The U.S. Supreme Court’s decision to take Salazar v. Paramount Global (cert. granted January 26, 2026) is more than a technical exercise in statutory interpretation. It is a live example of what happens when a targeted, decades-old privacy statute collides with modern web tracking and digital media business models.

At the center of the case is the Video Privacy Protection Act (“VPPA”), enacted in 1988 after the disclosure of Supreme Court nominee Robert Bork’s video rental history. The law was built for a Blockbuster-era world, but it has become newly relevant as plaintiffs ...

The U.S. Supreme Court seldom takes up privacy cases, but the 2026 term includes two matters that could have profound implications for how businesses collect, retain, and disclose data. One addresses constitutional limits on modern surveillance, and the other reexamines the application of a legacy privacy statute that has become a focal point for litigation in the digital age.

Geolocation Data & the Fourth Amendment

In Chatrie v. United States, the Court will confront the rising use of geofence warrants, which are search warrants requiring companies to turn over location ...

Cybersecurity oversight has officially entered the realm of board level fiduciary responsibility. In several 2025 decisions, the Delaware Court of Chancery made clear that cybersecurity is a mission critical risk for most companies. In the aftermath of these decisions, directors of Delaware corporations now face heightened expectations for monitoring, documenting and addressing cybersecurity risks as part of their oversight duties.

The duty of oversight for board members originates from the decision in In re Caremark International Inc. Derivative Litigation and was later ...

On November 25, 2025, the Cybersecurity and Infrastructure Security Agency (“CISA”) issued an alert regarding advanced spyware campaigns targeting mobile devices. The warning identifies messaging apps and social media platforms as primary vectors and emphasizes the need for stronger mobile security practices by businesses large and small. Because mobile devices routinely contain personal and corporate data, the alert carries significant implications for privacy and cybersecurity compliance.

CISA highlighted spyware capable of capturing messages, emails and ...

On November 25, 2025, reports revealed a draft Executive Order prepared by the White House titled “Eliminating State Law Obstruction of National AI Policy.” The draft order seeks to preempt state AI laws in favor of a uniform national framework and would create an AI Litigation Task Force responsible for challenging state statutes deemed inconsistent with federal priorities. The proposal marks a significant federal effort to centralize AI governance. 

The draft order directs the Department of Justice, Commerce Department, Federal Communications Commission and Federal ...

The California Privacy Protection Agency (CPPA) has initiated enforcement of its automated decision-making regulations under the California Privacy Rights Act (CPRA). These regulations address algorithmic profiling, behavioral scoring and automated systems that make or inform decisions about consumers. As the CPPA begins audits, companies must update their compliance programs to reflect the new requirements.

The CPRA authorizes the CPPA to regulate automated decision-making technology. The regulations apply to businesses that use algorithms to evaluate personal ...

California remains at the forefront of U.S. consumer privacy regulation. Recent developments in the California Consumer Privacy Act (“CCPA”), amended by the California Privacy Rights Act (“CPRA”), and ongoing rule-making by the California Privacy Protection Agency (“CPPA”) reflect a shift toward stronger enforcement and broader data-security obligations. Businesses operating in or with exposure to California must act now to align with the evolving standards.

The CPPA announced new monetary thresholds and increased civil penalties for violations of the ...

The M&A environment in the United States is undergoing a noteworthy transformation. While macroeconomic factors such as easing interest rates and abundant private-equity “dry powder” (i.e. the uncalled capital that a fund has available to invest) have sparked optimism, dealmakers must also grapple with an evolving regulatory, governance and antitrust backdrop.

At the federal level, under the Clayton Act (15 U.S.C. §§ 12-27) and the Hart-Scott-Rodino Antitrust Improvements Act (15 U.S.C. §§ 18a-18i), merging parties must file notifications with the Federal Trade ...

Brand owners face a changing landscape at the U.S. federal registration level as the U.S. Patent and Trademark Office (“USPTO”) implements a new fee structure. These changes have important implications for trademark registration strategies, budget planning, and risk management around trademark prosecution and maintenance. The USPTO’s key regulatory changes include fee revisions under 37 C.F.R. Part 2.  In addition, the USPTO has published new data regarding first action and total pendency of trademark applications. While the underlying statutory framework under the ...

Generative artificial intelligence is moving from experimental pilot projects into enterprise-wide deployment at an unprecedented pace. Yet as companies accelerate adoption, regulatory bodies in the United States and abroad have issued new rulemaking, enforcement guidance and governance frameworks that create legal exposure. The evolution from pilot programs to production and deployment now requires structured compliance, contractual protection and board-level oversight.

California enacted Senate Bill 53 (“SB 53”) in 2025, establishing transparency ...

Correction (December 2025):  An earlier version of this article incorrectly referred to “Delaware Senate Bill 154” as the source of recent amendments to the Delaware General Corporation Law. The corporate opportunity and conflict-of-interest updates discussed in the article derive from SB 313 (effective August 1, 2024) and Senate Substitute 1 for Senate Bill 21 (SS 1 for SB 21, signed March 25, 2025), not SB 154. The post has been revised to reflect these statutory references.

Delaware Modernizes Corporate Opportunity and Conflict-of-Interest Law: What ...

On September 29, 2025, Governor Newsom signed into law Senate Bill 53 (“SB 53” or the “Act”), officially titled the “Transparency in Frontier Artificial Intelligence Act”.  This legislation is the first U.S. state statute to impose broad transparency, reporting, and whistleblower protections for developers of advanced frontier AI models.  In doing so, once again, California strengthens its position as a regulatory leader in artificial intelligence by placing new obligations on large-scale developers while providing a blueprint for national and international AI ...

California once again sets the pace in consumer privacy and digital-platform regulation with the enactment of Assembly Bill 656 (“AB 656” or the “Act”), detailing new obligations for large social-media platforms to facilitate account deletion and data removal.  Signed by Governor Newsom on October 8, 2025 and effective January 1, 2026, covered businesses will need to act quickly in order to comply. 

In its legislative findings, AB 656 identifies that a “substantial function” of social-media platforms is user-connection, and research has documented entry barriers ...

The California Privacy Protection Agency (“CPPA”) has unveiled draft regulations regarding AI and automated decision-making technologies.  AI and automated decision-making encompasses systems leveraging machine learning, statistics, and data processing to evaluate personal information.  Such technologies not only aid in human decision-making, they also involve individual profiling capabilities, which triggers a potential need to safeguard privacy rights.  The draft regulations include, among other things, provisions for providing notice of AI technology use ...

The California Privacy Rights and Enforcement Act of 2020 (the “CPRA”) expands the privacy rights and protections provided to California consumers pursuant to existing state law, including the California Consumer Privacy Act of 2018 (the “CCPA”). Businesses that are subject to the CPRA must comply with various notice obligations and requirements related to the collection, deletion, sale and sharing of personal information.

This client alert provides a summary of some of the CPRA’s changes to the CCPA, the creation of the California Privacy Protection Agency and the ...

Below is a summary of recent developments for the Food, Beverage and Hospitality industry in terms of Internet laws and regulations. To learn more about these issues and how they affect the industry, join us on October 28, 2020 for our Industry Debrief on the CCPA, CPRA, Data Security and Other Risks.

Consumer Privacy and the CCPA

In June 2018, California enacted one of the most comprehensive privacy laws in the country, the California Consumer Privacy Act of 2018 (the “CCPA”). The CCPA went into effect on January 1, 2020, and started to be enforced by the California Attorney General ...

California's Secretary of State announced that the California Privacy Rights Act (“CPRA”) has qualified for the state's November ballot. Real estate mogul, Alastair Mactaggart, has done it again.  After successfully getting the California Consumer Privacy Act of 2018 (“CCPA”) passed by Sacramento in record time for fear that the CCPA would be on the November 2018 ballot, Mactaggart has once again obtained the required 623,212 signatures to do the same with the CPRA in 2020. If passed, the CPRA would build on the underlying principles of the CCPA by permitting consumers to ...

The fourth and final part of this CCPA client alert series focuses on certain training and record-keeping requirements pursuant to the CCPA.

The California Consumer Privacy Act of 2018 (the “CCPA”) and the related proposed Attorney General Regulations (the “Regulations”) provide California consumers with increased privacy rights and protections with respect to their personal information. Businesses that are subject to the CCPA must comply with various notice obligations and requirements related to the collection, deletion and sale of personal information. The ...

Part three of this CCPA client alert series focuses on the obligations for service providers pursuant to the CCPA.

The California Consumer Privacy Act of 2018 (the “CCPA”) and the related proposed Attorney General Regulations (the “Regulations”) provide California consumers with increased privacy rights and protections with respect to their personal information. Businesses that are subject to the CCPA must comply with various notice obligations and requirements related to the collection, deletion and sale of personal information. The California Attorney General ...

Part two of this CCPA client alert series focuses on how to verify and respond to consumer requests.

The California Consumer Privacy Act of 2018 (the “CCPA”) and the related proposed Attorney General Regulations (the “Regulations”) provide California consumers with increased privacy rights and protections with respect to their personal information. Businesses that are subject to the CCPA must comply with various notice obligations and requirements related to the collection, deletion and sale of personal information. The California Attorney General intends to begin ...

The California Consumer Privacy Act of 2018 (the “CCPA”) and the related proposed Attorney General Regulations (the “Regulations”) provide California consumers with increased privacy rights and protections with respect to their personal information. Businesses that are subject to the CCPA must comply with various notice obligations and requirements related to the collection, deletion and sale of personal information. The California Attorney General intends to begin enforcing the CCPA and the Regulations on July 1, 2020.

This client alert provides a summary of the ...

Does your business collect personal information from California residents?  A person’s name, address, email address, social security number, and driver’s license number are all considered personal information. What about digital information? Does your website track consumers’ browsing histories, search histories, or their interactions with your website or digital advertisements? How about information related to a consumer’s employment history or education? All of the aforementioned are deemed to constitute personal information under the California Consumer ...

As required by the California Consumer Privacy Act of 2018 (the “CCPA”), the California Attorney General’s Office (the “AG”) is hard at work crafting regulations related to the CCPA to be implemented by July 1, 2020.  The CCPA will go into effect on January 1, 2020, but the AG’s enforcement will not be initiated until later that year.  In the meantime, consumers and businesses alike are anxiously awaiting the AG’s first draft of the regulations.  The AG’s regulations are intended to clarify certain ambiguities in the CCPA and outline and implement rules for businesses to ...

As you know by now, the California Consumer Privacy Act of 2018 (“CCPA”) is California’s groundbreaking legislation that grants California residents unprecedented rights and protections regarding the collection and use of their personal information. While the breadth and scope of the CCPA is readily transparent, California’s Attorney General (“AG”) is still in the process of adopting regulations to help implement the act. The AG is currently accepting comments in a series of public forums that began in January, and the California Department of Justice recently ...

Technology procurement is quickly evolving from a tactical, organization-wide undertaking to one that is more strategic and catering to multiple units within a company’s infrastructure. More businesses are taking advantage of things like Bellwether procurement software as a way to improve their procurement process. As a result, the skill set of the CTO, CIO, General Counsel and other members of the procurement team must follow suit. Upgrades used to be about minimizing costs and lowering risks. But those were the old days. Now, the procurement team responsible for software ...

Upgrading a large complex portion of a company’s (“Newco’s”) IT infrastructure can be a daunting task.  However, as its business grows, Newco will want and need to add new capabilities and enhance existing service offerings.  Here is a brief overview of some strategies for helping Newco navigate the process including software and hardware procurement, finding the right systems integrator, negotiating Service Level Agreements (“SLAs”), and ensuring timely on-budget implementation.  

Software and Hardware Procurement

Newco will want to work closely with the Systems ...

California now has the most sweeping and comprehensive privacy rights law in the country — The California Consumer Privacy Act of 2018 (the “Act”).  Some might say the Act is the result of Cambridge Analytica misusing the data of tens of millions of Facebook users.  Others would suggest that the Act is merely the natural and logical progression of inalienable rights of privacy in the digital age.  Whatever the reason, California’s Privacy Bill of Rights for consumers will forever change the way businesses collect and use personal information (“PI”).

Here’s the good news ...

“We have the best mobile app on the market!” “Subscribe now and win an Apple watch!” “Download our software and we guarantee an increase in your business within 30 days!” That all sounds quite wonderful, actually. Where do I sign up? As a consumer, these statements pique my interest. However, if you are the company promoting your products through these kinds of digital advertisements, you may want to choose your words more carefully. While the Internet and an ever expanding universe of technology platforms are connecting companies and consumers at an unimaginable rate ...

As is increasingly reported, there is a battle raging in today’s marketplace between companies with new technology platforms and content creators from the entertainment community. On the one hand, are computer science engineers and programmers developing new and better code, creating more complex algorithms, and building ever expanding server farms at a breakneck pace, all to give the consumer cheaper, faster, and more mobile access to music, movies and television. On the other hand, are musicians, writers, movie and television producers and broadcasters, all trying to ...