In this crossover episode of The Good Bot and Regulatory Oversight, Brett Mason, Gene Fishel, and Chris Carlson discuss the latest state laws targeting AI, especially in health care. They break down new legislation in Colorado, Utah, California, and Texas, highlighting differences in scope and enforcement. They also cover how state attorneys general are using consumer protection and anti-discrimination laws to regulate AI, even in states without AI-specific statutes.
Key point: The investigative sweep is part of a growing multistate approach to privacy enforcement actions.
On September 9, the California Privacy Protection Agency (CPPA) announced that it has initiated a joint regulatory sweep in collaboration with attorneys general (AG) from California, Colorado, and Connecticut. The sweep will target businesses’ compliance with legal requirements associated with recognition of opt-out preference signals (OOPS) and universal opt-out mechanisms (UOOMs) that consumers can use to exercise their right to opt out of online tracking technologies (i.e., targeted advertising, sales, or sharing).
The Federal Trade Commission (FTC) and the Utah Department of Commerce’s Division of Consumer Protection (Division), represented by the Office of the Utah Attorney General (AG), recently announced a proposed consent order with Aylo, the company that owns and operates pornography websites, including Pornhub.com and Redtube.com. The proposed consent order includes the implementation of a compliance program and a $5 million penalty.
What Happened
Last week, Colorado lawmakers held a special session that culminated in a decision to delay the implementation of the Colorado Artificial Intelligence Act (CAIA) until June 30, 2026, extending the timeline beyond its original February 2026 start date. That delay gives businesses a brief window to prepare, but the law remains in effect, requiring companies to build governance programs and perform regular impact assessments of high-risk AI systems.
Register Here
Thursday, September 25 • 1:00 – 3:10 p.m. ET
Sadia Mirza, co-leader of Troutman Pepper Locke’s Incidents + Investigations practice, Privacy + Cyber Partner Timothy St. George, and Regulatory Investigations, Strategy + Enforcement Counsel Gene Fishel, will participate in an upcoming CLE with myLawCLE to examine the nuances of navigating cybersecurity breaches.
In this episode of our special Regulatory Oversight: Solicitors General Insights series, RISE Counsel Jeff Johnson, a former deputy solicitor general in the Missouri Attorney General’s office, welcomes Michigan Solicitor General Ann Sherman and New Jersey Solicitor General Jeremy Feigenbaum. They explore the art of oral advocacy, sharing insights into how they effectively present cases. The conversation also addresses state sovereignty, emphasizing the importance of allowing states to experiment with policies and the impact of bipartisan issues, particularly those that resonate most effectively in front of SCOTUS.
On Thursday, Governor Mike Dunleavy announced that Stephen J. Cox will become the attorney general (AG) of Alaska, effective Friday, August 29. Cox will replace Alaska AG Treg Taylor, who announced earlier this month that he would be stepping down to run for governor in the state’s 2026 general election.
Massachusetts Attorney General (AG) Andrea Joy Campbell has issued guidelines to help businesses comply with the recently enacted consumer protection regulations, prohibiting “junk fees” and providing consumers with greater transparency regarding trial and subscription offers. We previously covered these regulations in detail here.
In addition to receiving cease-and-desist orders from several states (Arizona, Illinois, Montana, and Ohio), and ongoing litigation against New Jersey state gaming regulators in the U.S. Court of Appeals for the Third Circuit, KalshiEx LLC (Kalshi) is also now embroiled in litigation with regulators in Maryland and Nevada. Kalshi operates as a designated contract market, which allows adults in all 50 states to make financial trades on a broad range of topics — from sports to the weather.
In 2022, a bipartisan task force of 51 state attorneys general (AGs) was formed to investigate and take legal action against companies allegedly responsible for large volumes of fraudulent and illegal robocall traffic. North Carolina AG Jeff Jackson, Indiana AG Todd Rokita, and Ohio AG Dave Yost lead the “Anti-Robocall Litigation Task Force.” The task force is made up of AGs from both political parties.