A California bill seeking to limit “surveillance pricing” cleared a key committee at a hearing Tuesday afternoon. The Assembly Privacy Committee voted 10-4 for SB-259, with Republicans opposing. In addition, the committee cleared bills about data brokers and breaches as part of a unanimous vote on a consent agenda. All the bills previously passed in the Senate.
Data Brokers and Delete Acts
Data brokers aggregate and sell personal data—often without clear user awareness. In response, many U.S. states are passing “delete acts” and other laws to increase transparency, require registration and give users control over data sales. These laws will reshape compliance and collection practices for brokers and companies relying on third-party data. This page tracks legislation, rulemaking and enforcement trends affecting the data brokerage industry.
The Electronic Frontier Foundation (EFF) and Privacy Rights Clearinghouse on Tuesday sent letters to the attorneys general of California, Texas, Oregon and Vermont, asking that they investigate data brokers that have failed to register with state consumer protection agencies as required by law.
Understanding “data flows” and “who has access" are the most important steps in making a good-faith effort to comply with the DOJ’s bulk data transfer rule before a three-month grace period ends, said privacy attorney Nancy Libin during a Davis Wright webinar Tuesday. DOJ will begin full enforcement July 8 (see 2504140047).
The FTC’s 2024 settlement with NGL Labs and 2023 agreement with Epic Games could serve as a blueprint for federal and state enforcers protecting teens from privacy and design-related harms, former Consumer Protection Bureau Director Samuel Levine told Privacy Daily in an interview Monday.
Data brokers face new requirements starting Sept. 1 under two Texas bills that Gov. Greg Abbott (R) signed Friday.
The New Jersey Supreme Court upheld Daniel’s Law in a decision Tuesday, rejecting a journalist’s First Amendment challenge to the statute that aims to protect certain public officials' personal information.
Businesses should be aware of unusual requirements in New Jersey draft rules for implementing the state’s comprehensive privacy law, several law firms warned in blog posts this month.
U.S. companies can use state privacy laws to better gauge when they’re considered data brokers under DOJ’s data transfer rule, Hunton privacy attorney Michael La Marca said during a Tuesday webinar.
Sen. Ron Wyden, D-Ore., is pressing three major American airlines over claims they’re selling bulk customer data to federal agencies.
California Privacy Protection Agency draft rules for making a data deletion mechanism required by the state’s Delete Act exceed the law’s scope and one requirement may be unconstitutional, the Software & Information Industry Association (SIIA) said in comments at the CPPA.