In the Wild

“The system will be entirely opt-in, and there will be no centralized government-run database, which everyone is always concerned about,” Trump said. “People are very, very concerned about personal records. They want to keep them very quiet, and that’s their choice.”

Experts expressed concerns about privacy and security with the new initiative, saying the announcement didn’t provide many details regarding how patients would be able to access their medical histories in a way that will keep them private. In addition, easy availability of health records can sometimes conflict with laws that protect privacy like the Health Insurance Portability and Accountability Act.

Peter K. Jackson, a cybersecurity and privacy lawyer at Greenberg Glusker.

(Kanno-Youngs/Abelson, New York Times , 7/30; Bettelheim, Axios , 7/30)

President Donald Trump last week signed an executive order expanding his council on sports, fitness, and nutrition and bringing back the Presidential Fitness Test, which was first introduced by President Lyndon B. Johnson in 1966 and phased out more than a decade ago.

A Jeremiah figure among millennial and Gen X parents for his warnings of impending social media doom and ruin, Haidt didn’t mince words when forecasting the impact of the recent court cases.

“The world is changing its thinking about this,” Haidt said. “These verdicts coming when they do are going to shift it further.”

Attorney Mark Lanier and his team arrive to the Los Angeles County Superior Court during the recent civil trial over his client’s alleged social media addiction. (Kayla Bartkowski / Los Angeles Times) “The broader signal to the marketplace is that the shield is wearing thin,” said Peter Jackson , a privacy and cybersecurity attorney in Los Angeles.

A powerful 1996 law called Section 230 has long barricaded internet platforms against most civil liability. The L.A. case tested the argument that injuries arose not from content the apps hosted but design functions engineered for maximum engagement — even if, as Kaley G.M. alleged, those designs were known to carry risks for children.

This week’s wins could unleash a barrage of new lawsuits, even if the verdicts are overturned in the appellate courts, as the companies, their supporters, and many 1st Amendment experts expect.

“Fines like this are like affirmations for these big tech firms,” says Sree Sreenivasan, CEO of Digi Mentors. “It shows them they’re on the right track with all of this stuff.”

“A nine-figure fine sounds enormous until you realize the number looks like a rounding error on a quarterly earnings call,” adds Armstrong.

Peter Jackson, a cybersecurity and privacy attorney at Greenberg Glusker in Los Angeles, says most consumers have no idea how exposed they really are. 10 OpenAI banned Jesse Van Rootselaar’s account over disturbing messages before the shooter killed eight people in Tumbler Ridge, BC, Canada, — but the company did not alert police. via REUTERS “Consumers are under informed about what is happening with their information,” he says.

“Consumers are under informed about what is happening with their information,” he says. “[Privacy] disclosures are technically thorough and practically useless. Most people don’t really understand what any of it means.”

Jackson agrees that current penalties don’t meet the moment.

PETER K. JACKSON Attorney, Data Strategy & Privacy [email protected] | (310) 785-6803 GreenbergGlusker.com Data privacy risk is reaching critical mass in 2026 as “zombie” privacy claims, tougher state laws, and everyday AI use converge to create significant liability for companies.

Data privacy risk is reaching critical mass in 2026 as “zombie” privacy claims, tougher state laws, and everyday AI use converge to create significant liability for companies. Here are some of the top data privacy threats to be mindful of in 2026 and beyond.

“Zombie” laws that predate 21st-century statutes remain among the biggest privacy threats today. While only the government can enforce newer laws like the California Consumer Privacy Act (CCPA) and its peers, these zombie laws open up class-action lawsuits and fixed, per-person fines. Claims under laws like ‘60s-era California Invasion of Privacy Act (CIPA) argue that the common web tools on your website constitute surveillance devices or wiretap visitors.

WATCH: Is social media Big Tobacco 2.0? A look at the lawsuits against big tech over teens’ mental health.

A 20-year-old social media user sued Meta Platforms Inc. , Google LLC. , Snap Inc. , and TikTok Inc. , claiming the companies knowingly deployed addictive features she interacted with from a young age that led to her depression and self harm. At issue in the trial, brought under product liability law and currently underway in Los Angeles Superior Court, is whether the companies knew about the dangerous effects of their products and failed to warn consumers. Snap and TikTok settled outside of court before the trial. Snap declined to comment and TikTok did not respond to a request for comment.

“It’s an overdue reckoning,” said Peter Jackson, attorney at Greenberg Glusker LLP.

Meta and Google have maintained in court that their products weren’t built to hook children and that they already have settings and safeguards in place to protect young users.

“The question for the jury in Los Angeles is whether Instagram was a substantial factor in the plaintiff’s mental health struggles,” Liza Crenshaw, a spokesperson for Meta, wrote in an email. “The evidence will show she faced many significant, difficult challenges well before she ever used social media.”

“It’s kind of the path of least resistance, and that will be at least a starting point as to where health systems will go,” Holland & Knight’s Silverboard said.

Although AI tools offered by EHR firms could be enticing, that doesn’t necessarily spell doom for smaller vendors in 2026, experts say. Even large EHR vendors can only focus on so many different products, Kumar said. An EHR firm might want to offer a scribe, revenue cycle management tools and scheduling, but they might only be able to invest in a handful of products.

Smaller AI startups also might be more willing to work with healthcare organizations to tailor their offerings toward their specific needs, said Peter Jackson, counsel at law firm Greenberg Glusker.

“New entrants are more willing to do customizations, work more directly with clients,” he said. “The legacy providers don’t do that. They provide a one-size-fits-all solution for everybody, for the most part.”

AI startups received a significant share of overall digital health funding last year, and the technology could make up an even larger portion of investment in 2026, experts say.

Peter Jackson, cybersecurity and privacy attorney at Greenberg Glusker, agreed — and tells TechCrunch that the language around “one-sided transcripts” sounds like it could be a backdoor way of saying that Neon records users’ calls in their entirety but may just remove what the other party said from the final transcript.

Peter Jackson, a cybersecurity and privacy attorney at law firm Greenberg Glusker, said the states’ accusations against Temu, “are broadly similar to the national-security concerns advanced by the federal government to coax Congress to pass the legislation that banned TikTok.”

Instead of new contract requirements, Trump directed NIST to set up an industry consortium by Aug. 1. The consortium will help NIST develop guidance that “demonstrates the implementation of secure software development, security, and operations practices” in the SSDF.

In a blog , lawyers with WilmerHale wrote the change “appears intended to put industry more in the lead in developing software validation practices rather than the federal government.”

Peter Jackson, counsel in Los Angeles law firm Greenberg Glusker, said Trump’s EO “severs the effort to force developers to show that the software they provide to the government has security and integrity.”

“While developers will still certify under a souped-up standard, some software will still be delivered with the kinds of low-hanging flaws and errors the attestation process might have caught,” Jackson said in an emailed statement.

The Biden administration’s first cybersecurity executive order — which Trump didn’t change — initiated the push to establish governmentwide software security standards in the wake of the 2020 SolarWinds cyber attack.

Connecting decision makers to a dynamic network of information, people and ideas, Bloomberg quickly and accurately delivers business and financial information, news and insight around the world

Connecting decision makers to a dynamic network of information, people and ideas, Bloomberg quickly and accurately delivers business and financial information, news and insight around the world

Photographer: Jasper Juinen/Bloomberg via Getty Images Related Stories Cars’ Biometric Features Must Evolve to Ease Privacy Concerns Sept. 19, 2024, 8:30 AM UTC Search by Law Firm Greenberg Glusker Search by Topic settlements behavioral advertising connected vehicle technologies mobile devices Greenberg Glusker’s Peter Jackson examines the California Privacy Protection Agency’s enforcement action on connected cars and how it opens up privacy concerns.

Honda Motor Co.‘s $632,500 privacy deal suggests steeper fines are coming for “connected” carmakers. Few were surprised an automaker like Honda would become the first business to settle a claim with California’s privacy watchdog.

The California Privacy Protection Agency first hinted at a “connected vehicles” investigation in July 2023, the same month its enforcement authority began. The surprise? Honda’s cars had nothing to do with it.

The DoJ hasn’t publicly said why it’s interested in the work of DoubleVerify or IAS, and its press team didn’t respond to a request for comment. But given the conversations were “spurred,” by an August report from Adalytics that alleged recruitment ads for the U.S. Navy and National Guard were running on sanctioned Russian and Iranian websites, it’s likely that the DoJ’s lines of questioning were focused on the US government’s own $1.8 billion annual ad spend.

The DoJ’s queries were “hard to ignore,” Tasik said in an email.

Media lawyer Peter Jackson, a counsel at law firm Greenberg Glusker, told Digiday: “From the reporting, the inquiry seems to stem from the government’s own interest in ensuring its ads don’t run against objectionable content, as opposed to a broader inquiry into these services as a whole.” A spokesperson for DoubleVerify confirmed that the firm had not been approached by the DoJ.

A spokesperson for DoubleVerify confirmed that the firm had not been approached by the DoJ. “We maintain close, trusted and transparent relationships with our customers on brand safety and suitability,” they said in an email. IAS did not respond to requests for comment by the time of publication.

Nonetheless, it’s clear that some of these relationships – and others across the industry – are undergoing a reassessment.

The tech giant’s privacy initiative had already faced hurdles in the European Union. In June, noyb—European Center for Digital Rights, one of the EU’s leading privacy advocacy groups, filed a complaint against Google with the Austrian data protection authority over the Privacy Sandbox. The complaint said Google doesn’t obtain valid user consent, and instead tricks users to opt into a so-called “ad privacy feature” which actually turns on the browser’s own internal tracking.

“Google has simply lied to its users,” Max Schrems, honorary chairman and founder of noyb said in a statement. “People thought they were agreeing to a privacy feature, but were tricked into accepting Google’s first-party ad tracking. Consent has to be informed, transparent and fair to be legal. Google has done the exact opposite.”

Peter K. Jackson , counsel at Greenberg Glusker Fields Claman & Machtinger LLP, where he advises clients on technology-related operations.

“I don’t think that the story’s over by any stretch of the imagination, because I don’t think we’ve actually seen a fulsome response from the Competition and Markets Authority about its views on whether this should be over,” Jackson said.

Google’s Privacy Sandbox seeks to rely on what the provider says are a variety of new techniques to enhance users’ privacy online.