The California Privacy Protection Agency lacks authority to regulate AI, business groups protested during a partially virtual CPPA hearing Tuesday. They urged that the agency pump the breaks on proposed rules for automated decision-making technology (ADMT) and other changes to privacy regulations under the California Consumer Protection Act (CCPA). However, workers’ rights groups and consumer privacy organizations urged that it proceed with increasing privacy rules.
Colorado will step in if the federal government pulls back on privacy enforcement under the second Trump administration, the state’s AG Phil Weiser (D) told Privacy Daily. In an interview, he said privacy will continue to be a priority for the state in 2025, with Weiser hoping to raise awareness with businesses and consumers about their duties and rights under the Colorado Privacy Act (CPA).
New-for-2025 comprehensive privacy bills appeared in Illinois and Oklahoma this week. In Illinois, state Sen. Sue Rezin's (R) proposed measure seems based on California’s law. The Oklahoma proposal, from Sen. Brent Howard (R), takes a Virginia-style approach. Privacy Daily is tracking comprehensive bills in at least five states.
"With the passage of time and the exponential growth of generative AI,” it’s time to update Virginia’s 2021 privacy law “to keep pace with current technological advances,” Del. Michelle Maldonado (D) said in an emailed statement Friday.
Indiana state Sen. Mike Bohacek (R) is cutting “about two-thirds” of a social media bill requiring age verification to address concerns with the measure (SB-11), he said at a Senate Judiciary hearing Wednesday evening.
The second U.S. state privacy law could be updated this year. Virginia’s legislative session opened Wednesday with a bill by Del. Michelle Maldonado (D) that would add protections for teens, include support for universal opt-out mechanisms and revise other parts of the 2021 Virginia Consumer Data Protection Act. Maldonado's measure would also add an AI section called the "Artificial Intelligence Training Data Transparency Act,” which includes a private right of action.
A Texas bill covering smart devices aims to show “people in real-time on their personal devices what data is being collected and by whom and also gives them the ability to stop the data collection,” state Sen. Bryan Hughes (R) said in an emailed statement Wednesday.
New York state legislators opened their 2025 session Wednesday, introducing comprehensive and healthcare-focused privacy bills, among other measures related to consumer data. Assemblymember Nily Rozic (D) offered the 2025 version of the New York Privacy Act. However, some of it is "not aligned with other comprehensive privacy laws,” which could make compliance a challenge for businesses, warned Hinshaw & Culbertson privacy attorney Cathy Mulrow-Peattie in an email Wednesday.
A reintroduced Connecticut AI bill aims to build on the state’s 2022 comprehensive privacy law, state Sen. James Maroney (D), the privacy law’s author, said in an interview. Maroney’s second attempt at establishing AI requirements will be a priority bill for majority Democrats in the Connecticut Senate next year, Maroney, Senate President Pro Tempore Martin Looney and Majority Leader Bob Duff said in a joint announcement last month.
A comprehensive New York bill to regulate AI surfaced ahead of the state’s legislative session that opens Wednesday. The Assembly referred A-768 by Assemblymember Alex Bores (D) to the Consumer Affairs and Protection Committee.