A subscriber to The Onion hit the satirical news site with a class-action complaint on Friday, alleging that it deployed a tracking pixel that transmitted his personally identifiable information to third parties without prior knowledge or consent, which violates the Video Privacy Protection Act (VPPA).
Privacy Daily is providing readers with the top stories from last week, in case you missed them. All articles can be found by searching the title or clicking on the hyperlinked reference number.
Italian privacy regulator Garante fined U.S. consumer AI company Luka $5.6 million (5 million euros) for General Data Protection Regulation breaches and launched a probe into how it processes data during the life cycle of the generative AI systems that underlie its Replika chatbot, it announced Monday.
President Donald Trump on Monday signed the Take It Down Act into law, as expected (see 2505160034).
The House Rules Committee will consider the chamber’s reconciliation package and a potential AI moratorium at 1 a.m. E.T. Wednesday after House Budget Committee Republicans reached an agreement with House Freedom Caucus holdouts Sunday and advanced the measure. The package that House Budget considered at Friday’s markup included a provision that would set a 10-year moratorium blocking states from enforcing AI laws (see 2505140059).
In its latest proposal on risk assessment requirements, the California Privacy Protection Agency (CPPA) appears to try to seal up potential constitutional holes that took down California’s age-appropriate design code (AADC) law, Squire Patton attorney Alan Friel said in an interview last week. Ahead of a June 2 deadline to file comments (see 2505020034), privacy lawyers at many firms are combing through the latest tweaks in a highly watched rulemaking on automated decision-making technology (ADMT), changes to the California Consumer Privacy Act (CCPA) and other topics.
The EU-U.S. Data Privacy Framework (DPF) appears to be holding despite Trump administration actions in connection with the FTC and Privacy and Civil Liberties Oversight Board (PCLOB), Irish Data Protection Commissioner Dale Sunderland said during a May 14 interview at the IAPP AI Governance Global Europe conference in Dublin.
Congress should reject a “destructive” proposal that would block states from enforcing AI laws for 10 years, a bipartisan coalition of 40 state attorneys general said in a letter to congressional leaders Friday (see 2505150021 and 2505140059).
Public concern about privacy remains high in New Zealand, an Office of the Privacy Commissioner survey published Thursday found.
Businesses must traverse an expanding “minefield of state and international regulations,” said BigID CEO Dimitri Sirota in an interview last month at the IAPP Global Privacy Conference in Washington. The emergence of AI has also created privacy compliance challenges -- but the emerging technology could also make some aspects of the data protection profession more efficient, he said.