How did it come to this? Last year you got a new cookie consent management platform (CMP), and you worked with your web team to implement it. You even took a conservative approach and tried...

On 15 April 2026, European Commission President Ursula von der Leyen and Executive Vice-President Henna Virkkunen announced that the EU’s long-anticipated age-verification app is now “technically ready”. Positioned as a “gold standard” to protect minors...

The UK has taken another step in moving online safety compliance beyond content moderation into formal law enforcement reporting. Since 7 April 2026, regulated user-to-user (‘U2U’) services covered by the UK’s Online Safety Act (‘OSA’)...

Many businesses have opted to deploy website cookie banners in response to the barrage of litigation under the California Invasion of Privacy Act (“CIPA”). That same mitigation measure, however, is increasingly the target of a...

The surge of lawsuits under Section 638.51 of California’s Invasion of Privacy Act (CIPA)—which governs “pen registers” and “trap and trace devices”—has burdened online businesses over the past two years. Hundreds, if not thousands, of...

For years, TCPA compliance has largely meant following the statute as interpreted by FCC rules and regulations. That is no longer enough. Since the Supreme Court scrapped Chevron deference in Loper Bright and then held in McLaughlin that district courts...