Lightnews — Scholar-powered news

DataGuidance @dataguidance.bsky.social · 18h

California: Bill on customer notification of data breaches signed by Governor.

The bill requires businesses to notify affected consumers of data breaches within 30 days and report to the AG within 15 days.

Read now: https://bit.ly/3IWJXT8

DataGuidance

Essential Privacy and Regulatory Research at Your Fingertips. Find everything you need to stay up-to-date on evolving privacy & security regulations around the world

bit.ly

DataGuidance @dataguidance.bsky.social · 20h

Pennsylvania: Act amending Breach Act passes House.

The bill updates definitions of personal information and electronic notices, introduces remedies and penalties for violations.

Learn more: https://bit.ly/3Kves3b

DataGuidance

Essential Privacy and Regulatory Research at Your Fingertips. Find everything you need to stay up-to-date on evolving privacy & security regulations around the world

bit.ly

DataGuidance @dataguidance.bsky.social · 21h

International: OECD publishes paper on mapping data collection mechanism for #AI training.

The paper introduces a taxonomy of how data is sourced, from direct user input to third-party providers.

Learn more: https://bit.ly/4mPU8XC

1 1

DataGuidance @dataguidance.bsky.social · 22h

USA: Subpart J of Executive Order 14117 enters into effect.

Subpart J of Executive Order 14117 requires entities involved in restricted data transactions to establish certified compliance programs.

Check it out: https://bit.ly/48iqXsG

1

DataGuidance @dataguidance.bsky.social · 1d

USA: CAISI evaluation of DeepSeek AI finds cybersecurity risks

NIST's AI center found #DeepSeek's models highly likely to follow malicious instructions, including phishing, malware use, and credential theft.

Check it out: https://bit.ly/46Apuwt

DataGuidance @dataguidance.bsky.social · 1d

New York: AG reminds social media companies of obligations under the Stop Hiding Hate Act.

New York's Stop Hiding Hate Act requires social media companies to report content moderation data biannually.

Read now: https://bit.ly/4nwmaIH

DataGuidance @dataguidance.bsky.social · 1d

USA: Bill for AI LEAD Act referred to Committee.

The AI LEAD Act proposes civil liability for AI developers and deployers who cause harm through unsafe design, misuse, or inadequate warnings.

Learn more: https://bit.ly/488IQKl

DataGuidance @dataguidance.bsky.social · 1d

USA: DOJ file lawsuit against Iconic Hearts for #COPPA violations.

The DOJ sued Iconic Hearts for violating COPPA, the FTC Act, and ROSCA by mishandling children's data and using deceptive marketing.

Read now: https://bit.ly/3IDLvBr

DataGuidance @dataguidance.bsky.social · 4d

USA: DOJ file lawsuit against Iconic Hearts for COPPA violations.

The DOJ sued Iconic Hearts for violating #COPPA, the #FTC Act, and ROSCA by mishandling children's data and using deceptive marketing.

Read now: https://bit.ly/3IDLvBr

DataGuidance

Essential Privacy and Regulatory Research at Your Fingertips. Find everything you need to stay up-to-date on evolving privacy & security regulations around the world

bit.ly

DataGuidance @dataguidance.bsky.social · 5d

Montana: Act to revise privacy laws related to biometric, genetic, and neural data enters into effect.

Learn more: https://bit.ly/3WgrPXo

DataGuidance @dataguidance.bsky.social · 5d

Colorado: Act amending CPA to address minors protection enters into effect.

Colorado strengthens online privacy for minors, banning targeted ads and manipulative design, requiring consent and risk assessments.

Read on: https://bit.ly/3IKZxRM

DataGuidance @dataguidance.bsky.social · 5d

California: Regulations protecting against AI employment discrimination enter into effect.

The regulations clarify that using AI or automated decision systems in hiring and employment must not discriminate against protected groups.

Learn more: https://bit.ly/46PCM74

1

DataGuidance @dataguidance.bsky.social · 5d

USA: FTC issues a proposed order for $1 million against Citizens Disability for telemarketing violations.

The FTC reached a settlement with Citizens Disability over unlawful robocalls, misrepresentations, and Do Not Call violations.

Check it out: https://bit.ly/46B7nqo

DataGuidance @dataguidance.bsky.social · 5d

Montana: Act to revise privacy laws enters into effect.

Montana's new privacy law strengthens minors' protections, expands consumer rights, and speeds up enforcement.

Read now: https://bit.ly/46Ih6LD

DataGuidance

Essential Privacy and Regulatory Research at Your Fingertips. Find everything you need to stay up-to-date on evolving privacy & security regulations around the world

bit.ly

DataGuidance @dataguidance.bsky.social · 6d

USA: HHS reaches $182,000 settlement with Cadia for disclosure of medical data.

HHS OCR reached a settlement with Cadia Rehabilitation for improperly disclosing patient health information on social media.

Learn more: https://bit.ly/4mLmG4v

DataGuidance @dataguidance.bsky.social · 6d

UK: NCSC publishes guidance on understanding OT environments.

The guidance from the UK's NCSC outlines how organizations can create and maintain a definitive record of their OT environments.

Read on: https://bit.ly/4mLmlyL

DataGuidance @dataguidance.bsky.social · 6d

Ecuador: SPDP publishes draft regulation on data transfers.

The SPDP released a draft regulation on national and international personal data transfers, detailing safeguards, authorization procedures, and reporting obligations.

Learn more: https://bit.ly/4nSjrsS

DataGuidance @dataguidance.bsky.social · 6d

California: CPPA fines Tractor Supply Company $1.35M for CCPA violations.

The company must update policies, contracts, and procedures to ensure compliance and strengthen consumer privacy protections.

Check it out: https://bit.ly/486vU7P

DataGuidance @dataguidance.bsky.social · 6d

Maryland: MODPA takes effect.

MODPA takes effect October 1, 2025, giving consumers new rights and imposing data protection rules and penalties on businesses handling residents' personal data.

Read now: https://bit.ly/4mNbXXc

DataGuidance

Essential Privacy and Regulatory Research at Your Fingertips. Find everything you need to stay up-to-date on evolving privacy & security regulations around the world

bit.ly

DataGuidance @dataguidance.bsky.social · 7d

Italy: AI Law published in Official Gazette.

Italy's new AI Law aligns AI use with GDPR and national privacy rules, sets sector-specific obligations, and establishes a National AI Strategy under AgID and CAN.

Learn more: https://bit.ly/4mLa9Oq

DataGuidance @dataguidance.bsky.social · 7d

Czechia: MIT introduces draft law on AI.

The law sets supervisory authorities, establishes a regulatory sandbox, and outlines enforcement mechanisms, aiming to take effect in 2026.

Read on: https://bit.ly/4pJy9nX

DataGuidance @dataguidance.bsky.social · 7d

USA: FTC takes action against Sendit App over unlawful collection of personal data.

The FTC took action against Sendit app for unlawfully collecting children's data and using deceptive practices to sell premium subscriptions.

Learn more: https://bit.ly/3KuWf5C

DataGuidance @dataguidance.bsky.social · 7d

California: Bill on health and location data privacy signed by Governor.

California's new Health Data Privacy Act bans geofencing around health providers and restricts the collection or use of personal data near family planning centers.

Check it out: https://bit.ly/3IKdkb5

DataGuidance @dataguidance.bsky.social · 7d

California: Transparency in Frontier Artificial Intelligence Act signed by Governor.

California's new Transparency in Frontier AI Act requires large AI developers to publish frameworks and reports on risk, safety, and governance.

Read now: https://bit.ly/4mKNNfP

DataGuidance @dataguidance.bsky.social · 8d

Croatia: AZOP presents 2024 annual report to Parliament.

The report highlights record GDPR enforcement in 2024, with AZOP issuing 38 fines totaling €536,200 and 168 corrective measures.

Learn more: https://bit.ly/3KnJdHb