Privacy Daily is providing readers with the top stories from last week, in case you missed them. All articles can be found by searching on the title or by clicking on the hyperlinked reference number.
Social Media
Social media platforms are facing intense scrutiny over how they collect, share and monetize user data. As new state and federal laws focus on age verification, parental controls and transparency requirements, social media companies face legal risks around algorithmic targeting, third-party tracking and children's safety. This page follows key legislation, investigations and lawsuits shaping privacy practices for major social platforms.
Encryption is the first line of defense protecting young people online and in the physical world, privacy experts said during a webinar Tuesday that the Future of Privacy Forum (FPF) hosted.
The Electronic Privacy Information Center (EPIC) filed suit against the Department of Government Efficiency (DOGE), the U.S. Treasury Department and the U.S. Office of Personnel Management (OPM) Monday. EPIC called DOGE’s allegedly illegal seizure of personnel records and payment system data “the largest data breach in American history.”
It’s up to social media companies, which make “trillions of dollars” a year, to determine how to effectively verify users’ ages and parental consent for minors, said Connecticut Attorney General William Tong (D) on Monday. Tong urged legislators to pass a kids’ social media bill (HB-6857) at a livestreamed Connecticut General Law Committee hearing. Tech industry groups condemned the proposal in statements.
The 9th U.S. Circuit Court of Appeals should direct a lower court to enjoin California’s 2024 law (SB-976) restricting social media feeds for minors, consumer privacy advocates and free-market groups said in amicus briefs filed Thursday (case 25-146). As it urged the appeals court to reverse the U.S. District Court for Northern California, the Center for Democracy and Technology (CDT) raised privacy concerns about requiring companies to conduct age verification.
The Kids Off Social Media Act (KOSMA) would create redundant and conflicting regulations due to existing children’s privacy protections, the Information Technology & Innovation Foundation said Thursday.
Sensitive information and transparency are key privacy issues that will continue attracting litigation, including in Texas, which has become a major player in regulation and enforcement, Odia Kagan, a partner in the law firm Fox Rothschild, said in an interview.
Though the U.S. education system has focused on gaining parental consent for data protection and privacy issues within schools, student consent should also be important, said a panel discussing the balance between parental consent and privacy at the Student Privacy and Parental Consent conference. Public Interest Privacy Center (PIPC), Toyo University and George Washington Law hosted the event Friday.
The Hellenic Data Protection Authority launched an investigation into the legality under the General Data Protection Regulation of the DeepSeek AI application, it announced Thursday. The Greek regulator is also probing a personal data breach of WhatsApp users by spyware after the social media site notified the watchdog of the breach.
The U.K. Information Commissioner's Office (ICO) Wednesday launched a free online tool to help small organizations ensure their direct marketing activities comply with the Privacy and Electronic Communication Regulations and the U.K. General Data Protection Regulation. The direct marketing advice generator will provide "reliable compliance advice, tailored to their own direct marketing activities, in minutes," the ICO said. The tool covers email, SMS, direct mail, social media, telemarketing and more. It's "crucial" that organizations comply with direct marketing rules, the ICO said, because it avoids customer complaints and fines.