Federal District Court Dismisses VPPA Case, Ruling Apartments.com "Not a Videotape Business"

October 24, 2025 in Personal Data, Data Privacy

On Monday, October 20, 2025, the Eastern District of Missouri dismissed a proposed class action based on the federal Video Privacy Protection Act ("VPPA") against CoStar, the company behind apartments.com. It isn't clear at this point whether the plaintiff will appeal.

California Passes Law on AI Companion Chatbot Safety

October 17, 2025 in Artificial Intelligence, Data Privacy, GenAI, Kid's Online Privacy, State Legislation, Technology Law

By Clara De Abreu E Souza

On Oct. 13, 2025, California Governor Gavin Newsom signed into law Senate Bill 243 – Companion Chatbots. SB 243, authored by Senator Steve Padilla, requires operators of companion chatbot platforms to notify users that the chatbot is AI, provide specific disclosures to minors, and restrict harmful content. The law also includes a private right of action.

California Passes Digital Age-Assurance Act Into Law

October 16, 2025 in CCPA, COPPA, Data Privacy, Hintze Law Blog Series, Kid's Online Privacy, State Legislation, Online Advertising

By Hansenard Piou

On October 13th, 2025, Governor Newsom signed the Digital Age Assurance Act (AB 1043) into law. Introduced by co-authors Assembly Member Buffy Wicks and Senator Tom Umberg, the law establishes age-assurance requirements for computer and mobile operating system providers and app stores as well as app developers with an aim to protect children’s online safety. The Digital Age Assurance Act enters into effect on January 1, 2027.

California’s Social Media Account Cancellation Act Signed into Law

October 14, 2025 in CCPA, Data Privacy, State Legislation, Personal Data

By Clara De Abreu E Souza

On October 8, 2025, California Governor Gavin Newsom signed into law Assembly Bill 656 — Account Cancellation. AB 656, authored by Assembly member Pilar Schiavo, focuses on social media platforms and requires them to provide users with a clear and accessible way to delete their accounts. This action must also trigger the complete deletion of the user’s personal data.

California Further Amends its Data Broker Registration Law

October 13, 2025 in Data Privacy, State Legislation

By Hansenard Piou

On October 8, 2025, Governor Gavin Newsom signed SB 361 into law. Introduced by Senator Josh Becker, the bill amends California’s Data Broker Registration Law (and amendments to the law under the Delete Act) with additional disclosure requirements for data brokers.

What is “Bulk U.S. Sensitive Personal Data”?

October 10, 2025 in Data Privacy, DOJ, Hintze Law Blog Series

By Emily Litka

This is the second in a series of blog posts about the DOJ Rule regarding Access To U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons (the “DOJ Rule”). It provides an overview of one of the categories of data that is in scope under the DOJ Rule: bulk U.S. sensitive personal data.

Does the DOJ Rule Apply?

September 30, 2025 in Data Privacy, DOJ, Hintze Law Blog Series

By Hansenard Piou and Sam Castic

This is the first in a series of blog posts about the DOJ Rule regarding Access To U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons (the “DOJ Rule”). It provides a high-level overview of the kinds of cross-border data transfers that are regulated by the DOJ Rule. Future blog posts will more closely examine the DOJ Rule, its requirements, potential impacts, and strategies to address compliance.