While there hasn't been a big headline for privacy in 2025, many important smaller developments occurred, George Washington University law professor Daniel Solove and Red Clover Advisors CEO Jodi Daniels said during a webinar Solove hosted Thursday.
Making sure that executive suite members understand the privacy landscape is key to ensuring companies stay proactive and in compliance, said panelists at a privacy risk event Tuesday. During another panel, the executive director of the California Privacy Protection Agency (CPPA) discussed how it's helping raise awareness of privacy issues with businesses. Compliance vendor DataGrail sponsored the event.
Florida’s privacy lawsuit last week against Roku surprised some data-protection experts, since the state’s Digital Bill of Rights frequently carries an asterisk in lists of the 20 state comprehensive privacy laws -- if it’s included at all. In the aftermath, however, some privacy experts told Privacy Daily that they’re still not ready to add Florida to the list.
An Albany-based accounting firm will pay $60,000 to settle with New York state in a data breach case, the attorney general's office said Monday. The AG's office said that the firm, Wojeski & Co., failed to adequately protect client data and notify customers of breaches, which exposed more than 6,000 individuals' personal information during two cybersecurity incidents. The firm waited more than one year before it notified victims of the first data breach, the state office said.
States increased enforcement and coordination this year, privacy experts said Thursday during a webinar hosted by compliance vendor Ketch.
Existing laws, especially in the privacy space, should be relied on heavily when looking to regulate AI, said panelists during an AI and privacy conference hosted by the Practising Law Institute (PLI) Thursday.
Pension scheme support company Capita's failure to process personal data securely or effectively respond to a cyberattack earned it a fine of 14 million pounds ($18.7 million) from the U.K. ICO, the watchdog announced Wednesday. The fine was part of an agreed settlement in which Capita admitted liability and declined to appeal.
European DPAs will focus their next coordinated enforcement action on compliance with the GDPR's transparency and information requirements, the European Data Protection Board (EDPB) announced Tuesday. The push will launch in 2026.
Video-streaming box maker Roku “collected, sold and enabled reidentification of sensitive personal data” without receiving authorization or providing meaningful notice, the Florida attorney general’s office said Tuesday. AG James Uthmeier filed a complaint under Florida’s comprehensive privacy law and the Florida Deceptive and Unfair Trade Practices Act in the state’s 20th Judicial Circuit Court.
Age-restricted social media platforms are "on notice" that they must comply with Australia's strict minimum age scheme, which takes effect Dec. 10, Privacy Commissioner Carly Kind warned Friday.