Privacy & Information Security Law Blog

Salesforce recently modified its Slack API Terms of Service to prohibit the bulk exporting or copying of Slack data, or the use of Slack data in connection with LLMs, potentially posing significant changes to the way organizations may use Slack.  

On July 25, 2025, the UK government published guidance outlining the key stages for bringing the provisions of the UK Data (Use and Access) Act into effect.

On July 18, 2025, the Cybersecurity Administration of China issued a notice on how to comply with personal information protection officer reporting requirements under existing Chinese data protection law.

On July 8, 2025, Nebraska Attorney General Mike Hilgers announced that the AG’s office is suing General Motors LLC and its subsidiary OnStar LLC over violations of Nebraska’s consumer protection laws.

On June 27, 2025, the Amendment of the Anti-unfair Competition Law of PRC was published.  The AUCL will take effect on October 15, 2025.

On July 24, 2025, the California Privacy Protection Agency finalized CCPA regulations on automated decision-making technology, risk assessments and cybersecurity audits.

On July 23, 2025, the Trump Administration published an AI Action Plan and three Executive Orders on AI.

On July 22, 2025, the European Commission announced the launch of the process to adopt new adequacy decisions for the UK following the European Commission’s assessment of the recently passed UK Data (Use and Access) Act 2025.

On July 14, 2025, the European Commission published guidelines on the protection of minors under the Digital Services Act aimed at safeguarding minors in the digital environment.

Texas recently enacted a law requiring electronic health records to be physically stored in the U.S., among other requirements.