A Hawaii automotive data privacy bill cleared its first committee Tuesday. The Senate Transportation Committee voted 5-0 to advance SB-1286, but it still needs approval from the Commerce Committee before it can go to the floor.
Sen. Margo Juarez (D) wants to add “teeth” to Nebraska’s privacy law with a bill like California’s Delete Act that aims to make it easier for consumers to delete their data, she said in an interview Tuesday. However, at a livestreamed hearing of the bicameral legislature’s Commerce Committee Monday, counsel for Nebraska’s secretary of state raised concerns that the bill would be difficult to implement.
Software company Onerep released an updated version of YourControl, a free tool that manages the exposure of a consumer's data from major consumer reporting agencies, the company announced Thursday. The update now includes public and non-public data brokers, Onerep said.
The U.S. District Court of Idaho on Monday denied data broker Kochava's motion to dismiss a case alleging that the broker's data sales are unfair acts or practices likely to cause substantial injury to consumers in violation of Section 5(a) of the FTC Act. Kochava moved to dismiss on the basis that Section 5(a) requires tangible consumer injury and a violation of well-established legal policy, the order said. The court said the "FTC is authorized to seek injunctive relief if it has 'reason to believe' that a business is violating, or is about to violate, a law enforced by the FTC," denying Kochava's motion.
Treasury Secretary Scott Bessent will serve as acting director of the Consumer Financial Protection Bureau, the agency announced Monday. CFPB has key privacy authority under the Gramm-Leach-Bliley Act (GLBA). Capitol Hill Republicans told us in recent interviews they plan to use budget negotiations to rein in the agency's cost and scope.
Days ahead of the Jan. 31 deadline for data broker registration, the California Privacy Protection Agency announced that Connecticut-based data broker Key Marketing Advantage (KMA) agreed to pay $55,800 for failing to register and pay a fee in 2024.
"A strong data privacy bill must include a private right of action to allow … individuals to bring a lawsuit when they suffer actual damages,” Vermont Attorney General Charity Clark (D) said Monday. At a livestreamed press conference, Clark supported state Rep. Monique Priestley (D) in reintroducing a privacy bill that Gov. Phil Scott (R) vetoed last year. Priestley said the 2025 bill will also include data minimization rules, despite business concerns stemming from Maryland’s law, which includes such requirements.
A new privacy protocol aims at getting consumers quicker responses from businesses when they seek to exercise their data rights under a growing body of state laws. Consumer Reports and a group of privacy compliance companies will release the Data Rights Protocol (DRP) on Tuesday after nearly four years of development, CR told Privacy Daily. OneTrust, Transcend, Yorba and CR’s Permission Slip announced that they added DRP to their systems and are working to move it to production.
Data processors who use databases freely available online or provided by a third party such as a data broker must verify that their formation or sharing isn't "manifestly unlawful," French privacy regulator CNIL warned Friday (in an unofficial translation). Whoever compiles, uploads or shares the database must comply with laws banning theft or distribution of stolen data and must check that the information isn't the result of a data leak, it said.
NTIA should prioritize transparency and open-internet principles and respect individual privacy rights when crafting potential ethical guidelines for researchers who handle pervasive data, consumer and internet advocates said in comments recently posted.