The U.S. District Court for the District of Columbia denied a motion for a temporary restraining order against the Education Department, as sought by the University of California Student Association (USCA). Judge Randolph Moss ruled Monday that Department of Government Efficiency (DOGE) access to student data and records will not cause the plaintiffs irreparable harm, so a TRO is unnecessary. However, DOGE faced a new lawsuit at the same court Monday, this time challenging the entity's access to sensitive information at the Internal Revenue Service (IRS).

Thirty years after the idea of restricting international data transfers was conceived, companies find themselves facing a greater level of "dogmatism" than ever and geopolitical tensions could take restrictions to an even higher level, Hogan Lovells privacy and cybersecurity attorneys said during a podcast. Driven by U.S. rules hampering some data flows to China and several other countries, personal data protection is morphing into national security protection. One way to navigate the maze could be a greater focus on binding corporate rules (BCRs), they said.

A private right of action survived a Washington House panel vote on a comprehensive privacy bill Friday. The state's House Technology Committee voted 7-4 on partisan lines to advance an amended HB-1671, with Republicans supplying the nays.

The House Commerce Committee’s new Republican working group will focus solely on comprehensive privacy legislation, and Rep. Gus Bilirakis, R-Fla., will remain the lead on kids privacy, Rep. John Joyce, R-Pa., told us Thursday.

Long-anticipated bills by Vermont state Rep. Monique Priestly (D) on comprehensive data privacy (H-208), an age-appropriate design code (H-210) and data broker deletion requirements (H-211) formally entered the legislature on Wednesday. The 2025 privacy bill “contains a number of adjustments that address concerns from stakeholders, including members of the business community, while maintaining the core consumer protections expected by Vermonters,” said an H-208 summary.

Privacy and data protection laws are mushrooming, with nearly 150 countries adopting such regulations, speakers said during a Thursday IAPP webinar. There are 144 nations with national data protection measures, covering nearly 82% of the world's population, IAPP said in an updated report.

The federal government’s failure to act on children and teens’ online safety and privacy was called out in a Thursday hearing in Washington state's Senate Business Committee. Supporters of a bipartisan bill to protect minors online said that job is now up to the states.

More companies could become subject to the Montana Consumer Data Privacy Act under changes contemplated by the original law’s sponsor. Senate Energy and Technology Chair Daniel Zolnikov (R) told Privacy Daily on Thursday he wants to slash the legislation’s applicability thresholds and tighten exemptions. Moreover, under a bill (SB-297) he filed earlier this week, Montana would also add child protections and cut in half the comprehensive privacy law’s 60-day right to cure.

The European Commission withdrew two controversial pieces of legislation from its 2025 work program, bringing cheers Wednesday from the tech sector as a consumer group jeered.

The U.S. shouldn’t rush to adopt comprehensive AI legislation, despite a growing patchwork of state regulations, Senate Commerce Committee Chairman Ted Cruz, R-Texas, told us Wednesday.