• |

    Jun. 17, 2026

Colorado and Connecticut AI Laws: Preparing to Comply

New AI laws in Colorado and Connecticut have added to the patchwork of decision-making tool regulations across the U.S. Covered companies need to prepare now to adjust their compliance programs and procedures to address the laws’ requirements, which impact operators of certain automated decision-making technology and AI decision-making tools, AI companions, frontier developers and producers of synthetic content. This second article in a two-part series, with insights from Ballard Spahr, DLA Piper, Fisher Phillips, Holland & Knight and the senator who sponsored the Connecticut law, provides compliance tips for companies seeking to prepare for the new laws and examines what anticipated enforcement may look like. Part one distilled and analyzed the laws’ key provisions. See “Updating Compliance Programs to Address the CPPA’s Regulations on ADMT and Risk Assessments” (Sep. 17, 2025).

GM Settlement Offers Privacy Lessons Relevant Beyond the Auto Sector

California’s $12.75‑million settlement (Settlement) with General Motors (GM) highlights growing regulatory scrutiny of how companies collect, use, and share sensitive location and behavioral data. Stemming from alleged privacy violations tied to GM’s OnStar service, the case emphasizes consent, purpose limitation, data minimization and de‑identification as enforcement priorities. This article outlines the Settlement’s key terms, enforcement trends and practical compliance takeaways, with insights from specialists at Baker Botts, Franfurt Kurnit and Greenberg Traurig. See our four-part series on connected cars: “Connected Cars: FTC GM Settlement Anchors Regulatory Focus” (Mar. 11, 2026), “The Legal Landscape” (Mar. 25, 2026), “Privacy Compliance Guidance” (Apr. 8, 2026), and “Addressing Cybersecurity Issues” (Apr. 22, 2026).

Crime‑Fraud Exception: How the KKR Investigation Reshapes the Attorney‑Client Privilege

A recent federal court ruling underscores that attorney-client privilege can be pierced under the crime-fraud exception where there is evidence that otherwise protected communications or work product were used to further or conceal misconduct. In connection with an ongoing criminal litigation, highlighting the risks posed by such a scenario, the U.S. District Court for the District of Columbia ordered private equity firm KKR to produce to the DOJ otherwise privileged communications between the firm and its lawyers at Kirkland & Ellis. In this guest article, Olshan Frome Wolosky partner Derrelle Janey details relevant elements of the ongoing KKR investigation, the operative tenets of the crime-fraud exception to the attorney-client privilege, and the potential implications of the court order for M&A due diligence, corporate governance, regulatory compliance and fiduciary obligation management. See “Understanding the Fiduciary Exception to Attorney-Client Privilege” (Oct. 4, 2023).

Most-Read Articles