- Scope and Applicability. OKDPA applies to controllers and processors that conduct business in Oklahoma or target Oklahoma residents and annually either (a)
State Lawmakers Introduce New Wave of Personalized Algorithmic Pricing Bills
U.S. state lawmakers have introduced more than 40 bills across at least 24 states to regulate personalized algorithmic pricing in 2026 thus far, already outpacing the number of personalized algorithmic pricing bills introduced in all of 2025. While their definitions and scope vary, the 2026 bills broadly refer to “personalized
Continue Reading State Lawmakers Introduce New Wave of Personalized Algorithmic Pricing BillsCalPrivacy Fines PlayOn Sports for Insufficient Opt-Out Process
On February 27, 2026, CalPrivacy and PlayOn settled a CCPA claim for $1.1 million. PlayOn is a digital ticketing platform used by schools and other organizations for ticketing, streaming, fundraising, concessions, merchandise sales, and website management. The settlement resolves allegations that PlayOn unlawfully “sold” and “shared” users’ personal information without providing sufficient opt-outs and notice, in violation of the CCPA. This marks the agency’s first enforcement action involving students’ data privacy.
Continue Reading CalPrivacy Fines PlayOn Sports for Insufficient Opt-Out ProcessConnecticut Attorney General Releases 2025 CTDPA Enforcement Report
The Connecticut Office of the Attorney General (“OAG”) issued an updated Enforcement Report (“Enforcement Report”) under the Connecticut Data Privacy Act (“CTDPA”). The Enforcement Report discusses the OAG’s enforcement actions in 2025 and suggests some areas of focus from the regulator, summarized below.
Continue Reading Connecticut Attorney General Releases 2025 CTDPA Enforcement ReportCalPrivacy Announces $45,000 Fine Against Data Broker for Delete Act Violations
On January 8, 2026, the California Privacy Protection Agency (“CalPrivacy”) announced an enforcement action against Rickenbacher Data LLC (d/b/a “Datamasters”), an information reseller, for failing to register as a data broker under the California Delete Act. Datamasters agreed to pay a $45,000 administrative fine, among other remedial measures. In November, CalPrivacy launched a Data Broker Enforcement Strike Force within its enforcement division to investigate violations of the law in the data broker industry, which builds upon a 2024 investigative sweep into data broker compliance.
Continue Reading CalPrivacy Announces $45,000 Fine Against Data Broker for Delete Act ViolationsCalifornia AG Announces $1.4 Million Settlement with Mobile App Gaming Developer Over CCPA Violations
On November 21, 2025, California Attorney General Rob Bonta announced a $1.4 million settlement with Jam City, Inc. (“Jam City”), a mobile app gaming company, for alleged violations of the California Consumer Privacy Act (“CCPA”) and Unfair Competition Law (“UCL”). The Jam City settlement marks Attorney General Bonta’s sixth settlement obtained under the CCPA and reflects a continued focus on how businesses present opt-out rights mechanisms to California consumers, including minors.
Continue Reading California AG Announces $1.4 Million Settlement with Mobile App Gaming Developer Over CCPA ViolationsIndiana Attorney General Releases Data Consumer Bill of Rights
In advance of the Indiana Consumer Data Protection Act’s (“Act”) effective date on January 1, 2026, the Indiana Attorney General released a Data Consumer Bill of Rights (“Bill of Rights”) that summarizes the rights created in the Act.
Continue Reading Indiana Attorney General Releases Data Consumer Bill of RightsCalifornia Enacts New Privacy Laws
Recently, California Governor Gavin Newsom signed into law several privacy and related proposals, including new laws governing browser opt-out preference signals, social media account deletion, data brokers, reproductive and health services, age signals for app stores, social media “black box warning” labels for minors, and companion chatbots. This blog summarizes
Continue Reading California Enacts New Privacy LawsCalifornia Privacy Agency Fines Tractor Supply $1.35 Million Over CCPA Violations
On September 30, 2025, the California Privacy Protection Agency (“Agency”) announced a decision and $1.35 million fine to resolve allegations that Tractor Supply Co. (“Tractor Supply”) violated the California Consumer Privacy Act (“CCPA”). The settlement comes after the Agency filed a petition to enforce an investigative subpoena against Tractor Supply. In addition to imposing the Agency’s largest fine to date, the settlement also marks the Agency’s first enforcement action related to job applicant personal data. Similar to the enforcement actions against American Honda Motor Co., Inc. and Todd Snyder, Inc., the Agency continues to focus on how businesses facilitate consumer rights under the CCPA.
Continue Reading California Privacy Agency Fines Tractor Supply $1.35 Million Over CCPA ViolationsOregon DOJ Publishes Enforcement Report on the Oregon Consumer Privacy Act
On August 29, the Oregon Department of Justice (DOJ) issued an enforcement report and press release covering its first year of enforcement of the Oregon Consumer Privacy Act (OCPA). The OCPA took effect on July 1, 2024, and the cure period sunsets on January 1, 2026. We previously summarized some of requirements in the OCPA here. This blog summarizes notable takeaways from the enforcement report.
Continue Reading Oregon DOJ Publishes Enforcement Report on the Oregon Consumer Privacy Act