Privacy & Cybersecurity Law Blog

Congress has extended the Cybersecurity Information Sharing Act of 2015 through September 30, 2026 as part of the Consolidated Appropriations Act, a government funding package enacted in early February 2026.

On February 3, 2026, the UK Information Commissioner’s Office publicly confirmed that it has launched formal investigations into X Internet Unlimited Company and X.AI LLC, focused on the Grok artificial intelligence system.

On February 5, 2026, the UK Information Commissioner’s Office announced a £247,590 fine against MediaLab.AI, Inc., the company behind the image-sharing platform Imgur, for failing to lawfully process children’s personal information. 

On January 28, 2026, the U.S. Federal Trade Commission held a workshop entitled “Protecting American Children: A Workshop to Explore Age Verification Technologies.”

On February 5, 2026, the next phase of the UK Data (Use and Access) Act officially came into force, bringing most of its provisions, including the major reforms in Part 5, into effect.

On January 27, 2026, Data Privacy Day, the California Office of the Attorney General announced an investigative sweep into surveillance pricing, a type of algorithmic pricing that uses personal information to set individualized prices, and how such practices may violate the California Consumer Privacy Act.

On January 27, 2026, the Centre for Information Policy Leadership hosted a fireside chat with California Privacy Protection Agency General Counsel Phil Laird in honor of Data Privacy Day.

On January 30, 2026, the Cybersecurity Administration of China released a Q&A document on policies and regulations for the security management of cross-border data transfers. 

On January 20, 2026, the European Commission proposed a comprehensive new cybersecurity package aimed at strengthening the EU’s cybersecurity resilience and enhancing its capacity to manage evolving threats.

The U.S. Supreme Court will soon decide who qualifies as a “consumer” under the federal Video Privacy Protection Act, a 1988 law originally enacted to protect the privacy of individuals’ video rental and purchase records.