With eight states rolling out new privacy laws in 2025 and many more already on the books, businesses have never faced a more fragmented regulatory landscape. These laws will expand consumer rights, impose stricter data...more
On May 9, Maryland became the second state to enact an (AADC), the Maryland Kids Code, alongside the Maryland Online Data Privacy Act (MODPA) — Maryland’s first comprehensive data privacy bill. Maryland’s AADC follows...more
A recent spate of successful legal challenges has provided some relief from the ever-swelling wave of state privacy laws. The legal bases of these challenges vary, but taken together, they highlight that state privacy laws –...more
Texas Governor Greg Abbott signed into law the Texas Data Privacy and Security Act (TDPSA) on June 18, 2023. With the passage of TDPSA, Texas becomes the tenth state to adopt a consumer data privacy law. TDPSA passed the...more
Much like the beginning of 2023, when two new state data privacy acts went into effect, the midpoint of 2023 will feature two more state data privacy acts coming onto the books. On July 1, 2023, the Colorado Privacy Act...more
In his State of the Union address on February 7, 2023, President Biden affirmed his position on consumer data privacy protections and specifically his focus on strengthening protections for children. With several state data...more
Some states will affirmatively require annual audits of a business’s data collection and processing practices and—in some cases—to submit those audits to state regulators. With new US state data protection laws taking...more
What is a data protection impact assessment (DPIA)? A data protection impact assessment or data protection assessment (DPIA) is a form of risk assessment that is designed to help organizations identify, analyze and...more