Neurotechnology is the next big thing in privacy law and our minds are the last vestige of privacy, Cooley lawyers said Wednesday during a webinar.

The Connecticut Attorney General recommends that lawmakers bolster the Connecticut Data Privacy Act (CTDPA) by scaling back exemptions, lowering thresholds of applicability, strengthening data minimization provisions, clarifying definitions and increasing protections for minors’ data, it said in a report. In addition, the report, released Thursday, recommends halting targeted advertising to children and teens and selling their personal data.

New Jersey Attorney General Matthew Platkin announced Thursday he is filing a lawsuit against messaging platform Discord for deceptive and unlawful business practices that led to children on the platform being exposed to violent and sexual content as well as child predators.

A Virginia reproductive data privacy law taking effect July 1 covers many companies, poses significant compliance challenges and contains a private right of action, privacy attorneys warned last week. In addition, while many believe Virginia has one of the more business-friendly comprehensive privacy laws, the purple state’s narrower new law requires a higher consent standard than blue Washington state’s My Health My Data Act (MHMDA), they said.

Texas will excise the private right of action from its app store age-verification bill, Rep. Caroline Fairly (R) told the House Trade Committee on Tuesday evening.

Privacy Daily is providing readers with the top stories from last week, in case you missed them. All articles can be found by searching on the title or by clicking on the hyperlinked reference number.

Two recent Circuit Court of Appeals cases dealing with the Video Privacy Protection Act (VPPA) of 1988, combined with the 2nd Circuit’s ruling in NBA v. Salazar from October, may have set the stage for a future ruling from the U.S. Supreme Court over whether old laws can be expanded and constitutionally interpreted to apply to new technologies, privacy lawyers say. Others say the circuit split may be resolve by Congress revisiting the statute.

The EU's recent drive to streamline rules in the digital and other sectors could mean potential adjustments to the Data Act and other laws, including the General Data Protection Regulation (GDPR), the European Commission said. But while the EC contemplates possibly cutting red tape, it notes that companies covered by the Data Act have until Sept. 12 to comply with it.

California Attorney General Rob Bonta (D) on Friday appealed an injunction on the state’s Age-Appropriate Design Code Act, re-emphasizing the need to protect children online. The U.S. District Court for Northern California had granted trade association NetChoice’s motion for a preliminary injunction against the Act on March 13, ruling that the legislation was content-based, likely violating the First Amendment, and the state failed to allege real harms.

Companies should be in “full compliance” with DOJ’s data transfer rule by July 8, the department said in a statement Monday (see 2504020067).