While a longstanding federal health law doesn't cover as much data as some people think, more recent state measures may be overcompensating and over-complicating health care privacy, said WilmerHale privacy attorney Kirk Nahra on a Tuesday webinar. Daniel Solove, George Washington University Law professor, predicted “we're going to see ... this complicated landscape get even more complicated.”

Massachusetts senators advanced a comprehensive privacy bill that includes a private right of action and Maryland-like data-minimization requirements. On Monday, the Senate side of the legislature’s joint Advanced Information Technology Committee advanced to the Ways and Means Committee a new draft of the Massachusetts Data Privacy Act (S-2516) that replaces bills by the committee’s Senate Chair Michael Moore (D), Senate Majority Leader Cynthia Creem (D) and Sen. William Driscoll (D). Some alternatives remain pending, including legislation by Sen. Barry Finegold (D), his spokesperson told Privacy Daily.

Members of a bipartisan multistate AI policy working group are preparing an open letter opposing a U.S. House proposal that sets a 10-year moratorium on the enforcement of state AI laws (see 2505120067), Maryland Sen. Katie Fry Hester (D) told us Tuesday. Virginia Del. Michelle Lopes Maldonado (D), another working group member who has helped spearhead AI legislative efforts in her state, told us the House proposal appears to be part of a concerted industry effort to kill forward momentum on state AI bills. Meanwhile, senators we spoke to on Capitol Hill split largely on party lines about the plan Tuesday.

Age-verification tools are not a silver bullet that will protect children and young people on internet sites and social media platforms, speakers said Monday at a session of the European Dialogue on Internet Governance.

Google's nearly $1.4 billion settlement with Texas solidifies the state's status as an aggressive privacy enforcer, lawyers and consumer privacy advocates said Monday. Texas announced the settlement Friday in a case involving Google's allegedly unlawful tracking and collection of users' personal information, including geolocation and biometric data (see 2505090071).

The House Commerce Committee on Tuesday will mark up budget reconciliation language that would impose a 10-year moratorium blocking states from enforcing AI regulations, Chairman Brett Guthrie, R-Ky., announced Friday night.

Rhode Island senators unanimously supported regulating consumer genetic testing services. The state's Senate voted 35-0 Thursday to pass a genetic information privacy bill (S-767). The House referred the bill to its Judiciary Committee on Friday. However, an Electronic Privacy Information Center (EPIC) attorney said Friday that the consent-based bill doesn't do enough to protect consumers.

Irish Data Protection Commission Deputy Commissioner Cian O'Brien sees a "welcome trend" toward greater agreement among EU data protection authorities (DPAs) in enforcement cases. He spoke Friday during an IAPP webinar about the office's decision against TikTok.

The GDPR’s Article 5 data-processing principles will likely remain intact, but there’s potential for compromise on revisions to other data-processing requirements in forthcoming negotiations, a center-right digital policy advisor for the European Parliament said Friday at the Privacy + Security Forum spring academy.

Incorporating children's and teen safety into privacy has led to a variety of approaches under state law, said two Latham Watkins attorneys on a panel at the Privacy + Security Forum spring academy Friday. An age-gate is the best way for companies to ensure compliance with all of them, they added.