California’s newly minted Digital Age Assurance Act “will likely create significant compliance challenges for many businesses,” blogged David Stauss and two other Troutman privacy lawyers on Monday.

California added to companies’ increasing worries “about being viewed as ‘selling’ personal data” earlier this month when Gov. Gavin Newsom (D) signed an update to the California Delete Act, Sheppard Mullin attorneys Lissa Thomas and Kathryn Smith blogged Thursday.

No states have enacted new comprehensive privacy laws in 2025, so far, but “half of those with laws already on the books have made significant amendments to their scopes and requirements,” IAPP said Monday in releasing its revised report on state privacy laws. The report found that eight states updated their privacy laws in 2025: Colorado, Connecticut, Kentucky, Montana, Oregon, Texas, Utah and Virginia.

Businesses should comb through their data-collection practices to comply with the unusual aspects of the Maryland Online Data Privacy Act (MODPA), Kelley Drye privacy lawyers Aaron Burstein and Austin Del Priore blogged Friday.

The California Privacy Protection Agency launched a webpage for consumers Friday previewing the agency’s upcoming Delete Request and Opt-Out Platform (DROP), Executive Director Tom Kemp posted on LinkedIn. The agency plans to release the accessible data deletion mechanism Jan. 1.

The California DOJ will hold a Nov. 5 public hearing as part of the lead-up to a rulemaking for the state’s new social media addiction regulation, Attorney General Rob Bonta (D) announced Thursday.

Expect other states to follow California’s lead in trying to give consumers more control over their data, Sheppard Mullin lawyers Michael Sutton and Sara Shanti blogged Wednesday.

The California Privacy Protection Agency's new rules on automated decision-making technology, risk assessments and cybersecurity audits “are some of [its] most significant yet,” the Future of Privacy Forum said in an issue brief published Wednesday. The rules received final approval Sept. 23 and start to apply Jan. 1 (see 2509230036).

This year’s Pennsylvania comprehensive privacy bill might have a shot of becoming law despite a similar bill’s failure last year, Fisher Phillips lawyers blogged Monday.

A Pennsylvania bill meant to stop inappropriate data-driven pricing surfaced this week with 15 Democratic House sponsors. Rep. Danilo Burgos (D) introduced HB-1942 on Thursday and the House referred it to the Consumer Protection Committee.