On 15 April 2026, European Commission President Ursula von der Leyen and Executive Vice-President Henna Virkkunen announced that the EU’s long-anticipated age-verification app is now “technically ready”. Positioned as a “gold standard” to protect minors...

The UK has taken another step in moving online safety compliance beyond content moderation into formal law enforcement reporting. Since 7 April 2026, regulated user-to-user (‘U2U’) services covered by the UK’s Online Safety Act (‘OSA’)...

Many businesses have opted to deploy website cookie banners in response to the barrage of litigation under the California Invasion of Privacy Act (“CIPA”). That same mitigation measure, however, is increasingly the target of a...

The surge of lawsuits under Section 638.51 of California’s Invasion of Privacy Act (CIPA)—which governs “pen registers” and “trap and trace devices”—has burdened online businesses over the past two years. Hundreds, if not thousands, of...

Until now, managing risks related to AI deployment largely meant controlling the content employees typed into a chat box. That era, however, is drawing to a close. AI is quickly transforming from an isolated tool...

At a time when many organizations are seeing a rise in strategic, and sometimes even outright abusive, data subject access requests (“DSARs”), the Court of Justice of the European Union’s (“CJEU’s”) 19 March 2026 decision...