A Texas law requiring app stores to verify the age of users is unconstitutional and should be blocked, the Computer & Communications Industry Association (CCIA) said in a lawsuit filed Thursday.

The U.S. Department of Agriculture’s (USDA) demand for state data on Supplemental Nutrition Assistance Program (SNAP) recipients will likely cause irreparable harm if not blocked, and is contrary to the SNAP Act, a federal court ruled Wednesday as it granted more than 20 states a preliminary injunction.

Privacy Daily is providing readers with the top stories from last week, in case you missed them. All articles can be found by searching the title or clicking on the hyperlinked reference number.

With the growing volume and diverse application of facial recognition technology, privacy advocates are increasingly concerned about issues with consent and how the technology's flaws carry heavy privacy risks, they said in interviews with Privacy Daily.

A possible Pennsylvania version of Daniel’s Law made it through a key committee on Wednesday, though it continued to lack Republican support. The House Judiciary Committee split by party to clear an amended HB-1822, which aims to protect the personal information of public servants, similar to a law in neighboring New Jersey.

Video-streaming box maker Roku “collected, sold and enabled reidentification of sensitive personal data” without receiving authorization or providing meaningful notice, the Florida attorney general’s office said Tuesday. AG James Uthmeier filed a complaint under Florida’s comprehensive privacy law and the Florida Deceptive and Unfair Trade Practices Act in the state’s 20th Judicial Circuit Court.

California Gov. Gavin Newsom (D) signed an age-verification bill and other measures aimed at protecting kids online, pleasing consumer advocates while raising the possibility of a NetChoice lawsuit. However, the Democrat also disappointed some advocates and pleased NetChoice over the holiday weekend by vetoing an AI chatbot bill.

The European Court of Justice (ECJ) decision last month on the meaning of pseudonymized data has sparked a wave of legal comment because DPAs are split over how possible it is for third parties to retrieve personal information from such data, Hogan Lovells privacy lawyer Etienne Drouard said in an interview.

The FCC appears unlikely to make any moves to enforce the data privacy rules approved under the Biden administration, which were recently upheld by the 6th U.S. Circuit Court of Appeals, industry experts said Friday. Last week, the panel that decided the case agreed to hold it in abeyance pending the FCC’s review of the 2023 order, as the agency requested. The panel ordered the FCC to file status reports every 60 days, with the first due Dec. 16.

OneTrust agrees that businesses shouldn't set and forget privacy compliance tools, amid increased scrutiny from regulators, said Ojas Rege, general manager of privacy and data governance. In an interview with Privacy Daily, Rege also said that a great amount of enforcement action is happening behind the scenes, without becoming public. In addition, the OneTrust official warned that “AI amplifies every single privacy and data governance gap you have in your organization.”