Companies selling wearable devices should start with privacy by design to better comply with a growing body of privacy laws, said Duane Morris privacy attorney Michelle Donovan during the law firm’s webinar Tuesday.
A Massachusetts bill about employers’ use of electronic monitoring and automated decisions advanced in the state Senate this week. The Internet Committee approved and sent S-35 to the Ways and Means Committee on Thursday. The panel also cleared a social media accountability bill (see 2510160046).
With different definitions of who counts as a child in various states, more companies are treating anyone younger than 18 as a kid, said privacy lawyers and professionals during an Interactive Advertising Bureau webinar Wednesday. Davis+Gilbert attorney Gary Kibel predicted that disagreement on the age issue could become yet another obstacle to passing a national data privacy law.
Vermont Rep. Monique Priestley (D) is “more than happy” to hash out how to break through a strong industry wall against including a private right of action in privacy legislation, she said Sunday in response to a blog post by Don Marti, the founder of a yet-to-be-named services firm for post-surveillance brands. Priestley is the sponsor of a comprehensive bill with a PRA, but lawmakers punted it in 2025 (see 2505300047).
A comprehensive privacy bill passed the Pennsylvania House with "noteworthy" applicability thresholds and categories of sensitive data, a Philadelphia-based privacy attorney said Thursday. The state House also passed a bill Wednesday that would add a private right of action to the state’s data breach notification law.
A company complying with Maryland’s data minimization standard would be in compliance with a similar measure proposed in a Massachusetts comprehensive privacy bill that’s moving quickly toward passage, said Massachusetts Sen. Michael Moore (D) on the floor Thursday. However, Moore also said he’s fine with Massachusetts being an “outlier” among the 20 states with privacy laws.
Although every state has a data breach notification law, each one imposes different regulations and reporting requirements, Emory Roane, associate director of policy at Privacy Rights Clearinghouse (PRC), said in a recent interview with Privacy Daily. While some protections exist at the federal level, a comprehensive breach law would help, as would data minimization principles, privacy pros added.
Even without a private right of action, a Massachusetts comprehensive privacy bill nearing a Senate floor vote could still be the strongest of about 20 states with such laws, Electronic Privacy Information Center (EPIC) Deputy Director Caitriona Fitzgerald said in an interview Friday. While legislators previously cut the right for individuals to sue -- limiting enforcement authority to the Massachusetts’ attorney general -- they kept data minimization requirements like those from Maryland’s privacy law.
Massachusetts legislators removed a private right of action from a leading comprehensive privacy bill on Thursday.
Though creative plaintiffs' counsel saw early success, the tide is beginning to turn in favor of defendants in California Invasion of Privacy Act (CIPA) cases, said Douglas Bonner in a blog post. The Potomac Law Group lawyer added that these developments may chill future litigation claims under the statute.