In 2018, California enacted the California Consumer Privacy Act (“CCPA”), the first state-level “omnibus” privacy law, which imposes broad obligations on businesses to provide state residents with transparency and control of their personal data. This year, Maine and Nevada have followed suit and passed legislation focused on consumer privacy, and Pennsylvania has a consumer privacy bill currently under legislative review. Other states in which US companies do business saw similar legislation, such as Hawaii, Illinois, Massachusetts, Mississippi, New Mexico, New York, Rhode Island, Texas, and Washington. However, those state bills did not pass this year. Nonetheless, companies should consider that those state bills could be reintroduced and garner support should privacy become a hot topic for state residents and the US generally going forward.
The chart, which can be accessed above, provides a high-level summary of the new state privacy laws that have been enacted, and it also summarizes the Pennsylvania bill, which, if signed into law, will become effective immediately. We will provide updates regarding the Pennsylvania bill as they become available, and we will continue to track state-level consumer privacy legislative efforts. If you have any questions, please do not hesitate to reach out to the Contact Partners listed.
