Blog

New Jersey enacts comprehensive privacy law

Julie Rubash, General Counsel and Chief Privacy Officer
January 15, 2024

Want to receive these weekly privacy recaps in your inbox? Sign up for our privacy newsletter, A Little Privacy, Please.

USA

New Jersey Enacts Comprehensive Privacy Law

New Jersey S332 passed both houses of the state’s legislature and was signed by the governor, making New Jersey the thirteenth state to pass a comprehensive privacy law.

The law will go into effect January 16, 2025. 

TAKEAWAY

The New Jersey law mostly borrows and combines elements from several existing state privacy laws, but it may uniquely impact certain sectors.

For example, the definition of “sensitive data” (which requires prior consent) includes certain financial information (although entities and data regulated by the Gramm-Leach-Bliley Act are exempt).

Additionally, although data regulated by HIPAA is exempt, entities regulated by HIPAA are not exempt, meaning that they must comply with respect to any non-HIPAA regulated data.

There is also no exemption for nonprofit organizations. 

Read more:

Guide to US State Privacy Laws

Comparing U.S. state privacy laws: Sensitive Data

Hearst VPPA Class Action Overcomes Motion to Dismiss

A Massachusetts District Court judge held (case 1:23-cv-10998-RGS) that a class action against Hearst Television adequately pled violations of the Video Privacy Protection Act based on allegations that Hearst disclosed identifiable video viewing records with third parties through integration with Braze and Doubleclick APIs on Hearst’s local news apps.

TAKEAWAY

Notably, the district judge held that the plaintiff’s provision of her email address and agreement to enable geolocation services and push notifications when she downloaded the app was sufficient consideration for her to constitute a “subscriber” under the VPPA.

The judge also held that Hearst’s receipt of analytics allowing it to provide advertisements to specific users was sufficient to demonstrate that Hearst knew it was collecting data from users that identified personalized information about them, and that the application of the VPPA in this context does not violate the First Amendment. 

Read more:

Mitigating risk under the Video Privacy Protection Act (VPPA)

VPPA class actions continue, with more targeted approach

EUROPE

noyb Strikes at Meta’s Pay or Ok Model From a Different Angle

Advocacy group noyb announced a second complaint filed with the Austrian data protection authority against Meta’s new paid subscription model offered by Meta as an alternative to consenting to personalised ads on Facebook and Instragram.

This time, noyb alleges that, by requiring users to buy an annual subscription as a condition of withdrawing consent, Meta is violating the GDPR by not making it as easy to withdraw as to give consent.  

TAKEAWAY

noyb‘s previous complaint, filed in December 2023, alleged that Meta’s new subscription model violates GDPR by not obtaining consent that is “freely given”, arguing that the subscription fee of up to €251.88 / year for access to both platforms is out of proportion with Meta’s estimated €62,88 / year annual revenue per user in Europe.

Read more:

noyb alleges Meta subscription model violates GDPR

Want more of the privacy highlights that matter to adtech and martech? Sign up for our privacy newsletter, A Little Privacy, Please.

A Little Privacy, Please weekly recaps are provided for general, informational purposes only, do not constitute legal advice, and should not be relied upon for legal decision-making. Please consult an attorney to determine how legal updates may impact you or your business.

Latest Blog Posts

CPPA Settles With Unregistered Data Brokers

November 18, 2024

Following an investigative sweep of unregistered data brokers, the...

Paramount Hit With VPPA Class Action

November 5, 2024

A class action complaint was filed in NY alleging...

Noyb Complaint Alleges Pinterest Personalized Advertising Violates GDPR

October 28, 2024

Noyb Complaint Alleges Pinterest Personalized Advertising Violates GDPR

Latest White Papers

E-book: Enterprise Guide To Cookie management & Tracker List Curation

July 1, 2024

How to review the tracking tech on your websites...

Benchmark Report: US Privacy Compliance

August 19, 2022

The current state of publisher compliance with CCPA, and...

Keep in touch

Sign up for our newsletter to keep up with privacy news for adtech and martech,
plus occasional company news.

Let's explore what we can do together.

We'll be in touch within 48 hours

[contact-form-7 id="593" title="Schedule a Demo"]