Privacy Daily is providing readers with the top stories from last week, in case you missed them. All articles can be found by searching the title or clicking on the hyperlinked reference number.

Age-verification vendors weren't "surprised" by attempts to circumvent proof-of-age mechanisms once the U.K. Online Safety Act (OSA) rules took effect Friday, Age Verification Providers Association Executive Director Iain Corby told us Tuesday.

The California Privacy Protection Agency (CPPA) announced a $55,400 fine Tuesday against Accurate Append for failing to register as a data broker and pay the annual fee required by the state’s Delete Act (see 2507290031). The CPPA's latest fine signals the agency's crackdown on data brokers, said Troutman Amin law clerk Tammana Malik in a blog post. However, a study last month on California data brokers argues they largely ignore regulation.

Companies are considering relocating business operations from China and cutting off certain data flows in a conservative approach to complying with DOJ’s data transfer rule, privacy attorneys told us in interviews.

The Minnesota Consumer Data Privacy Act, which goes into effect this Thursday, gives consumers new rights and requires that businesses follow stricter measures to protect personal data, said Attorney General Keith Ellison (D) and Rep. Steve Elkins (D), who authored the law.

A coalition of 20 states and the District of Columbia filed a lawsuit Monday against the U.S. Department of Agriculture (USDA) over what they claim are unlawful attempts to collect the personal data of millions of Supplemental Nutrition Assistance Program (SNAP) recipients from the states. Led by the attorneys general of California and New York, the suit -- filed in the U.S. District Court for Northern California -- argues the federal demand for state data violates the U.S. Constitution and multiple federal privacy laws.

Wisconsin Rep. Shannon Zimmerman (R) aims to fast-track comprehensive privacy legislation when state legislators return from summer recess, he said in an interview last week with Privacy Daily. The lawmaker is hopeful that he will find bipartisan support and that the bill will pass in 2025 after it hit roadblocks in prior legislative sessions, he said.

Businesses should start thinking now about complying with new data-protection regulations approved Thursday by the California Privacy Protection Agency (CPPA), privacy attorneys said immediately afterward in blogs and LinkedIn posts. While consumer privacy advocates slammed the rules as weak, one acknowledged they still give California a lead over other U.S. states.

The California Privacy Protection Agency will soon take 15 days of comments on revised draft rules for implementing a data-deletion mechanism under the California Delete Act, the five-person CPPA board decided unanimously during a partially virtual meeting Thursday. The agency expects to extensively test the system to work out any kinks before data brokers start accessing it in August 2026, said General Counsel Philip Laird.

The Senate should revisit legislation to protect consumers’ health data privacy outside the scope of the Health Insurance Portability and Accountability Act (HIPAA), Sens. Bill Cassidy, R-La., and Jacky Rosen, D-Nev., told us in recent interviews (see 2507090048).