To print this article, all you need is to be registered or login on Mondaq.com.
Throughout the month of March, states continued to introduce new
privacy laws of their own as Congress focused on enacting President
Biden s $1.9 trillion COVID-19 relief plan H.R. 1319, the American Rescue Plan Act of
2021 which President Biden signed into law on March 11.
The last month notably featured several key developments in
California, as the state announced the establishment of the
five-member inaugural board for the California Privacy Protection
Agency (CPPA), a new administrative agency created by the
California Privacy Rights Act (CPRA) and charged with implementing
To embed, copy and paste the code into your website or blog:
On March 2, 2021, Governor Northam signed into law Virginia’s own Consumer Data Protection Act (“Virginia CDPA” or the “Act”), a bill that brings together concepts from the EU’s General Data Protection Regulation (GDPR) as well as the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). It is the first of its kind legislation on the East Coast. The law will go into effect on January 1, 2023.
The drafters of the Virginia CDPA appear to have benefited from observing the pitfalls and problems that arose in the development and implementation of both GDPR and CCPA. The Virginia bill deftly avoids several of those by incorporating narrower, more tailored definitions that clearly exclude categories of data and businesses over which there was (and continues to be) some confusion with respect to both the EU/UK and California compliance regimes. It also adopts, in concept, the framework