New York Senate Internet Committee Chair Kristen Gonzalez (D) Thursday reintroduced the New York Privacy Act (S-3044) that Sen. Kevin Thomas (D) proposed last year. Thomas departed the legislature at the end of 2024.
A federal district court judge seemed skeptical of several tech industry arguments against California’s 2022 Age-Appropriate Design Code Act at oral argument Thursday. However, U.S. District Court for the Northern District of California Judge Beth Freeman also asked if she should wait for the U.S. Supreme Court to possibly rule on age-verification mandates in Free Speech Coalition v. Paxton.
New York state health data privacy legislation could soon hit the governor’s desk after the Assembly and Senate quickly passed bills this week. Despite Republican opposition on the Assembly floor Wednesday, members voted 95-41 to pass S-929, the Senate version that was substituted forA-2141. The effectively same bills have been compared to Washington state’s My Health My Data law. The Senate passed S-929 on Tuesday after bypassing its committee process (see 2501210068). Republicans and the Computer & Communications Industry Association (CCIA) raised concerns with the legislation, which is supported by the American Civil Liberties Union (ACLU).
The New York Senate voted 49-10 Tuesday to approve a sweeping health privacy bill (S-929) similar to Washington state’s My Health My Data law.
The early weeks of January have brought a blizzard of state bills focused on protecting kids online, including requiring age verification on porn and social media websites. Some industry groups have long raised privacy concerns with such mandates, arguing they could require that users submit sensitive information confirming their age or parental status to consent to a child’s access.
State privacy officials in Delaware and New Hampshire aren’t intentionally looking to catch businesses breaking rules, they told an International Association of Privacy Professionals webinar Wednesday. Both states’ privacy laws took effect Jan. 1 (see 2501060066).
New Jersey’s privacy law took effect Wednesday. It’s the 14th of 20 states with enforceable privacy laws and the fifth comprehensive state law to take effect this month, increasing companies’ risk (see 2501060066).
A kids social media bill requiring age verification cleared the Indiana Senate Judiciary Committee with an amendment in a 10-1 vote at a livestreamed hearing Wednesday. The bill would prohibit kids 15 years old and younger from accessing social media unless they have parental permission.
The California Privacy Protection Agency lacks authority to regulate AI, business groups protested during a partially virtual CPPA hearing Tuesday. They urged that the agency pump the breaks on proposed rules for automated decision-making technology (ADMT) and other changes to privacy regulations under the California Consumer Protection Act (CCPA). However, workers’ rights groups and consumer privacy organizations urged that it proceed with increasing privacy rules.
Colorado will step in if the federal government pulls back on privacy enforcement under the second Trump administration, the state’s AG Phil Weiser (D) told Privacy Daily. In an interview, he said privacy will continue to be a priority for the state in 2025, with Weiser hoping to raise awareness with businesses and consumers about their duties and rights under the Colorado Privacy Act (CPA).