Privacy and AI-focused state lawmakers will meet with congressional offices next week to discuss legislative priorities, Virginia Del. Michelle Lopes Maldonado (D) told us in an interview Friday. For 2026, she expressed interest in updating Virginia’s comprehensive privacy law and regulating AI chatbots with Democrats now in full control of the legislative and executive branches after Tuesday's election.
Despite having a “laudable goal,” Colorado may not enforce a law requiring mental health warning labels on social media, the U.S. District Court for Colorado ruled in case 25-cv-2538-WJM-KAS as it granted tech industry association NetChoice’s motion for preliminary injunction on Thursday.
A recent decision added to the growing number of courts dismissing California Invasion of Privacy Act (CIPA) cases for failure to cite cognizable harm, and went further by ruling that consumers lack a reasonable expectation of privacy with metadata such as IP addresses, said Fisher Phillips lawyer Usama Kahf in a LinkedIn post Wednesday.
Facial recognition technology (FRT) deployment in stadiums can facilitate safety and security, though its use raises privacy and cybersecurity concerns, said Orrick lawyers in a Monday blog post.
SAN DIEGO -- Companies that want to avoid enforcement settlements and penalties should collaborate with state regulators during an investigation and whenever authorities are seeking information, officials from California, Colorado, Delaware and Indiana said during a panel at IAPP's privacy and security conference Thursday. The states are all members of the bipartisan Consortium of Privacy Regulators (see 2506020004).
No states have enacted new comprehensive privacy laws in 2025, so far, but “half of those with laws already on the books have made significant amendments to their scopes and requirements,” IAPP said Monday in releasing its revised report on state privacy laws. The report found that eight states updated their privacy laws in 2025: Colorado, Connecticut, Kentucky, Montana, Oregon, Texas, Utah and Virginia.
While there hasn't been a big headline for privacy in 2025, many important smaller developments occurred, George Washington University law professor Daniel Solove and Red Clover Advisors CEO Jodi Daniels said during a webinar Solove hosted Thursday.
The Consumer Financial Protection Bureau should retain consumer privacy protections in Section 1033 of the Dodd-Frank Act and continue guarding against third-party financial data abuse, consumer groups told the CFPB in comments due Tuesday (see 2508210038).
State attorneys general have relied on a combination of state consumer protection law, state comprehensive privacy law, federal children’s privacy law and multistate letters in cases against privacy violators, according to a new report from the Electronic Privacy Information Center.
Companies should be ready to comply with European AI regulations because the EU AI Act will influence U.S. regulation just as the GDPR did, attorneys at Marashlian & Donahue said during a Tuesday webinar.