To embed, copy and paste the code into your website or blog:
We have long predicted that just as other states followed California in passing breach notification laws, states would follow in California’s footsteps in regulating information privacy practices with the California Consumer Privacy Act of 2018 (CCPA), which was later amended by the California Privacy Rights Act of 2020 (CPRA). [1] The Virginia state legislature recently became the first state to do so, surprising many with news that it quickly passed and signed into law comprehensive privacy legislation, namely the Virginia Consumer Data Protection Act (CDPA). Like the CCPA, Virginia’s CDPA builds on the Fair Information Privacy Principles (FIPP), making many of the lessons learned implementing the CCPA applicable here. The CDPA will take effect January 1, 2023.
To embed, copy and paste the code into your website or blog:
Virginia knocked off California’s crown as the only U.S. state to have a comprehensive, general consumer privacy law when Governor Ralph Northam signed the Virginia Consumer Data Protection Act (“
CDPA”) into law on March 2, 2021, unless you count Nevada which we warned you would stay in Vegas. The law takes effect on January 1, 2023, matching the effective date of the California Privacy Rights Act (“
CPRA”).
Here is what in-house counsel should do now to be well-positioned for compliance in 2023:
Figure out how many Virginians’ personal data your organization processes to determine whether the CDPA applies to your organization. As discussed below, the CDPA applies only to certain for-profit entities based on processing thresholds.
Florida state legislature is considering a sweeping data privacy bill giving consumers greater control over how their personal information is used while imposing greater restrictions on companies’ use of that data.
To embed, copy and paste the code into your website or blog:
On March 2, 2021, Governor Northam signed into law Virginia’s own Consumer Data Protection Act (“Virginia CDPA” or the “Act”), a bill that brings together concepts from the EU’s General Data Protection Regulation (GDPR) as well as the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). It is the first of its kind legislation on the East Coast. The law will go into effect on January 1, 2023.
The drafters of the Virginia CDPA appear to have benefited from observing the pitfalls and problems that arose in the development and implementation of both GDPR and CCPA. The Virginia bill deftly avoids several of those by incorporating narrower, more tailored definitions that clearly exclude categories of data and businesses over which there was (and continues to be) some confusion with respect to both the EU/UK and California compliance regimes. It also adopts, in concept, the framework
Virginia Governor Signs Nation s Second Comprehensive Consumer Data Privacy Law | Hudson Cook, LLP jdsupra.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from jdsupra.com Daily Mail and Mail on Sunday newspapers.