Privacy Protections Coming Sooner Rather Than Later to the Sooner State
Oklahoma has become the latest U.S. state to enact a comprehensive consumer privacy law after Governor Stitt signed SB 546 into law on March 20. This ends two long legislative droughts: First, this is the long-awaited 20th state comprehensive privacy law and the first since the Rhode Island Data Transparency and Privacy Protection Act was […]
Red Lines under the EU AI Act: Understanding the ban of the untargeted scraping of facial images and facial recognition databases
Blog 5 | Red Lines under the EU AI Act Series This blog is the fifth of a series that explores prohibited AI practices under the EU AI Act and their interplay with existing EU law. You can find the whole series here. 1. Introduction The fifth blog in the “Red lines under the EU AI […]
The Chatbot Moment: Mapping the Emerging 2026 U.S. Chatbot Legislative Landscape
Special thanks to Rafal Fryc, U.S. Legislation Intern, for his research and development of the resources referenced. If there is one area of AI policy that lawmakers seem particularly eager to regulate in 2026, it’s chatbots. As state legislative sessions ramp up across the country, policymakers at both the state and federal levels have introduced […]
Common Chatbot Provisions — Future of Privacy Forum (5)
Common Chatbot Provisions Febru ary 2 026 Chatbot legislation includes one or mor e core requirements: transparency, age verification & access controls, content safety & harm prevention, professional licensure & regulated services, data protection, and liability & enforcement. Ju stin e G lu ck & Raf al Fr yc This document groups substantive chatbot provisions […]
Holly Hawkins
Digital Digest: FPF’s Annual Privacy Papers for Policymakers
We are pleased to introduce FPF’s 16th annual Privacy Papers for Policymakers. Each year, we invite privacy scholars and authors to submit scholarship for consideration by a committee of reviewers and judges from the FPF Advisory Board. The selected papers are those judged to contain practical analyses of emerging issues that policymakers in Congress, in […]
Red Lines under the EU AI Act: Understanding Manipulative Techniques and the Exploitation of Vulnerabilities
Blog 2 | Red Lines under the EU AI Act Series This blog is the second of a series that explores prohibited AI practices under the EU AI Act and their interplay with existing EU law. You can read the first episode here and find the whole series here. Harmful manipulation and deception through AI systems […]
From Proposal to Passage: Enacted U.S. AI Laws, 2023–2025
Over the past three years, lawmakers across the United States have increasingly enacted AI-related laws that shape the development and deployment of AI systems. Between 2023 and 2025, the Future of Privacy Forum tracked 27 pieces of enacted AI-related legislation across 14 states, along with one federal law (the TAKE IT DOWN Act) that carry […]
Enacted AI Legislation Chart
E N AC TE D AI LE G IS LA TIO N O ve rv ie w C hatb ots : C A SB -2 43 (2 0 25 ) , M E LD -1 7 2 7 (2 0 25 ), N H HB-1 4 3 (2 0 25 ), N Y S-3 0 […]
FPF Retrospective: U.S. Privacy Enforcement in 2025
The U.S. privacy law landscape continues to mature as new laws go into effect, cure periods expire, and regulators interpret the law through enforcement actions and guidance. State attorneys general and the Federal Trade Commission act as the country’s de facto privacy regulators, regularly bringing enforcement actions under legal authorities both old and new. For […]