Keypoint: Last week, Oregon’s legislature passed a bill to amend the state’s consumer data privacy law, the Connecticut Senate passed two bills, and there were developments with bills in New Jersey, Nebraska, Texas, Massachusetts, and Louisiana.
Below is the nineteenth weekly update on the status of proposed state privacy legislation in 2025. As always, the contents provided below are time-sensitive and subject to change.
Table of Contents
- What’s New
- AI Bills
- Bill Tracker Chart
1. What’s New
The Connecticut Senate passed two bills last week. First, the Senate passed Senator Maroney’s SB 1356, which amends Connecticut’s existing consumer data privacy law. The Senate also passed SB 6857, which regulates social media companies.
On the other side of the country, the Oregon legislature passed a bill making a minor amendment to the state’s consumer data privacy law. HB 3875 amends the law’s applicability standard to provide that the law applies to any motor vehicle manufacturer and any affiliate of a motor vehicle manufacturer that controls or processes any personal data obtained from a consumer’s use of a motor vehicle or any component of a motor vehicle. Meanwhile, HB 2008, which also amends the state’s consumer data privacy law, received a do pass with amendments recommendation from the Senate Judiciary committee. That bill already passed the House.
In New Jersey, A 5017 advanced out of the Assembly Financial Institutions and Insurance committee. The bill amends the state’s consumer data privacy law to exempt national securities associations and adds a data level exemption for insurance fraud detection activities.
In Massachusetts, the Advanced Information Technology, the Internet and Cybersecurity committee advanced three bills to the Senate Ways and Means committee: S.2516 (consumer data privacy), S.43 (biometric privacy), and S.197 (sale of location data). Of note, S.2516 replaces three of the consumer data privacy bills we have been tracking.
Nebraska’s unicameral legislature passed LB 383 by a 46-3 vote. The bill addresses several different topics; however, as is relevant to our analysis, it enacts the Parental Rights in Social Media Act. As its name suggests, the bill regulates social media companies.
In Louisiana, HB 570 unanimously passed the House. The bill requires app store providers to verify user age.
In Texas, the legislature passed SB 2420 – the App Store Accountability Act. Meanwhile, the House Trade, Workforce & Economic Development committee favorably reported two bills that amend the state’s data broker law – SB 1343 and SB 2121. Both bills previously passed the Senate.
There was no movement last week with the numerous California bills we are tracking. Expect that to change in the coming weeks as June 6 is the deadline for bills to cross chambers. Only one of the bills we have been tracking – SB 361 (data brokers) – has crossed chambers to date.
Finally, the Alabama legislature closed without passing HB 283 (consumer data privacy). That bill had passed the House in April but never advanced in the Senate.
2. AI Bills
Our latest edition of Byte Back AI is now available to subscribers. Subscriptions start as low as $50/month. In this edition, we provide:
- Updates on new laws enacted in Arizona and South Carolina, and bills crossing chambers in Alaska, California, Connecticut, Oregon, and New York.
- A summary of Connecticut’s Senate floor hearing on SB 2.
- Our special feature of the week – a summary of the amended Connecticut SB 2.
- Our “three things to know this week.”
- An updated state AI bill tracker chart.
Click here for more information on paid subscriptions.
3. Bill Tracker Chart
For more information on all of the privacy bills introduced to date, including links to the bills, bill status, last action, and hearing dates, please see our bill tracker chart.