Key point: The final law is much narrower than when the bill was first introduced and applies only to food retailers and third-party food delivery services.
On April 28, 2026, Maryland Governor Wes Moore signed the Protection From Predatory Pricing Act (HB 895) into law. The law regulates
On April 13, 2026, Virginia Governor Abigail Spanberger signed SB338 into law, amending Virginia’s Consumer Data Protection Act (VCDPA) to prohibit controllers of personal data from selling consumers’ precise geolocation data. This ban, which takes effect on July 1, 2026, makes Virginia the third state in recent years to prohibit the sale of such data and reflects a trend that is likely to continue. Somewhat surprisingly, Virginia was the second state, behind California, to enact a comprehensive consumer privacy law and is continuing within that vein with this early expansion of privacy rights.
Key point: In a court filing, the Colorado attorney general states it will only enforce the law after the office finishes rulemaking on the existing law or any law the Colorado legislature passes this year amending or replacing the law.
In early April, a lawsuit was filed against the state
Key point: Bills advanced last week in Connecticut, Colorado, and California while Florida lawmakers will return for a special session this week and consider an AI Bill of Rights.
Below is the fifteenth update on the status of proposed state AI legislation in 2026. These posts track state AI bills that can directly or indirectly affect private-sector AI developers and deployers. These posts do not track AI bills that focus on government use of AI; insurance; workgroups; education; legal settings; name, image, and likeness; deepfakes; CSAM and sexual material; and election interference. As always, the contents provided below are time-sensitive and subject to change.
Key point: Connecticut’s Senate passed a bill to amend the state’s consumer data privacy law and create a new data broker registration law while bills advanced in California, Colorado, Delaware, and Louisianna.
Below is the fifteenth update on the status of proposed state privacy legislation in 2026. This post covers updates on proposed bills dealing with consumer data privacy, kid’s privacy, biometric privacy, data brokers, and consumer health data privacy. As always, the contents provided below are time-sensitive and subject to change.
With the influx of new state AI laws making compliance more complicated, we have created a new state AI law tracker map.
The map focuses on laws that can directly or indirectly affect private-sector AI development and deployment. As such, the map tracks the AI laws most likely to
Key point: The amendment significantly expands the existing law’s applicability, redefines “covered design feature,” creates two new prohibitions, and adds a new deletion right.
On April 17, 2026, Nebraska Governor Jim Pillen signed LB 838 into law. The omnibus bill addresses several different topics but, as is relevant here, it amends Nebraska’s Age-Appropriate Online Design Code Act, Neb. Rev. Stats. § 87-1301, et seq, which only went into effect on January 1, 2026. We provided an overview of the existing law here. The amendment goes into effect three months after the legislature’s April 17 adjournment date, on July 17, 2026.
The article below provides a summary of the changes.
Key point: Nebraska (chatbot) and Maine (health) enacted laws last week, while more than a dozen bills advanced in other states.
Below is the 14th update on the status of proposed state AI legislation in 2026. These posts track state AI bills that can directly or indirectly affect private-sector AI developers and deployers. These posts do not track AI bills that focus on government use of AI; insurance; workgroups; education; legal settings; name, image, and likeness; deepfakes; CSAM and sexual material; and election interference. As always, the contents provided below are time-sensitive and subject to change.
Key point: Alabama became the 21st state to enact a broader consumer data privacy law, Kentucky and Virginia finalized amendments to their consumer data privacy laws, and Nebraska amended its Age-Appropriate Design Code Act.
Below is the 14th update on the status of proposed state privacy legislation in 2026. This post covers updates on proposed bills dealing with consumer data privacy, children’s privacy, biometric privacy, data brokers, and consumer health data privacy. As always, the contents provided below are time-sensitive and subject to change.
Key point: Legislatures in Nebraska (chatbot bill), Maryland (pricing), and Maine (health) passed AI bills last week.
Below is the 13th update on the status of proposed state AI legislation in 2026. These posts track state AI bills that can directly or indirectly affect private-sector AI developers and deployers. These posts do not track AI bills that focus on government use of AI; insurance; workgroups; education; legal settings; name, image, and likeness; deepfakes; CSAM and sexual material; and election interference. As always, the contents provided below are time-sensitive and subject to change.