NAAG Eastern Region 2025: State AGs Focus on Artificial Intelligence and Environmental Enforcement
Client Alert | September 22, 2025
The National Association of Attorneys General (NAAG) 2025 Eastern Region Meeting brought together attorneys general and staff throughout the Northeast and beyond, along with law enforcement and policy leaders. The agenda centered on public safety and violence prevention, but the key discussions for businesses focused on artificial intelligence (AI) and environmental enforcement. Regulators emphasized that there are plenty of existing legal authorities—consumer protection statutes, environmental regulations, common law theories, and state privacy laws—to enable them to address emerging challenges even without new regulation. Regulators from several key states further indicated how they are likely to interpret these existing statutory tools in evolving contexts and identified key areas of enforcement focus.
ARTIFICIAL INTELLIGENCE ENFORCEMENT
The AI panel included perspectives from Kashif Chand, an Assistant Attorney General at the New Jersey Attorney General’s Office and Dave Cole, New Jersey’s Chief Innovation Officer. The panelists were aligned on the near-term use of existing state consumer protection and privacy frameworks to address AI-related conduct.
Using Current Law to Regulate AI
Kashif Chand spoke about the suite of laws that New Jersey currently uses to regulate AI, from the longstanding state Consumer Fraud Act (CFA) to the more recent New Jersey Data Protection Act (NJDPA), which took effect in January. Chand considers New Jersey’s CFA to be among the strongest laws of its kind in the country, empowering the Attorney General to regulate misrepresentations and deceptive advertising, including in cases where deception arises from failing to disclose that a consumer is interacting with an AI system or relying on an AI output.
Chand also considers certain requirements in the NJDPA—especially the requirements to disclose the purposes of processing and to conduct risk assessments—to function as AI regulation. This is consistent with the approach taken in sections of the draft NJ privacy regulations released in June, which provide that businesses must disclose the “purposes for processing personal data” in order to “give consumers a meaningful understanding of how each category of personal data is used,” such as “targeted advertising,” “credit profiling,” or “AI modeling.” N.J.A.C. 13:45L-2.2(a)(2).
Chand’s remarks, in combination with the draft regulations, suggest that the New Jersey Attorney General may interpret the NJDPA as requiring AI-specific disclosures when businesses use consumers’ personal data to train or otherwise develop AI.
Bias, Sycophancy, and Continuous Testing
Speakers flagged the risk of “sycophancy,” or AI systems that aim to please the user rather than provide accurate results, while noting that it may be an inherent risk due to the open-ended nature of training. Panelists acknowledged the importance of consumer controls (such as opt-outs), but at least one panelist raised a potential consumer protection tension because opt-outs may increase the risk of skewed data sets based on the types of individuals who are likely to opt out. The panelists were in agreement about the public-interest value of responsibly using certain sensitive data (for example, health-related applications).
To counter inherent risks, Chand emphasized that continuous testing across the model lifecycle is necessary for surfacing issues before they result in public harm.
Transparency and Regulator Engagement
The panelists spoke about the role of transparency and open communication before and during investigations. Chand explained that transparency is important, and he distinguished between companies that make good-faith efforts to educate regulators on their processes and companies that give one-line answers to questions. Dave Cole likewise resisted suggestions that companies should be afraid of sharing complex data or technical processes with regulators due to the risk of data breaches, noting that state regulators now have access to secure review options and, as a result, will still expect access to proprietary materials in AI-focused investigations.
ENVIRONMENTAL ENFORCEMENT
Panelists framed environmental enforcement as both a public health and consumer protection priority. Businesses can expect continued multistate coordination, reliance on laws beyond traditional environmental statutes, and a focus on enforcement in communities that have historically faced higher pollution levels.
Legacy Contamination
Panelists discussed how large settlements related to environmental issues can result in both cleanup and deterrence. Speakers cited significant recoveries and active litigation intended to fund drinking water protection and site remediation, and noted that these actions frequently pair environmental statutes with broader consumer-protection and common-law claims.
Participants also explained that enforcement priorities are often state-specific. Maine, for example, focuses on preservation to ensure that its seafood, hunting, guiding, and timber economies remain viable, whereas Ohio’s enforcement priorities often focus on noncompliant industrial actors or out-of-state pollution carried in via the Ohio River.
Environmental Justice in the Permitting Process
New Jersey Executive Assistant Attorney General Angela Cai spoke about the state’s Environmental Justice Law (EJ Law), enacted in 2020, which requires, as part of the permitting process, enhanced community input and stricter review for certain facilities in low-income or minority communities. Cai said that although New Jersey’s pollution enforcement (on the order of 75 cases a year) is statewide, regulators pay special attention to communities that the EJ Law identifies as “overburdened” because they have historically suffered from disproportionate pollution.
LOOKING AHEAD
Taken together, the sessions suggest that environmental matters and AI-related issues will remain near-term enforcement priorities for state regulators. Businesses should expect that state regulators will continue to apply established consumer protection, environmental, and privacy laws to address new and evolving challenges—sometimes in novel ways.
Gibson Dunn lawyers are available to assist in addressing any questions you may have about these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm’s State Attorneys General (AG) Task Force:
State Attorneys General (AG) Task Force:
Artificial Intelligence:
Keith Enright – Palo Alto (+1 650.849.5386, kenright@gibsondunn.com)
Eric D. Vandevelde – Los Angeles (+1 213.229.7186, evandevelde@gibsondunn.com)
Antitrust & Competition:
Eric J. Stock – New York (+1 212.351.2301, estock@gibsondunn.com)
Climate Change & Environmental:
Rachel Levick – Washington, D.C. (+1 202.887.3574, rlevick@gibsondunn.com)
Consumer Litigation & Products Liability:
Christopher Chorba – Los Angeles (+1 213.229.7396, cchorba@gibsondunn.com)
Consumer Protection:
Gustav W. Eyler – Washington, D.C. (+1 202.955.8610, geyler@gibsondunn.com)
Natalie J. Hausknecht – Denver (+1 303.298.5783, nhausknecht@gibsondunn.com)
Ashley Rogers – Dallas (+1 214.698.3316, arogers@gibsondunn.com)
DEI & ESG:
Stuart F. Delery – Washington, D.C. (+1 202.955.8515,sdelery@gibsondunn.com)
Mylan L. Denerstein – New York (+1 212.351.3850, mdenerstein@gibsondunn.com)
False Claims Act & Government Fraud:
Winston Y. Chan – San Francisco (+1 415.393.8362, wchan@gibsondunn.com)
Jonathan M. Phillips – Washington, D.C. (+1 202.887.3546, jphillips@gibsondunn.com)
Jake M. Shields – Washington, D.C. (+1 202.955.8201, jmshields@gibsondunn.com)
James L. Zelenay Jr. – Los Angeles (+1 213.229.7449, jzelenay@gibsondunn.com)
Labor & Employment:
Jason C. Schwartz – Washington, D.C. (+1 202.955.8242, jschwartz@gibsondunn.com)
Katherine V.A. Smith – Los Angeles (+1 213.229.7107, ksmith@gibsondunn.com)
Privacy & Cybersecurity:
Ryan T. Bergsieker – Denver (+1 303.298.5774, rbergsieker@gibsondunn.com)
Cassandra L. Gaedt-Sheckter – Palo Alto (+1 650.849.5203, cgaedt-sheckter@gibsondunn.com)
Vivek Mohan – Palo Alto (+1 650.849.5345, vmohan@gibsondunn.com)
Securities Enforcement:
Osman Nawaz – New York (+1 212.351.3940, onawaz@gibsondunn.com)
Tina Samanta – New York (+1 212.351.2469, tsamanta@gibsondunn.com)
David Woodcock – Dallas (+1 214.698.3211, dwoodcock@gibsondunn.com)
Lauren Cook Jackson – Washington, D.C. (+1 202.955.8293, ljackson@gibsondunn.com)
Tech & Innovation:
Ashlie Beringer – Palo Alto (+1 650.849.5327, aberinger@gibsondunn.com)
White Collar & Litigation:
Collin Cox – Houston (+1 346.718.6604,ccox@gibsondunn.com)
Trey Cox – Dallas (+1 214.698.3256,tcox@gibsondunn.com)
Nicola T. Hanna – Los Angeles (+1 213.229.7269, nhanna@gibsondunn.com)
Allyson N. Ho – Dallas (+1 214.698.3233,aho@gibsondunn.com)
Poonam G. Kumar – Los Angeles (+1 213.229.7554, pkumar@gibsondunn.com)
© 2025 Gibson, Dunn & Crutcher LLP. All rights reserved. For contact and other information, please visit us at www.gibsondunn.com.
Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials. The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel. Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.