Another month into 2026 and the data privacy headlines keep coming! We also just released episode 30 of Privacy Lawls! This month, we interviewed Zane Witherspoon, where we discussed how to navigate privacy regulations as a data broker, including registration requirements, changes in legislation, and the future of data broker regulations. You can listen to the podcast episode here.
Table of Contents
What’s new in privacy?
Below are some of the most notable news in privacy from this month:
- UK privacy watchdog warns over AI-generated images. Britain’s privacy watchdog published a joint statement with dozens of international authorities on Monday, setting out concerns over images generated by AI which depict individuals without their consent. The ICO stated that they are particularly concerned about potential harms to children. Read more here.
- Disney to pay $2.75 million in privacy settlement. Disney has entered into a settlement agreement with the California Department of Justice to pay $2.75 million over alleged privacy violations. Attorney General Rob Bonta stated that the investigation found that Disney did not fully effectuate consumers’ requests to opt out of the sale or sharing of their personal information across all devices and streaming services linked to their Disney accounts. Learn more here.
- Ring’s AI feature raises privacy concerns. A recent ad for Ring’s new AI feature that played during the Super Bowl has sparked privacy concerns. Critics and legislators worry about the level of surveillance possible by accessing neighborhood cameras. Learn more here.
- U.S. Supreme Court to consider Video Privacy Protection Act case. The decision is supposed to address the definition of “consumer” under the VPPA. The case stems from a lower Court dismissal stating that a “consumer” is an individual who is a renter, purchaser, or subscriber of goods or services from a video tape service provider. Read more here.
- Increase in BIPA lawsuits due to AI note-taking software. A new wave of Illinois Biometric Information Privacy Act litigation alleges that AI-powered meeting transcription and note-taking tools violate the law. The class action lawsuits allege that these tools collect and store voiceprints, which are unique biometric identifiers, without providing written notice nor obtaining informed consent. Read more here.
- Denmark’s DPA warns school municipalities over using Google products. The DPA states that the municipalities must demonstrate that the data transfers to the US maintain a level of protection equivalent to that provided in the EU. Without those safeguards, the data flows could be considered unlawful. Learn more here.
- UK weighs VPN ban for children. The UK government will be considering age-restricting or limiting children’s use of VPNs as part of its efforts to strengthen safety online. The measures are aimed at tackling illegal content created by AI. Read more here.
- Reddit fined $20 million in the UK for children’s data privacy violations. The fine stems from an investigation that found that Reddit used children’s data unlawfully and potentially exposed them to harmful content. Read more here.
- EU investigates Shein under the Digital Services Act. The investigation will review Shein’s sale of illegal products and the platform’s allegedly addictive design. Learn more here.
California privacy activists call for removal of automated license plate readers. The activists call for the removal of these readers due to privacy concerns and the sharing of data with certain government entities such as the CBP. Read more here.
What privacy bills are we tracking?
As part of our service, we keep track of privacy bills that would affect the way Privacy Policies are written. Below is our most recent list of privacy bill proposals in the United States.
- Alaska – AK HB367;
- Illinois – IL SB52;
- Illinois – IL HB3041;
- Illinois – IL SB2875;
- Illinois – IL SB3220;
- Illinois – IL HB5221;
- Illinois – IL SB3548;
- Illinois – IL SB3890;
- Maine – ME HB1220;
- Massachusetts – MA SB33;
- Massachusetts – MA SB301;
- Massachusetts – MA SB2619;
- Massachusetts – MA HB4746;
- Michigan – MI SB359;
- New York – NY S4276;
- New York – NY AB5827;
- New York – NY AB974;
- New York – NY AB4947;
- New York – NY SB8524;
- North Carolina – NC – HB462;
- North Carolina – NC – SB757;
- Oklahoma – OK SB546;
- Pennsylvania – PA HB78;
- Pennsylvania – PA SB112;
- Vermont – VT H812;
- West Virginia – WV HB5123;
Events
Here are some great virtual events that you can attend to learn more about the hottest issues in privacy and meet other privacy professionals:
- Privacy in Financial Services – March 4, 2026;
- Digital Omnibus: What Proposals Mean for Data Protection – March 17;
- 2026 Information Security Committee Pre-RSAC Meeting – March 21.
Conclusion
Thank you for tuning in! We have several awesome guests coming up on Privacy Lawls for March and April. Be sure to subscribe to the podcast wherever you get your podcasts. We’ll be back next month with more headlines to keep you updated with the latest in privacy news.
