To embed, copy and paste the code into your website or blog:
On March 2, Virginia passed HB 2307 (Ch. 36) to enact the Consumer Data Protection Act (VCDPA), which becomes effective Jan. 1, 2023. The privacy concepts included in this act are similar to those found in the California Consumer Privacy Act (“CCPA”)/California Privacy Rights Act (“CPRA”) or General Data Protection Regulation (“GDPR”) and uses similarly defined terms such as “consumer,” “controller,” “processor,” and “personal data;” however, the VCDPA puts its own spin on privacy regulation.
Unlike the CCPA/CPRA or the GDPR, the jurisdictional scope of the VCDPA is more limited. The VCDPA only applies to data controllers (a) conducting business in Virginia or producing products or services that are targeted to Virginians, and (b) that control or process personal data of at least:
A federal court in Michigan recently ruled that out-of-state residents have standing to sue under the Michigan Personal Privacy Protection Act (PPPA). In Lin v. Crain Communications,.
In March, Virginia swiftly passed the Consumer Data Protection Act. According to an investigation by
An investigation conducted by nonprofit news organization
The Markup found that Virginia’s case is not unique. Of the 20 proposed state privacy bills currently being considered across the country, at least 14 of them were built upon the same industry-backed framework established in Virginia. The website further believes that some of these laws might actually be weaker.
In Washington, Oklahoma, Florida and Connecticut, the appearance of tech-friendly provisions in proposed privacy legislation is directly linked to efforts by industry lobbyists. Industry pressure has already forced Texas lawmakers to pass a bill that’s even weaker than Virginia’s.
President Biden may soon announce an Executive Order that will include mandatory breach notification for software vendors that sell to the federal government. Todayâs columnist, Ilia Kolochenko of ImmuniWeb, outlines the history of privacy and notification laws and prospects for a national breach law in the U.S. WorldEconomicForumCreativeCommonsCC BY-NC-SA 2.0
Three years ago, the European Union (EU) overhauled its 1995 data protection directive with the enforcement of the General Data Protection Regulation (GDPR). Perhaps somewhat unintendedly, GDPR created a novel privacy philosophy and culture.
The EUâs high privacy standard possibly inspired the California Privacy Right Act (CPRA) and many other national laws around the globe, including recent updates of the Personal Data Protection Act (PDPA) in Singapore and the upcoming modernization of privacy laws in Canada and Switzerland. Gradually more countries perceive GDPR as a north star for individual privacy rights, dat
To print this article, all you need is to be registered or login on Mondaq.com.
Throughout the month of March, states continued to introduce new
privacy laws of their own as Congress focused on enacting President
Biden s $1.9 trillion COVID-19 relief plan H.R. 1319, the American Rescue Plan Act of
2021 which President Biden signed into law on March 11.
The last month notably featured several key developments in
California, as the state announced the establishment of the
five-member inaugural board for the California Privacy Protection
Agency (CPPA), a new administrative agency created by the
California Privacy Rights Act (CPRA) and charged with implementing