Key developments
Supreme Court tackles geofence warrants
The Supreme Court is set to hear arguments on whether geofence warrants used in a Virginia bank robbery investigation violate the Fourth Amendment. Police used a Google warrant to identify Okello Chatrie after pulling location data tied to millions of people near the bank; the 4th Circuit had ruled the warrant was not a search because users voluntarily share data with tech companies. The case asks whether Carpenter v. US requires probable cause before police can obtain highly precise location data from third-party platforms.
Why it matters
A ruling could set the national standard for law enforcement access to digital location histories.
Sources & driving stories
WISH-TV · Ashley Fowler
WISH-TV coverageCalPrivacy pushes back on SECURE Act
California's privacy agency urged Congress to reject the Republican-led SECURE Data Act, warning that its preemption language would wipe out rights under the California Consumer Privacy Act and Delete Act. In a Monday letter to the House Energy and Commerce Committee, CalPrivacy said the bill would weaken data-retention limits, let companies ignore some privacy requests and opt-out preference signals, and confine enforcement to the FTC and state attorneys general. The agency also said the proposal would erase California's deletion tool, which more than 280,000 residents have already used.
Why it matters
The fight shows whether Congress will create a federal privacy standard by rolling back stronger state protections.
Sources & driving stories
BLOOMBERG LAW · Cassandre Coyer
Bloomberg Law coverageMercor breach exposes biometric contractor data
A supply-chain attack on the open-source AI tool LiteLLM reportedly exposed 4 terabytes of Mercor contractor data, including voice samples, facial scans, passports, Social Security numbers, Slack chats and source code. WebProNews said the breach began March 27 after credential-stealing malware appeared in briefly available LiteLLM versions, and that attackers later posted stolen files on a leak site. By late April, at least seven class-action lawsuits had been filed in California and Texas over Mercor's handling of sensitive contractor data.
Why it matters
The incident shows how AI supply-chain failures can turn biometric and identity data into large-scale privacy exposure.
Sources & driving stories
WEBPRONEWS · Eric Hastings
WebProNews coverageWorth noting
WORTH NOTING
Coupang breach becomes trade dispute
South Korean lawmakers are objecting to U.S. pressure tied to a Coupang data-breach probe, showing how privacy incidents can spill into diplomatic conflict.
WORTH NOTING
GrayRobinson notifies 65,113 victims
The law and lobbying firm disclosed exposure of highly sensitive PII and PHI, adding another fresh breach disclosure to the day's privacy pipeline.
Still unclear
OPEN QUESTION
Will geofence warrants count as searches?
The Supreme Court's answer could determine how easily police can compel tech companies to hand over location histories.
OPEN QUESTION
Can a federal privacy law avoid preemption?
CalPrivacy's opposition raises the core question of whether Congress can pass national privacy rules without eliminating stronger state protections.