The Top Ten US Data Privacy Developments from 2025

Staff Editor 2026-01-28
The Top Ten US Data Privacy Developments from 2025

The Top Ten US Data Privacy Developments from 2025

https://www.wilmerhale.com/en/insights/blogs/wilmerhale-privacy-and-cybersecurity-law/20260128-year-in-review-the-top-ten-us-data-privacy-developments-from-2025

Publish Date: 2026-01-28 15:16:00

Source Domain: www.wilmerhale.com

2025 marked another year of significant legislative and regulatory advances at the federal and state levels for data privacy and security, in ways that were both expected and unexpected. As was anticipated, a new administration meant a shift in enforcement priorities for some federal agencies, including for the Federal Trade Commission (FTC). Compared to the last administration’s flurry of enforcement actions based on aggressive interpretations of “unfair” trade practices, the current FTC appears to be more concerned with a much narrower range of issues, focusing on the privacy and safety of children and teens online, as well as data security more generally. Other agencies that focused on privacy issues during the last administration (such as the Consumer Financial Protection Bureau) were also less active in privacy issues more generally in the past year. As has been the norm over the past few years, Congress kicked the tires on a few privacy proposals last year, but none gained meaningful traction.

While no federal privacy legislation emerged, there was a critical new federal development with the finalization of the Department of Justice’s Data Security Program (DSP). This regulatory framework, which targets cross-border transfers of bulk US sensitive personal data and US government-related data to certain “countries of concern,” interconnects data protection and national security concerns and has broad applicability based on how its relevant terms are defined (and does not have the same exemptions that are typically included in other data protection laws). Enforcement of the DSP will be an area of focus for companies in 2026 and beyond, especially given that the DSP comes with steep civil penalties and even potential criminal liability.

States did fill most of the enforcement gap left at the federal level, with California and Texas leading as the prominent regulators in the privacy and cybersecurity landscape. While it was somewhat…

Source

More Stories

Mountain Rides resolves cybersecurity threat | Transportation

Mountain Rides resolves cybersecurity threat | Transportation

Staff Editor 2026-06-05
NICC offers new computing and cybersecurity program for high school students | 97 Seven Country WGLR – The Tri-States Best Variety of Country

NICC offers new computing and cybersecurity program for high school students | 97 Seven Country WGLR – The Tri-States Best Variety of Country

Staff Editor 2026-06-05
Ashley Devoto Named Air Force CIO

Ashley Devoto Named Air Force CIO

Staff Editor 2026-06-05

Terms and Conditions - Privacy Policy