Alston & Bird Privacy, Cyber & Data Strategy Blog

Louisiana Delays App Store Accountability Effective Date to July 2027

By , and

On May 15, 2026, the Louisiana Governor signed HB 977 (Bill) into law, delaying the effective date of the Louisiana App Store Accountability Act (ASAA) by one year, to July 1, 2027. The amendments to the Louisiana ASAA come amid ongoing First Amendment challenges to similar laws in other states, and resemble recent developments in Utah, where Utah’s ASAA’s effective date was likewise postponed from May 6, 2026, to May 7, 2027. Background on the Louisiana ASAA and Legal Challenges Against … [Read more] about Louisiana Delays App Store Accountability Effective Date to July 2027

NYDFS Issues Frontier AI Advisory and Guidance for Heightened Cyber Threat Environment

By , , and

On May 21, 2026, the New York Department of Financial Services (“NYDFS”) issued two Industry Letters to the organizations it regulates (“Regulated Entities”): “Heightened Cybersecurity Risks Associated with Frontier AI Models” (the “Advisory”) and … [Read more] about NYDFS Issues Frontier AI Advisory and Guidance for Heightened Cyber Threat Environment

California Puts Social Media’s Youth Feeds on Notice

By and

On May 14, 2026, California Attorney General Rob Bonta issued proposed regulations and opened a 45-day public comment period addressing compliance with the age determination and parental consent requirements of the Protecting Our Kids from Social … [Read more] about California Puts Social Media’s Youth Feeds on Notice

European Commission Publishes Draft Guidelines on Classification of High-Risk AI Systems Under the EU AI Act

By , and

On May 19, 2026, the European Commission (EC) published draft guidance on how to determine whether an AI system qualifies as a high-risk AI system (HRAIS) under the EU’s Regulation 2024/1689 on artificial intelligence (AI Act). The draft reflects … [Read more] about European Commission Publishes Draft Guidelines on Classification of High-Risk AI Systems Under the EU AI Act

May Flowers Bring Fresh Insight from CalPrivacy

By and

Increased scrutiny of data brokers, rapid scaling of enforcement operations and active opposition to federal privacy preemption are in bloom in the Golden State. On May 1, 2026, the California Privacy Protection Agency (the “Agency”) Board (the … [Read more] about May Flowers Bring Fresh Insight from CalPrivacy