The Cybersecurity and Infrastructure Security Agency (CISA) confirmed on Tuesday, March 11, 2025, that the Multi-State Information Sharing and Analysis Center (MS-ISAC) will lose its federal funding and cooperative agreement with the Center for Internet Security. MS-ISAC’s mission “is to improve the overall cybersecurity posture of U.S. State, Local, Tribal, and Territorial (SLTT) government organizations ..read more

According to Security Week, X (formerly Twitter) was hit with a distributed denial-of-service (DDoS) attack that disrupted tens of thousands of X users’ ability to access the platform on March 10, 2025. According to Reuters, the traffic involved in the attack came from IP addresses in the U.S., Vietnam, Brazil, and Ukraine. The threat group ..read more

Last week, we explored a recent data breach class action and the litigation risk of such lawsuits. Companies need to be aware of litigation risk not only arising from data breaches, but also from shareholder class actions related to privacy concerns. On March 5, 2025, a class action securities lawsuit was filed against AppLovin Corporation ..read more

Edison Electric Institute (EEI), an association that represents all U.S. investor-owned electric companies, petitioned the Federal Communications Commission (FCC) to permit calls and texts under the Telephone Consumer Protection Act (TCPA) without prior express consent for “demand response” communications. A prior FCC ruling clarified the FCC’s policies towards the types of calls and texts from ..read more

A federal district court has denied a motion by Johnson & Johnson Consumer Inc. (JJCI) to dismiss a second amended complaint alleging it violated the Illinois Biometric Information Privacy Act (BIPA) by collecting and storing biometric information through its Neutrogena Skin 360 beauty app without consumers’ informed consent or knowledge. The plaintiffs also allege that ..read more

The California Privacy Protection Agency (CPPA) the agency responsible for implementing and enforcing the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) (collectively the CCPA), protecting consumer privacy, and ensuring compliance with data privacy regulations, has announced an investigate sweep into companies’ collection of sensitive location data. The CPPA has already ..read more

With the proliferation of artificial intelligence (AI) usage over the last two years, companies are developing AI tools at an astonishing rate. When pitching their AI tools, these companies claim that their products can do certain things and promise and exaggerate their capabilities. AI washing “is a marketing tactic companies employ to exaggerate the amount ..read more

British Prime Minister Keir Starmer wants to turn the U.K. into an artificial intelligence (AI) superpower to help grow the British economy by using policies that he describes as “pro-innovation.” One of these policies proposed relaxing copyright protections. Under the proposal, initially unveiled in December 2024, AI companies could freely use copyrighted material to train ..read more

Artificial Intelligence (AI) is rapidly transforming the legal landscape, offering unprecedented opportunities for efficiency and innovation. However, this powerful technology also introduces new challenges to established information governance (IG) processes. Ignoring these challenges can lead to significant risks, including data breaches, compliance violations, and reputational damage. “AI Considerations for Information Governance Processes,” a recent paper ..read more

We have educated our readers about phishing, smishing, QRishing, and vishing scams, and now we’re warning you about what we have dubbed “snailing.” Yes, believe it or not, threat actors have gone retro and are using snail mail to try to extort victims. TechRadar is reporting that, according to GuidePoint Security, an organization received several ..read more