Share This Post

A Bill for an American Privacy Rights Act has been unveiled. If enacted, this would be a national data privacy standard. The Bill as currently drafted includes requirements for data minimization, marketing rights (opt-out), individuals rights such as right of access, right of accuracy and right to erasure. The Bill also includes data security provisions and “executive responsibility” and a national data broker register. Difficult to say at this point what impact, if any, this would have on businesses operating from UK in the US.

Currently, US data privacy laws are implemented on a state-by-state basis. Most are based on the CCPA in California but tend to apply to organisations that may operate in the state even if they are not based there; there are usually thresholds for applicability involving a consideration of what the data is used for, how many data subjects it relates to as well as a financial turnover of the organization.

 

Here’s a summary of the current state of US State data privacy laws:

  • California Consumer Privacy Act (CCPA) – in force since Jan20
  • Colorado Privacy Act – in force from Jul23
  • Connecticut Personal Data Privacy and Online Monitoring Act – in force from Jul23
  • Delaware Personal Data Privacy Act – comes into force Jan25
  • Florida Digital Bill of Rights – comes into force Jan24
  • Indiana Consumer Data Protection Act – comes into force Jan26
  • Iowa Consumer Data Protection Act – comes into force Jan25
  • Kentucky Consumer Data Protection Act – comes into force Jan26
  • Maryland Online Data Privacy Act – comes into force Oct25
  • Minnesota Consumer Data Privacy Act – comes into force Jul25
  • Montana Consumer Data Privacy Act – comes into force Oct24
  • Nebraska Data Privacy Act – comes into force Jan25
  • New Hampshire (SB 255 – Expectation of Privacy) – comes into force Jan25
  • New Jersey – comes into force Jan25
  • Oregon Act on consumer personal data protection – comes into force Jul24
  • Tennessee Information Protection Act (TIPA) – comes into force Jul24
  • Texas Data Privacy and Security Act – comes into force Jul24
  • Utah Consumer Privacy Act – comes into force Dec23
  • Virginia Consumer Data Protection Act – in force since Jan23

If you provide services and meet the thresholds in any of the states highlighted in bold above, you should check whether the law applies to your business and if so, consider the compliance implications (e.g. you may need to update your privacy policy for state specific privacy controls).

More To Explore

GDPR & AI

The key message from the ICO regarding the use of AI is not to forget if AI is processing personal data, then you need to

Read More »

Eat. Sleep. GDPR. Repeat.

We live and breathe GDPR and ePrivacy compliance, so you don’t have too. Our GDPR UNLIMITED helpline is all about offering you help and support, whenever you need it most. As well as the unlimited helpline, you get up to 4 hours “hands-on” help each month, which we can configure to help you in anyway you need such as a GDPR review, or acting as your DPO.

As well as the unlimited helpline and hands-on help you get GDPR and privacy updates, access to our GDPR knowledge centre and webinars.

Unlimited email & phone support

Unlimited email and phone support. Email or organise a voice call as often as you need each month.​

Up to 4 hours "hands-on" help per month

We use these "hands-on" hours to do the GDPR work for you, such as reviews, acting as your DPO, checking DPIA, dealing with breaches, training your staff, etc. (Additional hours: £100+VAT per hour)

Online resources

Our Knowledge Centre gives you access to information, guidance, topic related guides and other tools to support your GDPR and PECR compliance

Updates, alerts & briefings

We provide updates and alerts and a monthly compliance briefing. You can either sign into the Knowledge Centre or sign up via email to receive an email every time we add a new update or alert

DPO services

Whether mandated or not we can act as your Data Protection Officer (DPO) and manage your day to day compliance

Webinars, workshops & training

Whether updates on the latest issue, workshops or team training, it's all included in your monthly retainer.

LIKE WHAT YOU'RE READING? join our email list

Sign up for monthly briefings and the occasional emails about our webinars and services

Want to know more about how we use your data? Check out our privacy policy