Nebraska Attorney General Mike Hilgers (R) sued General Motors and its subsidiary OnStar on Tuesday for the alleged unlawful collection, processing and sale of sensitive driving data from state residents without their knowledge or consent. In a press conference Tuesday morning, Hilgers announced the suit, claiming violations of the Nebraska Consumer Protection Act and Uniform Deceptive Trade Practices Act.

Connecticut Attorney General William Tong (D) announced an $85,000 settlement with online marketplace TicketNetwork on Tuesday, the result of an investigation into potential violations of the Connecticut Data Privacy Act (CTDPA). The AG said over two dozen cure notices were sent to the company in four separate sweeps addressing privacy notice deficiencies, and that TicketNetwork repeatedly said they have fixed the issues when that was not true.

Healthline must pay California $1.55 million under the largest proposed settlement yet under the California Consumer Privacy Act, Attorney General Rob Bonta (D) said Tuesday. The settlement, which is pending final court approval, also includes a novel injunctive term prohibiting the company “from sharing article titles that reveal that a consumer may have already been diagnosed with a medical condition,” the AG's office said.

In a 6-3 decision, the U.S. Supreme Court on Friday upheld a Texas law requiring age verification for access to porn sites. The ruling sided with Attorney General Ken Paxton (R) in support of the state's HB-1181, which the Free Speech Coalition, an adult industry trade association, challenged in a 2023 lawsuit, saying it violated the First Amendment (see 2409170012).

Texas Attorney General Ken Paxton (R) announced a nearly $1.4 billion settlement with Google in a case about the company's unlawful tracking and collecting of user's personal information, including geolocation and biometric data. Paxton filed the lawsuit against Google in October 2022, alleging violations of the Texas Capture or Use of Biometric Identifier Act (see 2210200075).

The California Privacy Protection Agency (CPPA) dressed down national menswear retailer Todd Snyder with a $345,178 fine Tuesday for alleged violations of the California Consumer Privacy Act (CCPA).

TikTok's transfer of Europeans' personal data to China violated the EU General Data Protection Regulation (GDPR), the Irish Data Protection Commission (DPC) announced Friday. It fined the social media platform $600 million (530 million euros) and ordered it to clean up its act within six months or face suspension of its data transfers to China. TikTok said it will appeal.

The FTC is finalizing its Children’s Online Privacy Protection Rule with changes from the prior administration’s proposal, the agency said in a Federal Register notice scheduled for publication Tuesday.

The Senate voted 50-46 Thursday to confirm Mark Meador as an FTC commissioner, as expected (see 2503030044).

DOJ’s data transfer rule is scheduled to go into effect April 8, the department confirmed Wednesday.