State Legislation

Subscribe to State Legislation via RSS
Nebraska State Flag, United States, 3D Render

Key point: The amendment significantly expands the existing law’s applicability, redefines “covered design feature,” creates two new prohibitions, and adds a new deletion right.

On April 17, 2026, Nebraska Governor Jim Pillen signed LB 838 into law. The omnibus bill addresses several different topics but, as is relevant here, it amends Nebraska’s Age-Appropriate Online Design Code Act, Neb. Rev. Stats. § 87-1301, et seq, which only went into effect on January 1, 2026. We provided an overview of the existing law here. The amendment goes into effect three months after the legislature’s April 17 adjournment date, on July 17, 2026.

The article below provides a summary of the changes.

Key point: Nebraska (chatbot) and Maine (health) enacted laws last week, while more than a dozen bills advanced in other states.

Below is the 14th update on the status of proposed state AI legislation in 2026. These posts track state AI bills that can directly or indirectly affect private-sector AI developers and deployers. These posts do not track AI bills that focus on government use of AI; insurance; workgroups; education; legal settings; name, image, and likeness; deepfakes; CSAM and sexual material; and election interference. As always, the contents provided below are time-sensitive and subject to change.

Key point: Alabama became the 21st state to enact a broader consumer data privacy law, Kentucky and Virginia finalized amendments to their consumer data privacy laws, and Nebraska amended its Age-Appropriate Design Code Act.

Below is the 14th update on the status of proposed state privacy legislation in 2026. This post covers updates on proposed bills dealing with consumer data privacy, children’s privacy, biometric privacy, data brokers, and consumer health data privacy. As always, the contents provided below are time-sensitive and subject to change.

Key point: Legislatures in Nebraska (chatbot bill), Maryland (pricing), and Maine (health) passed AI bills last week.

Below is the 13th update on the status of proposed state AI legislation in 2026. These posts track state AI bills that can directly or indirectly affect private-sector AI developers and deployers. These posts do not track AI bills that focus on government use of AI; insurance; workgroups; education; legal settings; name, image, and likeness; deepfakes; CSAM and sexual material; and election interference. As always, the contents provided below are time-sensitive and subject to change.

Key point: Last week, Alabama’s legislature passed a consumer data privacy bill.

Below is the 13th update on the status of proposed state privacy legislation in 2026. This post covers updates on proposed bills dealing with consumer data privacy, children’s privacy, biometric privacy, data brokers, and consumer health data privacy. As always, the contents provided below are time-sensitive and subject to change.

Michigan State Flag. Waving Fabric Satin Texture National Flag of Michigan 3D Illustration. Real Texture Flag of the State of Michigan in the United States of America. USA. High Detailed Flag

A federal court in Michigan significantly narrowed Michigan Attorney General (AG) Dana Nessel’s privacy and consumer protection case against Roku, Inc. (Roku) dismissing all non-Children’s Online Privacy Protection Act (COPPA) claims for lack of standing while allowing the state’s privacy claims under COPPA to proceed. The decision highlights COPPA’s utility as a vehicle for state AGs to bring enforcement actions in federal court, while also underscoring the jurisdictional limits on bringing companion state privacy and consumer protection claims in the same forum.

Key point: Last week, chatbot bills were signed into law in Oregon and Idaho, while a health care-related AI bill was signed into law in Tennessee.

Below is the 12th update on the status of proposed state AI legislation in 2026. These posts track state AI bills that can directly or indirectly affect private-sector AI developers and deployers. These posts do not track AI bills that focus on government use of AI; insurance; workgroups; education; legal settings; name, image, and likeness; deepfakes; CSAM and sexual material; and election interference. As always, the contents provided below are time-sensitive and subject to change.

Key point: Last week, Maine’s consumer data privacy bill stalled in the House, while Kentucky’s legislature passed a bill to amend the commonwealth’s consumer data privacy law.

Below is the 12th update on the status of proposed state privacy legislation in 2026. This post covers updates on proposed bills dealing with consumer data privacy, children’s privacy, biometric privacy, data brokers, and consumer health data privacy. As always, the contents provided below are time-sensitive and subject to change.

US state flag of Tennessee

Key point: Tennessee’s new law prohibits parties that develop or deploy AI systems from advertising or representing to the public that the AI systems can act as a qualified mental health professional. 

On April 1, 2026, Tennessee Governor Bill Lee signed SB 1580 into law, and it will go into effect on July 1, 2026. The new law is short — less than one page — but has potentially significant consequences given that it includes a private right of action.

In the following post, we provide an overview of the new law.

Key point: Last week, four bills were signed into law in three states, two state legislatures passed chatbot bills, and eight bills crossed chambers.

Below is the 11th update on the status of proposed state AI legislation in 2026. These posts track state AI bills that can directly or indirectly affect private-sector AI developers and deployers. These posts do not track AI bills that focus on government use of AI; insurance; workgroups; education; legal settings; name, image, and likeness; deepfakes; CSAM and sexual material; and election interference. As always, the contents provided below are time-sensitive and subject to change.