In this edition of AdGuard’s digest: California residents will be able to request all data brokers to delete their data at once, TikTok is accused of being as addictive as gambling, Amazon launches a surveillance-friendly competition, US officials are found to be illegally spying on Americans (again), Google facilitates browsing history deletion.

One click to delete: New law allows Californians to remove all their data from data brokers

Californians will be able to force all data brokers at once to wipe off their personal data with a single request starting from January 1, 2026. The fittingly named “Delete Act” bill requires the state privacy protection agency to set up an “accessible deletion mechanism” that will enable users to request “that every data broker that maintains any personal information delete any personal information related to that consumer held by the data broker or associated service provider or contractor.”

Applicable data brokers will have to check for deletion requests at least once every 45 days. The user has to make only one deletion request, and the data broker will have to keep deleting their information every 45 days, even if the user does not make further requests. And while data brokers will still be able to collect user data for those 45 days, they are prohibited from selling or sharing it with any third parties.

As the Verge points out, Californias could already request data brokers to delete their data, but they had to appeal to them one by one — a daunting task, by any account. The new law simplifies the process, and is great news for privacy-conscious users. It also cements the status of California as the US’s most forward-looking state in terms of privacy, which it once earned by passing The California Consumer Privacy Act (CCPA), and we can only hope others will follow its example.

US state says TikTok is akin to addictive ‘slot machine’ for kids

Utah has filed a lawsuit against TikTok, taking aim at the social network’s recommendation algorithms. The state’s attorney general argued that TikTok’s algorithms “spoon-feed kids endless, highly curated content” and likened them to a “cruel slot machine that hooks kid’s attention and doesn’t let go.”

TikTok, owned by China-based ByteDance, has come under increasing pressure in the US for its origins, but also for its alleged harmful influence on children, perhaps best exemplified by the dangerous challenges apparently promoted by its algorithms. The debate over the alleged dangers of TikTok and social media in general has sparked a wave of so-called “social media ID laws,” which require social media to verify the age of their users, including by forcing them to produce their digital ID. In March this year, Utah became the first state in the US to pass such an age verification law. Under the law, users under 18 will need parental consent to sign up for social media.

We have already discussed the potential pitfalls of age-verification laws sweeping the US in our blog. In short, they have the noble goal of protecting children, but they threaten the privacy and security of users of all ages by necessitating the collection of users’ most sensitive information.

Amazon wants you to spy on your neighbors and calls it ‘UFO hunting’

Amazon’s security camera brand, Ring, is encouraging customers in the US to send in videos captured by either their indoor or outdoor cameras… that show aliens. Yes, you heard that right. The customers whose videos contain “scientific evidence of the extraterrestrial” are eligible for the grand prize of $1 million.

However, the rules of the contest, as Vice points out, suggest that Ring does not actually plan to award the prize. The rules state that the “scientific evidence” must “unequivocally rule out any known explanations or any new Earth-based phenomena as an explanation.” A pretty tough, if not impossible, criterion to meet, if you ask us. However, Ring says that if you fake an alien sighting in convincing enough fashion, you could win a $500 Amazon gift card for “extraordinary creativity.”

The contest is timed to Halloween, and we don’t want to spoil the mood, but it’s hard to disagree with Vice that what Amazon is doing here is “cashing in on the UFO craze to promote its surveillance dystopia.” Ring has already been embroiled in several controversies, including when it was revealed that any Amazon employee could view and download every single Ring customer video. And while the competition may seem like fun, it normalizes sharing your private information for free with big tech giants. And who knows what they might do with the data you share. So, thanks, Ring, but we’ll rather pass.

New report, but same old tale: US officials revealed to have illegally spied on users

A new report has revealed that US law enforcement agencies, including US Customs and Border Protection (CBP), US Immigration and Customs Enforcement (ICE), and the Secret Service, failed to conduct mandatory privacy assessments when they purchased Americans’ location data in bulk from data brokers.

The report, released in late September, says the agencies violated federal law in obtaining the so-called Commercial Telemetry Data, or CTD (a law enforcement term for the location data they bought from third parties). In particular, they apparently decided not to waste time conducting reviews to see if the privacy risks from buying the data were proportionate and could be mitigated in some way. It does not take much imagination to see what this lack of oversight could lead to. In one particularly egregious case cited in the report, a CBP officer used access to location data to track his co-workers without any legal need to do so.

Source: CBP, ICE, and Secret Service Did Not Adhere to Privacy Policies or Develop Sufficient Policies Before Procuring and Using Commercial Telemetry Data

The report is alarming, but not surprising. The fact that US law enforcement agencies are exploiting a legal loophole to buy Americans’ data has long been an open secret. Earlier this year, CBP promised to stop buying smartphone location data — and we believe that public pressure and extensive media coverage of the practice were partly responsible for this move. At the same time, the practice has not completely stopped. According to 404 Media, ICE says it will continue to buy commercially-sourced location data despite recommendations to stop. So, unless laws are passed that expressly prohibit such practices under threat of severe punishment, it will likely continue unabated, if not in the open, then behind closed doors.

Google makes it easier to erase your most recent browsing history

Google has given Android users an option to clear the last 15 minutes of their browsing history. Before they could only delete their browsing data for the last hour. While this new control option is hailed by Google as yet another way to protect your privacy, do not get your hopes up. The catch is Google will still keep your search history and “other Google activity” data, which you will have to delete separately.

The new deletion option still gives you more control over your data. When you use it, it will remove the web addresses of the pages that you’re visited from the History page and shortcuts to those pages from the Tab page. It will also stop showing you predictions to those websites in your address bar.

The new option may come in handy in situations when you don’t want to wipe off an hour’s worth of data, but only your latest searches, and as quickly as possible. Everyone can think of their own reasons to do that (wink-wink). One of these will be, for example, if you share your device with someone else, and don’t want them to see your most recent searches. But overall, it won’t make a big difference for your privacy.