With federal enforcement receding in key areas, state attorneys general (AGs) are pursuing aggressive investigations and enforcement actions, asserting themselves as key regulators and enforcers across a wide range of industries. This shift is increasing investigation and litigation risks around consumer protection, antitrust, and privacy, among other areas, creating a complex regulatory environment for businesses.

This webinar offered an analysis of current trends in key areas, including the latest investigation and enforcement activity. Our panelists, many with former government backgrounds, provided informed insights on the unique aspects of AG activity and offer practical strategies for navigating inquiries and mitigating risk.

Top takeaways included: 

1. State AGs are driving aggressive enforcement nationwide. Enforcement has expanded beyond traditional consumer protection and antitrust to include privacy, artificial intelligence (AI), environmental claims, and financial services practices. Democratic leaning states have emphasized environmental claims and financial services abuses, while Republican leaning states have focused on cultural issues and cross-border healthcare.
2. A surge of state privacy and AI laws creates a compliance patchwork. In 2025 alone, eight new state data privacy laws took effect, and over a dozen states now have comprehensive privacy statutes. Colorado’s AI law, effective June 2026, imposes duties to prevent algorithmic discrimination, while Texas’ AI law takes effect January 1, 2026, with safe harbors and an innovation-friendly approach. And, as noted might happen, the Trump administration has now weighed in with an executive order attempting to limit the impact of state-level AI laws.
3. Outside counsel and billion-dollar settlements are reshaping enforcement. States increasingly hire private plaintiffs’ firms on contingency, as seen in Texas’ $1.5 billion settlements with global technology and social media companies. This trend increases litigation aggressiveness and expands AG capacity.
4. California and New York lead in privacy and antitrust actions. California has enforced privacy opt-outs, algorithmic pricing, and healthcare fraud, while New York has pursued data breach settlements and antitrust cases against rental platforms. Both states have been actively litigating against federal rollbacks and defending state regulatory authority.
5. Procedural trends signal higher risk for businesses. AG offices are better staffed, more sophisticated, and increasingly use their own forensic investigations. Cure periods in privacy laws are disappearing, and enforcement often applies nationwide based on state resident impact.
6. Proactive engagement and compliance refresh are critical. Companies should update compliance programs for privacy, cybersecurity, and subscription practices, monitor complaint channels, and engage early with AGs to narrow investigative scope. Building rapport and clarifying technical issues can potentially help resolve matters quickly. Finally, of course, using experienced counsel is critical for engaging with AGs.

McDermott Will & Schulte’s Enforcement Outlook webinar series is designed to keep you up to date on the enforcement trends that might impact your organization’s compliance strategy. For more materials related to past episodes, visit our Enforcement Outlook series hub.