News & Analysis as of July 25, 2025

Compliance › State Attorneys General › State Privacy Laws

+ Follow

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. ... more +

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -

States Continue Privacy Law Enforcement Efforts

Wiley Rein LLP on 7/17/2025

Recent enforcement activities in California and Connecticut highlight that states are ready and willing to actively enforce their comprehensive privacy laws. These recent actions – which continue the trend of states ramping...more

California AG focuses on contracts, opt-outs, and consumer disclosures in Healthline settlement

Kelley Drye & Warren LLP on 7/17/2025

On July 1, 2025, California Attorney General Rob Bonta announced a $1.55 million proposed settlement order with Healthline Media – the largest California Consumer Privacy Act (CCPA) settlement to date. The proposed settlement...more

State AGs Arm Up for Privacy Enforcement with Technical Hiring Surge—Is AI Next?

Brownstein Hyatt Farber Schreck on 7/16/2025

State attorneys general (AGs) are significantly ramping up their technical hiring to enforce a growing patchwork of state privacy laws—potentially creating an enforcement template for other tech enforcement areas like...more

State AGs, and Mark Twain, Hold Companies Accountable for AI Use

Kelley Drye & Warren LLP on 7/15/2025

This week, two state attorneys general on very different ends of the political spectrum announced separate actions related to purported discrimination by AI services. Missouri sent inquiry letters to four Big Tech companies...more

Connecticut AG Announces $85,000 CTDPA Fine

Fox Rothschild LLP on 7/11/2025

Connecticut Attorney General William Tong recently announced his office’s first enforcement action for violations of the Connecticut Data Privacy Act. “This law has now been in effect for two years,” Tong said in a...more

5 Key Privacy Enforcement Insights Shared by State Regulators at IAPP’s #GPS25

Wiley Rein LLP on 4/25/2025

IAPP’s Global Privacy Summit in DC this week has featured panels with several state regulators charged with enforcing their state’s privacy laws, including regulators from California, Colorado, Connecticut, and Oregon. The...more

Consumer Privacy Laws Are Expanding Nationwide

Tonkon Torp LLP on 4/15/2025

Businesses operating across the U.S. should pay close attention to the rapidly evolving consumer privacy landscape. To date, 20 states, including Oregon, have enacted comprehensive consumer privacy laws, with 14 already in...more

Latest Installment of our Mintz Matrix!

Mintz - Privacy & Cybersecurity Viewpoints on 3/3/2025

Please visit here to visit our Mintz Matrix page with the latest edition of the Mintz Matrix, which is a 50-state resource we have maintained since 2009 to break down and summarize requirements of U.S. state data breach...more

Texas AG Targets Allstate in First Enforcement of Texas Data Privacy and Security Act

Vinson & Elkins LLP on 2/5/2025

On January 13, 2025, Texas Attorney General Ken Paxton (“Texas AG”) filed the first-ever enforcement action under the Texas Data Privacy and Security Act (“TDPSA”) against insurance company Allstate and its subsidiary, Arity...more

Businesses Have 30 Days to Report a Security Breach of New Yorker’s Private Information

Tarter Krinsky & Drogin LLP on 1/17/2025

New York State Governor Hochul recently gave us a “pre” New Year’s gift: effective on December 21, 2024, any individuals or businesses possessing the “private information” of New Yorkers must notify them, and certain state...more

California Attorney General Announces New Investigative Sweep Targeting CCPA Compliance for “Large California Employers”

Dorsey & Whitney LLP on 7/31/2023

On July 14, 2023, the California Attorney General announced an investigative sweep targeting CCPA compliance efforts by “large California employers.” The Attorney General’s Office stated that it sent inquiry letters to large...more

Recently Enacted Health Data Privacy Laws in Washington and Nevada Pose Challenges for Businesses

Latham & Watkins LLP on 7/26/2023

Washington State and Nevada have now passed health data privacy laws that impose obligations relating to the collection, processing, and sharing of “consumer health data.” Both laws (collectively, State Health Data Privacy...more

Colorado Privacy Act - Enforcement is here

BCLP on 7/20/2023

The Colorado Privacy Act (“CPA”), Colorado’s first comprehensive consumer privacy law, came into effect on July 1, 2023. Like many new privacy laws, though, there has been uncertainty surrounding when meaningful enforcement...more

Colorado Attorney General’s Office Publishes Proposed Rules for Colorado Privacy Act

WilmerHale on 10/10/2022

On September 30, the Colorado Attorney General’s Office (“Colorado AG’s Office”) released proposed rules (the “Proposed Rules”) for the Colorado Privacy Act (CPA), which goes into effect on July 1, 2023. The Proposed Rules...more

14 Results

/

View per page

Page: of 1