A new enforcement unit in Florida will focus on Chinese threats to consumers, data privacy and economic security, Florida Attorney General James Uthmeier (R) announced Thursday.
Two years after the Connecticut Data Privacy Act (CTDPA) took effect, consumers still complain about unsuccessful attempts to exercise their data rights, said the state's office of attorney general (OAG) in a report Thursday. Another top consumer issue, data breaches, elicited more than 60 complaints last year, it said.
The California Privacy Protection Agency will seek to illuminate how California Consumer Privacy Act (CCPA) rights work in the employment context through an upcoming rulemaking, CalPrivacy Executive Director Tom Kemp said in a keynote at compliance vendor Privado’s Bridge Summit event Wednesday. The agency plans to discuss a timeline for comments on that and other potential rulemakings at the CalPrivacy Board’s Feb. 27 meeting, he said.
Vermont legislators should drop the private right of action from a genetic privacy bill advancing in the House, a representative from Ancestry.com told the House Commerce Committee on Wednesday. Several committee members and the attorney general’s office suggested a PRA is the right approach given the AG’s limited resources.
In the wake of state enforcement against connected TVs, privacy professionals and lawyers recommended companies review data-collection practices and privacy disclosures to protect themselves from fines.
Data brokers should prepare now to comply with the California Delete Request and Opt-out Platform (DROP), Kelley Drye attorneys Aaron Burstein and Celine Guillou blogged Monday. “Preparing to use the DROP requires data brokers to thoroughly understand their data and data flows and implement new processes to interact with the platform.”
DPAs face legal and practical challenges in cross-border enforcement actions, according to a European Data Protection Board (EDPB) report published Monday. These include legal barriers to sharing confidential information and exercising investigatory powers on behalf of foreign DPAs, the absence of mechanisms for enforcing decisions in their countries, and fragmented enforcement cooperation, the document said.
The FTC expects to issue a policy statement on how the FTC Act preempts certain state AI laws in the next six to eight weeks, Consumer Protection Bureau Director Chris Mufarrige said Tuesday during the Privacy State of the Union event.
Google will pay $68 million to settle class-action claims that the company violated California law by allowing its voice-activated assistant to spy on smartphone users, according to a settlement proposed Friday in federal court.
Comcast has agreed to pay $117.5 million to settle class-action claims over a 2023 cyberattack that compromised customer data for millions of subscribers. According to the settlement agreement, filed Friday (docket 2:23-cv-05039) in the U.S. District Court for Eastern Pennsylvania, the parties said the terms were reached after several mediation sessions in 2024 and 2025. Comcast will deposit the $117.5 million into the settlement fund by March 31, even if the court hasn't yet signed off on preliminary approval, they said. Comcast estimated the settlement class to be about 31.7 million people.