Photo of David Stauss

David Stauss

 

David routinely counsels clients on complying with privacy laws such as the EU's General Data Protection Regulation, the California Consumer Privacy Act, the Colorado Privacy Act, and other state privacy laws. David is certified by the International Association of Privacy Professionals as a Privacy Law Specialist, Certified Information Privacy Professional (US and EU), Certified Information Privacy Technologist, and Fellow of Information Privacy.

Keypoint: Last week, the Vermont Governor signed the Vermont Age-Appropriate Design Code Act into law.

Below is the twenty third weekly update on the status of proposed state privacy legislation in 2025. As always, the contents provided below are time-sensitive and subject to change.

Table of Contents

  1. What’s New
  2. AI Bills
  3. Bill Tracker Chart

1.

Keypoint: Last week, the Connecticut legislature passed an amendment to the state’s consumer data privacy law and bills advanced in Oregon, California, Texas, Nevada, Louisiana, and New York.

Below is the twenty second weekly update on the status of proposed state privacy legislation in 2025. As always, the contents provided below are time-sensitive and subject

Keypoint: Last week, governors in Colorado, Oregon, Nebraska, and Texas signed bills into law while bills advanced in Maine, Oregon, Vermont, and Texas.

Below is the twenty first weekly update on the status of proposed state privacy legislation in 2025. As always, the contents provided below are time-sensitive and subject to change.

Table of Contents

Keypoint: Last week, Oregon and New Jersey advanced bills to amend their state’s consumer data privacy laws, California committees advanced several bills, Nebraska enacted a social media law, and Texas advanced several social media bills.

Below is the twentieth weekly update on the status of proposed state privacy legislation in 2025. As always, the contents

Keypoint: Last week, Oregon’s legislature passed a bill to amend the state’s consumer data privacy law, the Connecticut Senate passed two bills, and there were developments with bills in New Jersey, Nebraska, Texas, Massachusetts, and Louisiana.

Below is the nineteenth weekly update on the status of proposed state privacy legislation in 2025. As always, the

Keypoint: Last week, the Colorado legislature passed an amendment to the state’s data privacy law, the Texas legislature passed a bill regulating app stores, and there were developments with bills in Connecticut, Maine, New York and South Carolina.

Below is the eighteenth weekly update on the status of proposed state privacy legislation in 2025. As

KeypointIn its second non-data broker enforcement action for violations of the CCPA, the California Privacy Protection Agency entered into a stipulated final order with a retailer for a $345,178 administrative fine and other remedial measures.

On May 6, 2025, the California Privacy Protection Agency (Agency) announced its second non-data broker enforcement action, requiring a national retailer to pay a $345,178 administrative fine and implement certain remedial actions for violations of the California Consumer Privacy Act (CCPA). The Agency’s enforcement action comes just two months after its first enforcement action in which it required a vehicle manufacturer to pay a $632,500 administrative fine and implement remedial actions. It also follows remarks from the Agency’s Deputy Director of Enforcement, Michael Macko, at last month’s IAPP Global Privacy Summit indicating that the Agency is enforcing CCPA violations across a wide range of industries.

In the below post, we provide an overview of the violations and penalties.

Keypoint: The Colorado legislature is considering significant amendments to the nation’s first algorithmic discrimination law.

On April 28, 2025, Colorado Senator Robert Rodriguez and Representative Brianna Titone introduced SB 318, which makes significant amendments to the Colorado AI Act (SB 205). The bill is currently pending in the Senate. The Colorado legislature closes Wednesday, May 7. In the below article, we provide an overview of the more significant proposed amendments.

In addition, because SB 318 is only a redline of the sections of the Colorado AI Act for which amendments were proposed, it does not show the changes in the full context of the existing law. We prepared a complete redline of the law, which is available to Byte Back AI subscribers here.