2026 AGA Annual Meeting Wrap-Up: State AGs Focus on AI, Privacy, Pricing, Child Safety, and Public-Private Partnerships
The Attorney General Alliance (AGA) recently held its 2026 Annual Meeting in Sea Island, Georgia, bringing together state attorneys general, senior AG staff, corporate general counsel, and industry leaders for several days of panels, working sessions, and relationship building. The conference offered a window into the enforcement priorities that will shape the regulatory landscape for the rest of the year and beyond. The meeting made clear that AG enforcement is accelerating across AI, privacy, pricing, and child safety, and that the companies who build AG relationships before a crisis are the ones that fare best.
Sessions included The Deadly Deception of Counterfeit Drugs; Building Public-Private Partnerships to Protect Public Health and Safety; Mental Health Matters: Equipping Leaders to Make a Difference; Addressing the Rise of Illicit Substances and Related Criminal Markets; The Evolving Debate Over Prediction Platforms; Navigating a New Era in College Sports; and Financial Fraud in Focus.
We elaborate on some key sessions from the meeting below.
Opening Remarks: AGA Chair AG Raúl Torrez
New Mexico Attorney General Raúl Torrez set the tone for the conference with a call for bipartisan collaboration and good faith debate. AG Torrez emphasized that regardless of party or state size, AGs are in the “get stuff done business,” and that collaborative policy statements and court actions are intended to shape national policy. He framed AGs as public servants who can model constructive governance for other institutions and urged continued coordination on issues ranging from algorithmic pricing to children’s online safety. AG Torrez was then joined by Jim Steyer, CEO of Common Sense Media, to discuss this year’s Chair’s Initiative on Protecting Children from Online Exploitation and Human Trafficking.
A New Pricing Playbook: Driving Innovation, Balancing Transparency, and Serving Consumers
Connecticut AG William Tong moderated a panel on modern pricing, featuring multiple industry representatives and the National Retail Federation (NRF).
AG Tong framed the issue from the consumer perspective: consumers expect a clearly stated price, no hidden fees, and the ability to comparison shop. According to AG Tong, the challenge arises as pricing increasingly involves algorithms, machine learning, and consumer behavioral data. Overall, AG Tong focused on:
- Putting customers on notice through disclosures, even if imperfect;
- Ensuring data-driven pricing actually advantages consumers; and
- Ensuring data does not distort supply and demand and that prices are not increased based on a consumers’ ability to pay or necessity.
Key points from the discussion included:
A company representative noted that they are tracking 75 pricing-related bills; most have not advanced, but Connecticut passed a law and New York has a bill awaiting the governor’s signature. The representative emphasized that “algorithm” can mean a basic formula—like a chocolate chip cookie recipe—and that surveillance pricing raising concerns about race or health data is a fundamentally different question.
NRF pushed back on the “surveillance pricing” framing as a “bogeyman,” stating there is no evidence its members are fluctuating prices real time in stores because doing so would erode customer trust. NRF noted Connecticut’s law takes a more balanced approach: disclosure is required only if a price is increased based on individual data, not decreased.
NRF cautioned that mandatory disclosure of all pricing inputs could create a “black box” that confuses consumers and be collusive. An industry representative similarly warned that requiring companies to divulge how every price is derived could facilitate collusion and disadvantage smaller companies. AG Tong pushed back: “Who better to bear the risk—the retailer or the consumer?”
Affordability, loss leaders, loyalty programs, and discounts were discussed as areas where data legitimately advantages consumers, and where overbroad regulation could chill competitive behavior.
For more information on pricing legislation, including surveillance pricing, see our webinars on the topics here and blog posts here.
The GC & The AG: Building Relationships Before the Crisis
Arkansas AG Tim Griffin moderated a conversation with general counsel from a grocery store chain and ride share app. The overall message was businesses that build relationships with AG offices before there is a problem are the ones that navigate enforcement most successfully.
Key points from the panel included:
The grocery store representative noted that AG offices are increasingly active on M&A, organized retail crime, surveillance pricing, and grocery affordability—and that companies must understand these priorities and engage early. They explained that their company proactively educated AG offices on grocery pricing economics (roughly 2% margins).
The ride share company representative emphasized shared interests with AGs—clear rules, safe communities, information sharing—and highlighted partnerships on human trafficking (drivers recognizing signs), and relationship building through staff-level continuity.
AG Griffin noted that “99% of engagement should be relationship building.” According to him, if you call a GC only when there’s a problem, you’ve already lost.
Practical advice included that companies should engage at staff level (because staff outlast elected AGs), and finding organic partnership opportunities (ORC, human trafficking, drug takeback, gift card fraud, food pricing).
Data Privacy Enforcement: The Patchwork Is Real (But Not What You Think)
Moderated by Sharon Merriweather of the Maryland AG’s Office, this panel featured Delaware’s John Eakins and Andrew Kingman from Mariner Strategies and was one of the most substantive sessions of the conference for companies navigating state privacy compliance.
The panelists first overviewed the state of play for data privacy in the states, including that:
Vermont just signed the 23rd state comprehensive data privacy law. Twenty state laws are currently effective. Core definitions, consumer rights (access, delete, correct, opt out of sale/targeted advertising), sensitive data consent requirements, and the controller/processor framework are largely consistent—about 85% the same across the state laws.
No state has a private right of action. AGs are the primary enforcers. Cure periods have expired. Bipartisan coalitions are actively enforcing.
Delaware’s just-passed amendments (awaiting governor’s signature) include: explicit treatment of inferences as sensitive data even after collection, location data tied to sensitive locations (like abortion clinics) treated as sensitive, contracting and due diligence requirements for third-party disclosures, and a new impact assessment requirement for automated decision-making with discriminatory impacts.
The panelists then discussed enforcement trends and practical signals from the panel, including:
States have moved beyond reviewing privacy notices to examining actual data use and senior leadership involvement. Mr. Eakins said, “We ask for board minutes. Make sure your bosses know—when the states are looking, they want to know what management is doing.”
Multistate coordination is accelerating. A consortium of state privacy regulators plus the California Privacy Protection Agency (CPPA) has an MOU enabling information sharing. Delaware’s calendar is “80–90% multistate meetings.”
States report 99% cooperation from investigation targets. Companies with mature programs—those that can quickly explain what data they collect, how they use it, and who makes decisions—fare significantly better.
Expect settlements in both data security and privacy practices—under state privacy laws and UDAP statutes (including in states without comprehensive privacy laws).
Kingman emphasized that businesses want consistency and clarity, value consumer trust, and appreciate AG guidance on unique state standards.
***
In all, the 2026 AGA Annual Meeting reinforced several themes that companies should keep in mind going forward:
Multistate coordination is the norm, not the exception, and AGs are working together on privacy, pricing, AI, child safety, and financial fraud.
Companies that engage proactively—before enforcement—are the ones that navigate issues most successfully.
AI is simultaneously an enforcement target and an enforcement tool. AGs are using AI internally and regulating it externally.
Privacy enforcement is accelerating and board-level engagement with data practices is no longer optional according to state AGs.
The pricing debate is moving from theory to law. Companies using algorithmic pricing need a defensible story.
We will continue to monitor developments from the AGA and state AG enforcement trends.