It's not just app stores that must pay attention to a crop of new age-verification laws in Utah, Texas and Louisiana, Orrick attorneys blogged Thursday: It's app developers, too.
Some state lawmakers are looking to pass legislation regulating the data broker industry in the wake of the shooting deaths last month of former Minnesota House Speaker Melissa Hortman (D) and her husband and the attempted killing of John Hoffman (D), a Minnesota senator, and his wife.
The Health Insurance Portability and Accountability Act (HIPAA) hasn’t kept pace with privacy risks associated with wearable devices, Senate Health Committee Chairman Bill Cassidy, R-La., said during a hearing Wednesday. Sen. John Hickenlooper, D-Colo., also addressed the issue, noting state laws like the Colorado Privacy Act impose security requirements on companies selling wearables.
The Free Speech Coalition said it’s weighing legal options as age-verification laws took effect Tuesday in multiple states.
A controversial proposed change to the California Invasion of Privacy Act (CIPA) will be held until next year, said state Sen. Anna Caballero (D) during an Assembly Public Safety Committee hearing Tuesday. The committee advanced Caballero’s SB-690 to the Privacy Committee with the understanding that it will be delayed. A day earlier, the committee staff raised questions about whether SB-690 was designed to protect “mom-and-pop” businesses from frivolous lawsuits.
Effective Tuesday, an amendment to the Colorado Privacy Act (CPA) that enhances protections for biometric identifiers widens the scope of whom the privacy law applies to and forces companies to review their policies, said privacy lawyers. Enacted as HB-1130 in June 2024, the measure compels entities that collect biometric data to meet stringent notice and consent requirements if they use or intend to use it for unique identification (see 2406030010).
NetChoice filed an additional lawsuit against Arkansas late Friday as it attempted to block a pair of measures that would amend the state’s 2023 Social Media Safety Act, which a court ruled unconstitutional in late March following a NetChoice challenge (see 2504010044).
A comprehensive privacy law taking effect Tuesday in Tennessee may appear business-friendly compared with similar measures in other states, but privacy lawyers note that it also contains some of the highest penalties for noncompliance. Companies could avoid a Tennessee crackdown by taking advantage of a novel safe harbor in the law, Mintz’s Cynthia Larose told Privacy Daily.
Maine has joined a growing list of states in which comprehensive privacy bills stalled in 2025. However, Rep. Amy Kuhn (D), the Maine Judiciary Committee’s House chair, told Privacy Daily on Thursday that her LD-1822 will return in 2026.
A California bill seeking to limit “surveillance pricing” cleared a key committee at a hearing Tuesday afternoon. The Assembly Privacy Committee voted 10-4 for SB-259, with Republicans opposing. In addition, the committee cleared bills about data brokers and breaches as part of a unanimous vote on a consent agenda. All the bills previously passed in the Senate.