Cybersecurity and Data Privacy

Subscribe to Cybersecurity and Data Privacy via RSS

On March 16, 2026, New York Attorney General (AG) Letitia James rallied in support of the “One Fair Price Package” — a pair of bills aimed at curbing algorithmic and surveillance pricing in New York. Together, the bills would prohibit the use of personalized algorithmic pricing based on consumer data, ban electronic shelf labels in large food and drug retailers, and create robust enforcement mechanisms and private rights of action. The announcement from New York comes shortly after New Jersey Governor Mikie Sherrill backed legislation to ban what she has called “surveillance” pricing, and after California Attorney General Rob Bonta announced an investigative sweep focused on businesses that use consumer data to individualize prices for their goods or services earlier this year.

Register Here
Thursday, March 26 • 12:00 – 1:00 p.m. ET

Gene Fishel will be speaking on the “Cyber Threats – Are You Prepared?” webinar, being held on March 26.

Join professionals from McGriff, the US Secret Service, Troutman Pepper Locke, and A.B. Data to learn more about fraud and cybercrimes. Organizations of all sizes

State attorneys general (AGs) are among the most active and influential regulators in the U.S., using broad statutory authority, political visibility, and growing technical knowledge to shape policy and enforcement across sectors. In 2025, they asserted their authority to shape the legal and regulatory environment across the U.S. through aggressive and coordinated action. Despite changing

In this episode of our special 12 Days of Regulatory Insights podcast series, Ashley Taylor, co-leader of Troutman Pepper Locke’s State AG team, sits down with Privacy and Cyber chair Ron Raether to discuss how state attorneys general (AGs) are shaping the regulatory landscape for social media and the broader ad tech ecosystem.

In this episode of our special 12 Days of Regulatory Insights podcast series, Gene Fishel, a member of the firm’s RISE Practice Group and State AG team, is joined by Partner Dave Navetta of the Privacy + Cyber Practice Group, to discuss the biggest privacy and cyber enforcement themes of 2025 and preview what’s ahead for 2026.

Background

On November 6, California Attorney General (AG) Rob Bonta, Connecticut AG William Tong, and New York AG Letitia James announced a $5.1 million settlement with Illuminate Education, Inc. (Illuminate), an educational technology company that offers K-12 software solutions that enable schools and school districts to track student attendance and grades, and monitor academic progress, behavior, and mental health.

This article was originally published on October 8, 2025 on Law360 and is republished here with permission.

The U.S. Department of Defense released the final rule implementing the Cybersecurity Maturity Model Certification on Sept. 9.[1] Through the program, the DOD seeks to enhance protections for sensitive information.

Defense contractors’ efforts to ramp up their CMMC

Key point: The investigative sweep is part of a growing multistate approach to privacy enforcement actions.

On September 9, the California Privacy Protection Agency (CPPA) announced that it has initiated a joint regulatory sweep in collaboration with attorneys general (AG) from California, Colorado, and Connecticut. The sweep will target businesses’ compliance with legal requirements associated with recognition of opt-out preference signals (OOPS) and universal opt-out mechanisms (UOOMs) that consumers can use to exercise their right to opt out of online tracking technologies (i.e., targeted advertising, sales, or sharing).

Register Here
Thursday, September 25 • 1:00 – 3:10 p.m. ET

Sadia Mirza, co-leader of Troutman Pepper Locke’s Incidents + Investigations practice, Privacy + Cyber Partner Timothy St. George, and Regulatory Investigations, Strategy + Enforcement Counsel Gene Fishel, will participate in an upcoming CLE with myLawCLE to examine the nuances of navigating cybersecurity breaches.