MoFo Privacy

The European Commission has proposed targeted amendments to NIS2—narrowing scope, recalibrating supervision, and adding maximum harmonization, while keeping core cybersecurity obligations intact. Learn more: bit.ly/46H3QX4

AI notetakers are becoming standard in meetings but so are lawsuits. As plaintiffs test federal and state wiretapping theories against these tools, what should providers and users know about the risks? And what steps can they take now to reduce potential exposure? Learn more: bit.ly/3OyxJTb

Protecting privilege while using AI isn’t as straightforward as it seems. A recent SDNY decision suggests that documents created with free or public LLMs, without direction from counsel, may not be protected by attorney-client privilege. Read key takeaways: bit.ly/40mhSd0

What has changed about U.S. regulators’ intention to regulate data transfers to U.S. foreign adversaries in 2026? Find out in the latest installment of "A MoFo Privacy Minute." bit.ly/3MVD3iZ

In an article for IAPP, MoFo’s Lokke Moerel analyzes the proposed EU Digital Omnibus changes to the GDPR aimed at facilitating AI innovation and explains why the amendments may create more problems than they solve: bit.ly/4apZUfx

The start of the year is an excellent time to review and update your organization’s privacy assessment process, particularly in light of new regulations under the CCPA. Find out how you can prepare: bit.ly/4qHET4M

The U.S. General Services Administration (GSA) has updated its guidance to set new security and privacy requirements for contractor systems handling controlled unclassified information. The changes could impact contractor eligibility for GSA work and add new compliance burdens. bit.ly/3Oi0KSS

California’s DFPI is eyeing expanded oversight of credit reporting. A recent request for comment asks whether CRAs should register with and be supervised by the DFPI, potentially broadening regulation under the California Consumer Financial Protection Law: bit.ly/3ZPerLz

As scrutiny of child online safety grows, organizations face increasing tension between the UK Online Safety Act and data protection laws. In Privacy Laws & Business UK, MoFo’s Mercedes Samavi and Georgia Wright explore where the regimes align, clash, and what it means for compliance: bit.ly/4ttZBrI

Join MoFo on February 4 to learn about the key trends set to reshape the 2026 state privacy landscape, from AI oversight and children’s privacy safeguards to cutting-edge consumer protection and biometrics regulation: bit.ly/3Z8UhvM

Rapid innovation and evolving regulations are reshaping privacy and cybersecurity. From AI-driven enforcement and security tools to rising ransomware risks and greater regulatory scrutiny, the landscape is becoming more complex. Check out our predictions for the year ahead: bit.ly/4aV6afR

The latest MoFo Privacy Minute Q&A explores a timely client question on “Steal Now, Decrypt Later” attacks and what organizations should be doing now when encrypted data is at risk: bit.ly/4bTpNp9

MoFo's Alex van der Wolk recently spoke to Bank Info Security about trends relating to EU member states implementation of the Network and Information Security 2 Directive (NIS2), and which states have harmonized their approach to NIS2, and which have diverged: bit.ly/3ZveSdO

New and expanding laws in the EU, UK, and U.S. are increasing obligations for chipmakers and their supply chains, bringing tougher product-level requirements, reporting duties, and downstream security expectations. Learn more: bit.ly/4k4sVk7

What’s ahead for data, cybersecurity, and privacy in 2026? As rapid technological innovation collides with evolving global regulation, organizations are facing a more complex risk landscape than ever. Explore what’s next: bit.ly/4aV6afR

Recent developments under California’s data broker law, the Delete Act, signal intensified focus by the California Privacy Protection Agency on businesses that sell personal information. Read more: bit.ly/4r8LKFj

As technology accelerates and regulatory scrutiny intensifies, privacy and cybersecurity are entering a new phase of complexity and accountability. What should organizations prepare for in the year ahead? Check out our Data, Cyber + Privacy 2026 Predictions: bit.ly/4aV6afR

Join us on February 4 to learn about the key trends set to reshape the 2026 state privacy landscape, from AI oversight and children’s privacy safeguards to cutting-edge consumer protection and biometrics regulation. For more details: bit.ly/3Z8UhvM

A federal judge in the Western District of Texas granted preliminary injunctions blocking enforcement of the state’s App Store Accountability Act, preventing the law from taking effect on January 1, 2026. Learn more: bit.ly/4qpYFmi

As technology, regulation, and accountability continue to converge, the privacy and cybersecurity landscape is evolving faster than ever. What should organizations be watching in the year ahead? Explore our annual Data, Cyber + Privacy Predictions: bit.ly/4aV6afR

MoFo’s Data, Cyber + Privacy Practice received the top overall ranking in the Global Elite rankings published in the Lexology 100: Data 2026 report, cementing MoFo’s position as the leading firm globally handling the world’s most complex and significant global data mandates. bit.ly/496oQIp

Organizations face growing pressure to protect data, prepare for threats, and manage risk. MoFo’s Data, Cyber + Privacy team shares what’s ahead as tech, regulation, and accountability converge and the trends shaping 2026: bit.ly/4aV6afR

How are financial institutions building trustworthy data and AI frameworks amid rapid regulatory and technological change? Listen to our latest DCP+ episode for insights from Georgina Merhom, data scientist and founder of Solo: bit.ly/4rYiWR7

The New York Health Information Privacy Act (NYHIPA) was passed by the New York State Assembly and Senate in January 2025 but appears to have stalled. What is its status? And what should we expect as we move into 2026? Get insights in the latest MoFo Privacy Minute Q&A: bit.ly/48YBJDa

Germany’s implementation of the NIS2 Directive is now in force. The new law, including major updates to the BSI Act, introduces mandatory BSI registration and expanded cybersecurity obligations for organizations operating in Germany. Read about the key changes: bit.ly/453CoSn

New state consumer privacy laws come into effect on January 1, 2026, along with recently approved CCPA regulations. Do companies need to update their privacy policies and other privacy-related disclosures before year end? Find out in the latest edition of “A MoFo Privacy Minute.” bit.ly/48JbzEb

Explore the rapidly evolving AI regulatory landscape, the bipartisan focus on strengthening cybersecurity, and the rising role of private-sector innovators in shaping U.S. national security policy in MoFo’s newest Data, Cyber + Privacy PLUS podcast episode: bit.ly/3MbBmx8

The U.S. SEC agreed to voluntarily dismiss its high-profile case against SolarWinds Corporation and its Chief Information Security Officer, which has been pending for over two years in federal court. Read key takeaways: bit.ly/48yy0wR

MoFo’s Annabel Gillham and Dan Alam analyze the UK’s upcoming data protection complaints-handling requirement in this article published in Privacy Laws & Business UK Report: bit.ly/4ifDdNm

NY became the first state to regulate emotionally responsive “AI companion” chatbots under the Artificial Intelligence Companion Models Law. California’s SB 243 follows in Jan. 2026. Explore what these developments mean for companies designing and deploying next-generation AI systems: bit.ly/4a87CLx