Data Privacy News and Updates for June

Time to get caught up on all things privacy!

This month, on Privacy Lawls, we interviewed privacy attorney Shannon Ralich on how consumers can best protect their privacy online. You can listen to the episode here.

What’s new in privacy? 

Below are some of the most notable news in privacy from this month: 

1. Google to pay Texas $1.38 billion in privacy settlement. The settlement stems from a lawsuit initiated by the Texas Attorney General in 2022, which accused Google of illegally tracking and gathering the private information of residents of Texas, including incognito search activities, geolocation, and biometric data. Read more here. 
2. Montana passes an update to its privacy law. The Governor of Montana signed Montana SB287 into law, amending the Montana Consumer Data Privacy Act. The changes include the lowering of the amount of personal data that companies need to collect for the law to apply, changes to opt-out rights, changes to the disclosure of information by businesses in response to a consumer privacy rights request, Privacy Policy changes and enforcement changes. If you are currently a Termageddon customer, we will update your policies prior to the effective date of these changes. Learn more here.
3.  Dating app exposes sensitive user data. A recent investigation by TechCrunch found that the dating app “Raw” may be exposing sensitive data. TechCrunch found that anyone could obtain information from a profile by accessing the app’s API in a browser if they have the 11-digit user ID. The dating app has plans to release a wearable device with sensors that read vital signs and has an audio tracker as well, prompting serious privacy concerns. Read more here. 
4. TikTok fined $600 million for data transfers to China. Ireland’s Data Protection Authority has fined TikTok due to violations of GDPR caused by the company transferring data to China, which put users at risk of spying. The DPA stated that TikTok failed to verify and guarantee that EU users would be afforded a level of protection that is equivalent to that provided in the EU. Learn more here. 
5. CPPA fines data broker. The California Privacy Protection Agency has fined a Florida-based data broker Jerico Pictures, Inc. $46,000. The fine stems from the company failing to register as a data broker in California’s Data Broker Registry. Read more here. 
6. Proposed GDPR changes promise easier compliance. The proposal to change certain provisions of GDPR may make compliance easier for businesses. The proposal would change the data processing record keeping requirement to apply to enterprises with less than 750 employees and those that engage in processing activities that result in a high risk to data subjects’ rights and freedoms or where special category data is processed. The proposal also includes reforms on data protection codes of conduct and certification mechanisms. Read more here. 
7. Dior confirms data breach. The fashion giant Dior has confirmed a data breach after experiencing a cyber attack that resulted in unauthorized access to its IT systems. The breached data includes contact information, purchase data and preference data, which could include names, genders, contact information and purchase history. Read more here. 
8. 39% of Americans want to ban biometric use. In a recent study by the Identity Theft Resource Center titled the Biometric Consumer Attitude Report, 63% of Americans stated that they had serious concerns about providing their biometrics to verify their identity online and 39% stated that biometric technology should be banned. Learn more here. 
9. Connecticut lawmakers seek to protect connected vehicle data. Connecticut’s lawmakers are seeking to pass a bill that would include data collected by connected vehicles in the state’s privacy law. In addition, the lawmakers are also considering a one-stop shop mechanism that would allow Connecticut residents to delete their personal data held by data brokers through a single request, instead of having to contact each data broker individually. Read more here. 
10. Study finds that web browsers are hungry for data. A study by Surfshark analysed 10 popular browsers to see the amount of data that they collect. Chrome was found to be the most data-hungry, collecting 20 different data types. The study found that 40% of the analyzed browsers collect users’ locations, and that TOR stood out as the most privacy-friendly browser. Read more here. 

What privacy bills are we tracking? 

As part of our service, we keep track of privacy bills that would affect the way Privacy Policies are written. Below is our most recent list of privacy bill proposals in the United States. You can access the privacy bill tracker any time on our blog.

• Georgia – GA SB111;
• Hawaii – HI SB1037;
• Illinois – IL HB3385;
• Illinois – IL SB3517;
• Illinois – IL SB52;
• Illinois – IL HB3041;
• Maine – ME HB710/HB1088;
• Maine – ME HB799;
• Maine – ME HB1220;
• Massachusetts – MA SB33;
• Massachusetts – MA HB104;
• New York – NY S2277;
• New York – NY SB365;
• New York – NY SB3162;
• New York – NY AB4374;
• North Carolina – NC – HB462;
• North Carolina – NC – SB757;
• Oklahoma – OK H1012;
• Pennsylvania – PA HB78;
• Pennsylvania – PA SB112;
• Vermont – HB208;
• Vermont – SB93; and
• West Virginia HB2953

Events

Here are some great virtual events that you can attend to learn more about the hottest issues in privacy and meet other privacy professionals: 

1. GDPR compliance: key lessons and evolving challenges seven years on – June 4, 2025;
2. Privacy enhancing technologies – June 5, 2025;
3. Tracking technologies in healthcare – July 17, 2025.

Conclusion

You’re all caught up! We will be back next month with more privacy-related news and stories. In the meantime, feel free to catch up on all 22 episodes of Privacy Lawls.