to maintaining the accuracy, reliability, and integrity of AI, and the unique cybersecurity risks that are applicable to these types of systems.