California Passes Digital Age-Assurance Act Into Law

October 16, 2025 in CCPA, COPPA, Data Privacy, Hintze Law Blog Series, Kid's Online Privacy, State Legislation, Online Advertising

By Hansenard Piou

On October 13th, 2025, Governor Newsom signed the Digital Age Assurance Act (AB 1043) into law. Introduced by co-authors Assembly Member Buffy Wicks and Senator Tom Umberg, the law establishes age-assurance requirements for computer and mobile operating system providers and app stores as well as app developers with an aim to protect children’s online safety. The Digital Age Assurance Act enters into effect on January 1, 2027.

California Opt Me Out Act Signed into Law

October 14, 2025 in Data Privacy, State Legislation, CCPA

By Cameron Cantrell

On October 8, 2025, California’s Governor Newsom signed AB 566—the California Opt Me Out Act—into law. The California Opt Me Out Act, using the same definitions as the CCPA, requires any business that develops or maintains an internet browser to build in an opt-out preference signal (“OOPS”) functionality. The law takes effect on January 1, 2027.

California Adopts Privacy, Cybersecurity, ADMT Regulations and Amendments

August 20, 2025 in CCPA, CPPA, Cybersecurity, Data Privacy, Artificial Intelligence, State Legislation

By Sam Castic

The California Privacy Protection Agency (CPPA) has adopted final regulations on privacy risk assessments, cybersecurity audits, and automated decisionmaking technology (ADMT), as well as amendments to existing CCPA regulations. Final publication of the regulations is pending review by the Office of Administrative Law, and depending on when that occurs, the regulations will likely take effect 10/1/2025 or 1/1/2026. Some key concepts from these regulations, and actions to consider, are below.

California’s Healthline.com Enforcement Action Shows CCPA’s Teeth – and Sensitive Data Reach

July 09, 2025 in CCPA, Data Privacy, Health + Biotech Privacy, State Legislation

By Mason Fitch and Kate Black

The California Attorney General’s Office (“OAG”) announced an enforcement action against Healthline.com on July 1 that marks a significant development in California Consumer Privacy Act (CCPA) enforcement. This action, accompanied by the largest fine under CCPA yet at $1.55 million, highlights critical areas of consideration for any company engaging in the advertising ecosystem as well as any company that processes sensitive personal information.

California Enacts "genAI" Laws That Introduce New Privacy and Transparency Requirements, Amongst Others

October 08, 2024 in CCPA, Cybersecurity

By Emily Litka

In September 2024, California Governor Gavin Newsome signed a number of new generative AI (“genAI”) bills into law. These laws address risks associated with deepfakes, training dataset transparency, use of genAI in healthcare settings, privacy, and AI literacy in schools. California is the first US state to enact such sweeping genAI regulations.