Long-anticipated bills by Vermont state Rep. Monique Priestly (D) on comprehensive data privacy (H-208), an age-appropriate design code (H-210) and data broker deletion requirements (H-211) formally entered the legislature on Wednesday. The 2025 privacy bill “contains a number of adjustments that address concerns from stakeholders, including members of the business community, while maintaining the core consumer protections expected by Vermonters,” said an H-208 summary.
Privacy and data protection laws are mushrooming, with nearly 150 countries adopting such regulations, speakers said during a Thursday IAPP webinar. There are 144 nations with national data protection measures, covering nearly 82% of the world's population, IAPP said in an updated report.
More companies could become subject to the Montana Consumer Data Privacy Act under changes contemplated by the original law’s sponsor. Senate Energy and Technology Chair Daniel Zolnikov (R) told Privacy Daily on Thursday he wants to slash the legislation’s applicability thresholds and tighten exemptions. Moreover, under a bill (SB-297) he filed earlier this week, Montana would also add child protections and cut in half the comprehensive privacy law’s 60-day right to cure.
Rep. John Joyce, R-Pa., will lead House Republicans’ working group for comprehensive privacy legislation, House Commerce Committee Chairman Brett Guthrie, R-Ky., announced Wednesday, as expected (see 2501150064).
Oregon finalized a state government AI action plan, Gov. Tina Kotek (D) said Tuesday. An AI advisory council, established by a 2023 executive order, approved the plan that day, the governor’s office said.
Oklahoma’s possible comprehensive privacy law wouldn’t take effect until July 1, 2026, under a proposed amendment filed Wednesday by SB-546 sponsor Sen. Brent Howard (R).
Vermont Rep. Monique Priestley (D) will introduce three privacy bills this week, the lawmaker said Tuesday.
A significant proposed edit to the Maryland privacy law’s data minimization rule would be “a huge boon to the companies that already exploit our data,” Eric Null, Center for Democracy and Technology (CDT) privacy & data project co-director, said Monday. However, Keir Lamont, Future of Privacy Forum (FPF) senior director-U.S. legislation, said the bill would bring clarity only for businesses that don’t handle sensitive data.
A bipartisan group of Georgia senators Wednesday introduced a comprehensive privacy bill in the mold of most other state privacy laws besides California.
A privacy expert who worked on Maryland's age-appropriate design code (AADC) said she hopes it can better withstand legal challenges than the California version of the law.