Maryland’s attorney general could make privacy rules despite lacking direct rulemaking authority from the Maryland Online Data Privacy Act (MODPA), WilmerHale’s Samuel Kane said Thursday during a webinar by Privado, a compliance vendor. That could tighten requirements under the state's comprehensive privacy law taking effect next month, the privacy attorney said. Meanwhile, MODPA is set to break ground for state privacy laws due to its unique data minimization provision, but companies can prepare now by more closely documenting how they use data, Kane said.
Software company PowerSchool’s failure to protect the personal information of almost 900,000 Texas schoolchildren and educators late last year was a violation of the Texas Deceptive Trade Practices Act and the Identity Theft Enforcement and Protection Act, alleged Attorney General Ken Paxton (R) in a lawsuit Wednesday (see 2509030050). Texas joined Tennessee (see 2505120026) and a class-action in California (see 2501220057) in suing the company over the incident.
Draft regulations to implement the New Jersey Data Protection Act (NJDPA) may exceed the statute, said advertising, tech industry and news media groups in comments to the New Jersey attorney general’s office’s Division of Consumer Affairs. They suggested that New Jersey try to align more closely with other states that have comprehensive privacy laws.
Consumers filed 214 complaints in the first year since the Oregon Consumer Privacy Act (OCPA) took effect, with the majority concerning online data brokers, according to a report from the state’s DOJ. The right to delete data was consumers' top complaint.
More companies could soon be covered by a Texas data broker law because of two Texas amendments to the statute that take effect on Monday.
Though California is the leader in privacy legislation and regulation, other states are stepping up their enforcement actions, said a blog post last week by McGuire Woods lawyers. Recent actions by Connecticut and Nebraska attorneys general "highlight an important shift: states beyond California are not only enacting laws aimed at safeguarding privacy, they are taking action to demonstrate that those laws have teeth," they wrote.
Amid rising regulatory scrutiny over AI-based therapy, Texas Attorney General Ken Paxton (R) opened a probe into Meta, Character.AI and other chatbot platforms “for potentially engaging in deceptive trade practices and misleadingly marketing themselves as mental health tools,” the AG’s office said Monday.
A federal privacy statute is badly needed, and the timing is right to pass one now, said Chris Oswald, executive vice president and head of law, ethics and government relations at the Association of National Advertisers (ANA). He spoke Tuesday during a panel on data privacy at the group's Masters of Data Conference.
Companies should master the fundamentals of privacy, which will form a solid foundation when handling new privacy regulations, enforcement actions and emerging technologies like AI, said Sourcepoint’s Chief Privacy Officer Julie Rubash and Brian Kane, the chief operating officer of the privacy software company that was recently acquired by Didomi (see 2507080040).
Though many states have fallen short in filling gaps in federal privacy protections for health and genetic information, a few are trying, said Orrick lawyers in a Friday blog post. The lawyers said that public interest in genetic data is on the rise, though the recent 23andMe bankruptcy proceedings exposed concerns about what information is protected and what is not (see 2506100051 and 2506180018).