HIPAA isn’t enough to protect the privacy of consumer health information in the digital age, the Electronic Privacy Information Center said in a report released Wednesday. Requiring a strong data minimization standard may be the best solution, EPIC said. “We face a health data privacy crisis caused by unregulated digital technologies, weak privacy laws and the criminalization of many forms of health care,” Sara Geoghegan, EPIC senior counsel, said during a Wednesday webinar about the report.
Passing restrictions on so-called surveillance pricing will be a legislative priority for Maryland Gov. Wes Moore (D) this year, the governor’s office said Tuesday. Moore will back legislation called the Protection from Predatory Pricing Act, which would prohibit “dynamic pricing and the use of surveillance data to inform individualized pricing in Maryland grocery stores -- shielding Marylanders from invasive data practices and unpredictable price spikes that make their grocery bills more expensive,” his office added.
National industry groups pushed back against data broker registration bills in two states at legislative hearings this week. The opposition appeared to be successful in New Hampshire, where the House Judiciary Committee voted 15-0 Wednesday on a motion to deem HB-1694 “inexpedient to legislate.” A day earlier, TechNet and other business groups raised concerns about Washington state’s similar HB-2483 at a House Consumer Protection Committee hearing, but that panel didn’t vote.
New Jersey Gov. Phil Murphy (D) signed an amendment to the state’s comprehensive privacy law (A-5017), while killing an immigration privacy bill (A-6309), before leaving the governor’s mansion, the governor’s office said Tuesday.
The sponsor of a Washington state bill on kids online safety dismissed privacy concerns about age verification during a House Consumer Protection Committee hearing on Friday. The committee heard testimony on HB-2112, which would require age verification to restrict kids younger than 18 from accessing porn online.
New York lawmakers will continue pushing for AI regulation, state legislators stressed at a Senate Internet and Technology Committee hearing livestreamed Thursday. That’s even after New York last year enacted a broad AI measure called the Responsible AI Safety and Education (Raise) Act (see 2512220061) and despite President Donald Trump’s executive order seeking to stop states from regulating AI (see 2601130058).
Enforcements against Datamasters and S&P Global showed the California Privacy Protection Agency (CalPrivacy) applying penalties to small and large data brokers -- without leniency for inadvertent errors, lawyers said in interviews with Privacy Daily this week. The Datamasters action also highlighted the agency’s interest in protecting vulnerable groups' data, said Womble Bond’s Tyler Bridegan.
New Hampshire should give residents property rights over personal data stored in the cloud, state Rep. James Spillane (R) said during a House Judiciary Committee hearing livestreamed Wednesday. Spillane means for his HB-1436 to follow up on a 2019 constitutional amendment giving state residents a right to privacy and a comprehensive privacy law passed in 2024, he said. But the state's chamber of commerce opposed the measure.
Federal inaction necessitates state action to regulate AI, Rep. Cindy Ryu (D), chair of Washington state’s House Technology Committee, said Wednesday. However, at the panel’s livestreamed hearing, technology and other business groups lined up against Ryu’s broad AI bill (HB-2157), saying it goes beyond the Colorado AI Act, a measure they also dislike.
The New Jersey legislature passed a fast-moving immigration privacy bill (A-6309) and proposed carveouts (A-5017) to the state’s comprehensive privacy law Monday. On the same day that A-6309 passed, Gov. Phil Murphy (D) sought and received changes to the immigration measure, including removing a private right of action for enforcement of health care facilities.