News Summary:
New Jersey’s Assembly passed a narrower version of the Age Appropriate Design Code and amended the state's Data Privacy Act on July 7, 2026. These amendments prohibit the sale of sensitive data without consent, tighten consent revocation requirements, and establish a data broker framework applying to both upstream sellers and downstream brokers. Previously, on June 30, 2026, the California Invasion of Privacy Act (CIPA), a nearly 60-year-old phone-tapping law, became the most litigated privacy statute in the U.S., with many companies mistakenly believing CCPA compliance covered CIPA. This followed developments on June 16, 2026, when New York’s revised health privacy bill S9269 advanced to the Governor for signature, potentially giving regulated entities six months to prepare, while the UK’s Information Commissioner’s Office published finalized guidance for consumer IoT products, aiding organizations in meeting transparency and consent requirements. Earlier in June, the Texas App Store Accountability Act took effect on June 9, 2026, after an injunction was lifted, introducing new compliance obligations for app developers regarding age verification and parental consent, ahead of similar laws expected in Alabama, Utah, and Louisiana by mid-2027. Louisiana had previously enacted a comprehensive privacy law on May 26, 2026.
Subscribe for full access to Sourcepoint's profile