Video-streaming box maker Roku “collected, sold and enabled reidentification of sensitive personal data” without receiving authorization or providing meaningful notice, the Florida attorney general’s office said Tuesday. AG James Uthmeier filed a complaint under Florida’s comprehensive privacy law and the Florida Deceptive and Unfair Trade Practices Act in the state’s 20th Judicial Circuit Court.
California Gov. Gavin Newsom (D) signed an age-verification bill and other measures aimed at protecting kids online, pleasing consumer advocates while raising the possibility of a NetChoice lawsuit. However, the Democrat also disappointed some advocates and pleased NetChoice over the holiday weekend by vetoing an AI chatbot bill.
OneTrust agrees that businesses shouldn't set and forget privacy compliance tools, amid increased scrutiny from regulators, said Ojas Rege, general manager of privacy and data governance. In an interview with Privacy Daily, Rege also said that a great amount of enforcement action is happening behind the scenes, without becoming public. In addition, the OneTrust official warned that “AI amplifies every single privacy and data governance gap you have in your organization.”
With different definitions of who counts as a child in various states, more companies are treating anyone younger than 18 as a kid, said privacy lawyers and professionals during an Interactive Advertising Bureau webinar Wednesday. Davis+Gilbert attorney Gary Kibel predicted that disagreement on the age issue could become yet another obstacle to passing a national data privacy law.
An Ohio state representative questioned Google’s intentions for supporting an age-verification bill (HB-302) at a House Judiciary Committee hearing livestreamed Wednesday.
Adding two more states to the Consortium of Privacy Regulators will increase the multistate enforcement body’s power, lawyers who previously worked for state attorney general offices said Wednesday. Minnesota and New Hampshire AGs joined the group, the California Privacy Protection Agency (CPPA) announced Wednesday.
Businesses should expect an increase in universal opt-out preference signals (OOPS) after California Gov. Gavin Newsom (D) signed a bill Wednesday that requires all web browsers to support the functionality (see 2510080036), said Tom Kemp, California Privacy Protection Agency executive director. The CPPA and regulators in other states are checking if companies are honoring such requests, Kemp warned in an interview Wednesday. Newsom signed AB-566 and two other privacy bills earlier in the day.
A new California law setting concrete deadlines for data breach notifications could make a big difference in the state, Emory Roane, Privacy Rights Clearinghouse (PRC) associate director of policy, said Tuesday.
California will now require companies to notify residents of the state within 30 calendar days of a company discovering a data breach. Gov. Gavin Newsom (D) signed SB-446 on Friday after it sailed through the legislature (see 2508290005).
A comprehensive privacy bill passed the Pennsylvania House with "noteworthy" applicability thresholds and categories of sensitive data, a Philadelphia-based privacy attorney said Thursday. The state House also passed a bill Wednesday that would add a private right of action to the state’s data breach notification law.