Now that we have passed the halfway mark in 2025, we are taking a look back at significant developments that have already occurred this year in the consumer data privacy landscape. Five more states’ comprehensive privacy laws went into effect, and several states enacted noteworthy amendments to their existing statutes.
A Texas federal judge has voided a Biden Administration CFPB rule that would have prohibited medical debt in credit reports.
“The Bureau has no such power to define what in a consumer report is ‘permissible,’” Judge Sean D. Jordan of the Eastern District of Texas wrote. “Congress has defined the permissible purposes of a consumer report, and a creditor has a permissible purpose if it intends to use the report for a credit transaction.”
The Federal Deposit Insurance Corporation (FDIC) Board of Directors today approved a notice of proposed rulemaking to streamline the processes for the establishment and relocation of domestic branches and offices. The proposed rule is intended to improve the speed and certainty of, and reduce the regulatory burden associated with, the filing process under 12 CFR part 303 of the FDIC Rules and Regulations.
California Attorney General Rob Bonta announced on July 1, 2025 a $1.55 million settlement with Healthline Media LLC, marking the largest monetary penalty under the California Consumer Privacy Act to date. According to the state's Department of Justice investigation, the health information website violated consumer privacy rights by continuing to share personal data with advertisers even after users opted out of targeted advertising.
Acting Comptroller of the Currency Rodney E. Hood’s five-month tenure at the Office of the Comptroller of the Currency (OCC) was marked by measurable progress in strengthening the federal banking system, reducing regulatory burden, promoting financial inclusion, expanding bank activities involving digital assets and embracing bank-fintech partnerships.
.jpg)
.jpg)