New York Department of Financial Services Issues Coordinated Guidance on Frontier AI Cybersecurity Risks
On May 21, 2026, the New York State Department of Financial Services (“DFS”) issued two coordinated Industry Letters: a letter on Heightened Cybersecurity Risks Associated with Frontier AI Models (the “AI Advisory”) and accompanying Guidance on Measures Regulated Entities Should Consider in a Heightened Cybersecurity Threat Environment (the “Guidance,” and together, the “May 2026 Publications”). The AI Advisory builds on DFS’s October 2024 guidance on cybersecurity risks arising from AI, but is narrower in focus. Specifically, it addresses frontier models that may materially increase the speed and effectiveness of vulnerability discovery and exploitation.
Chambers 2026 Global Practice Guide for Artificial Intelligence
The Chambers 2026 Global Practice Guide for Artificial Intelligence provides the latest legal information on the rapidly evolving AI landscape, covering the commercial use of AI across key industries, AI-specific legislation and regulation, government and regulatory oversight, generative AI, agentic AI systems and autonomous decision-making, liability, procurement and supply chain accountability, employment, IP, data protection, antitrust, cybersecurity, ESG, and AI governance and compliance.
European Biotech Act I: Navigating the EDPB/EDPS Vision for the Future of Clinical Trials
On 12 March 2026, the European Data Protection Board (“EDPB”) and the European Data Protection Supervisor (“EDPS”) issued a Joint Opinion (the “Joint Opinion”) on the proposed European Biotech Act I (the “Biotech Act”). The Joint Opinion broadly supports the EU’s ambition to strengthen its biotechnology sector. However, it emphasises that data protection safeguards must be tightened, particularly where health data is involved. The recommendations signal forthcoming scrutiny during the legislative process and highlight key compliance considerations for organisations involved in clinical trials.
Chambers 2026 Global Practice Guide for Cybersecurity
The Chambers Global Practice Guide for Cybersecurity 2026 has been published. The guide provides the latest legal information on cybersecurity law and regulation, including in relation to critical infrastructure, financial sector operation resilience, cyber-resilience, and ICT certification. The guide also covers the intersection of cybersecurity with data protection law, developments in AI and healthcare regulation.
Regulatory Update: National Association of Insurance Commissioners Spring 2026 National Meeting
The National Association of Insurance Commissioners (NAIC) held its Spring 2026 National Meeting (Spring Meeting) March 22–25, 2026. This blog post summarizes the highlights from this meeting in addition to interim meetings held in lieu of taking place during the Spring Meeting. Highlights include progress on addressing regulatory concerns related to indexed annuity illustrations, establishment of a new working group on market conduct modernization, exposure of a risk-based capital (RBC) adjustment framework for collateral loans, a Securities Valuation Office (SVO) report on resource strain caused by increased Private Letter Rating filings, multiple revisions to statements of statutory accounting principles (including guidance on sale-leasebacks, repurchase agreements and residential mortgage loans held in statutory trusts, and proposed disclosures for funding agreement-backed financing programs), and updates on the pilot phase of the AI Systems Evaluation Tool.
Generative AI in Discovery: Protective Orders as an Emerging Point of Dispute
As courts have begun addressing generative AI in the privilege and work product context, they are also confronting related disputes in the context of protective orders. Recent decisions Morgan v. V2X, Inc. and Jeffries v. Harcros Chemicals, Inc. show that disagreements about how protective orders should address the use of AI in discovery — issues previously handled through negotiation — now will be informed by guidance from the courts.
There’s a New Sheriff in Town — Texas as Privacy Regulator
For many years, the privacy community took the position that the state of California was the leading data privacy regulator. The state of New York, with its active cyber enforcement by the New York Department of Financial Services, was a close second. However, in the past two years, Texas has emerged not only as a significant privacy regulator but also as an aggressive enforcer of its laws.
The New Cyber Doctrine of the United States: The Trump Administration Issues Cyber Strategy and Executive Order Targeting Cybercrime
The New Cyber Doctrine of the United States: The Trump Administration Issues Cyber Strategy and Executive Order Targeting Cybercrime
On March 6, 2026, the Trump Administration released President Trump’s Cyber Strategy for America, and an Executive Order targeting cyber-enabled crime, fraud, and predatory schemes. Together these documents do more than merely outline the Administration’s response to cyber threats; they articulate a new cyber doctrine centered on imposing costs on adversaries and mobilizing both government and private-sector capabilities at scale.
Generative AI and Privilege: Practical Lessons from Two Early Decisions and What Comes Next
In February 2026, two federal courts drew national attention by addressing generative AI in the privilege context. At first glance, the decisions appear incongruent: one denied privilege where AI was used; the other upheld work product protection in a similar context. Yet neither decision announced a shift in privilege law. Each applied existing principles to new factual settings. The practical implications are straightforward: understand the confidentiality terms governing AI platforms, ensure appropriate attorney involvement where privilege is sought, and maintain disciplined policies around AI-assisted legal analysis.
UK Data Privacy and Cybersecurity Outlook for 2026: What Financial Services Firms Need To Know
Last year saw many developments across the international data privacy and cybersecurity landscape, and this momentum shows no sign of slowing.