On April 12, at the International Association of Privacy Professionals’ global privacy conference, Colorado Attorney General Phil Weiser gave remarks on his office’s approach to the rulemaking and enforcement of the Colorado Privacy Act.
Continue Reading Colorado Attorney General Remarks on CPA Rulemaking
State Legislatures
Utah Legislature Passes Comprehensive Privacy Bill
Utah appears poised to be the next state with a comprehensive privacy law on its books, following California, Virginia, and Colorado. On March 2nd, the Utah House of Representatives voted unanimously to approve an amended version of the legislative proposal, and the Senate concurred with the House amendment on the following day. Formalities are now being completed to send the bill to Governor Spencer Cox for signature.
The Utah Consumer Privacy Act (“UCPA”) provides for consumer rights and responsibilities for controllers and processors. Although the bill generally tracks the comprehensive privacy law passed in Virginia last year, the VCDPA, there are some notable differences. Key provisions in the bill include the following:
Continue Reading Utah Legislature Passes Comprehensive Privacy Bill
State Legislative Trends to Watch in 2022
A new year means new state privacy bills introduced in states across the country. With two additional states joining California last year with the passage of the Virginia Consumer Data Protection Act and the Colorado Privacy Act, it is likely that more states will join the fray this year in creating a patchwork of comprehensive privacy laws in the United States.
While some states will have these bills under consideration well into the fall, the vast majority of state legislatures will adjourn by early June and thirteen will adjourn before the start of April.
During this early year sprint, there are five general trends that observers will want to keep an eye on in state legislatures.
Continue Reading State Legislative Trends to Watch in 2022
Review of U.S. State Law Developments in 2021
As we look ahead at 2022, we here provide a quick wrap-up of key developments for U.S. state privacy laws in the past year:
Continue Reading Review of U.S. State Law Developments in 2021
Reminders of Annual CCPA Updates
As the year comes to an end, consider whether your business is required to make an annual privacy policy update and share updated consumer metrics under the CCPA.
Continue Reading Reminders of Annual CCPA Updates
New York Requires Businesses To Notify Employees of Electronic Monitoring
On November 8, 2021, New York Governor Kathy Hochul signed a new electronic monitoring law (S2628) requiring New York businesses that monitor or intercept employees’ e-mails, telephone calls, or internet usage to notify employees in writing of these practices. The new law amends the state’s civil rights law and takes effect on May 7, 2022.
Continue Reading New York Requires Businesses To Notify Employees of Electronic Monitoring
Virginia Consumer Data Protection Act Work Group Issues Final Report
The Virginia Consumer Data Protection Act (“VCDPA”) Work Group has issued its 2021 Final Report. The final report, which is based on the six Work Group meetings between June and October 2021, summarizes information presented at the meetings on topics such as enforcement, definitions and rulemaking authority, as well as consumer rights and education. We summarize some of the comments below.
Continue Reading Virginia Consumer Data Protection Act Work Group Issues Final Report
Illinois Enacts Protecting Household Privacy Act
On August 27, 2021, Illinois Governor J.B. Pritzker signed into law the Protecting Household Privacy Act (“PHPA”). The law governs how, and under what conditions, Illinois law enforcement agencies may acquire and use data from household electronic devices, commonly referred to as “smart devices” or the “internet of things.” The…
Continue Reading Illinois Enacts Protecting Household Privacy Act
California Governor Signs Legislation to Expand Genetic Privacy Protections After Last Year’s Veto
On Wednesday, October 6th, Governor Gavin Newsom signed SB 41, the Genetic Information Privacy Act, which expands genetic privacy protections for consumers in California, including those interacting with direct-to-consumer (“DTC”) genetic testing companies. In a recent Inside Privacy blog post, our colleagues discussed SB 41 and the growing patchwork…
Continue Reading California Governor Signs Legislation to Expand Genetic Privacy Protections After Last Year’s Veto
Newly Effective Florida Law Imposing Criminal Sanctions Adds to Developing Nationwide Patchwork of State Genetic Privacy Laws
Last Friday, October 1, the Protecting DNA Privacy Act (HB 833), a new genetic privacy law, went into effect in the state of Florida establishing four new crimes related to the unlawful use of another person’s DNA. While the criminal penalties in HB 833 are notable, Florida is not alone in its focus on increased genetic privacy protections. A growing number of states, including Utah, Arizona, and California, have begun developing a net of genetic privacy protections to fill gaps in federal and other state legislation, often focused on the privacy practices of direct-to-consumer (“DTC”) genetic testing companies. While some processing of genetic information is covered by federal law, the existing patchwork of federal genetic privacy protections do not clearly cover all forms of genetic testing, including DTC genetic tests.
Continue Reading Newly Effective Florida Law Imposing Criminal Sanctions Adds to Developing Nationwide Patchwork of State Genetic Privacy Laws