Friday, April 30, 2021
In a previous update, we provided a comprehensive round-up of several notable pending US state privacy laws. We are checking-in on the progression of some of those laws in this further update. The next installment will update the remaining state laws in progress.
New Laws
Virginia
The Virginia Consumer Data Protection Act (“CDPA”) was signed into law on March 2, 2021, making Virginia the second US state after California to pass a comprehensive data privacy law. Those familiar with the European Union General Data Protection Regulation (“GDPR”) will recognize terminology throughout the CDPA, mimicking many GDPR-defined terms, such as “controller”, “processor” and “personal data.” While not quite as expansive as the GDPR in every respect, the CDPA is a broad-based privacy law that is on par with the California Consumer Privacy Act (“CCPA”). For our summary of the CDPA, please see our overview of the Virginia
Legal Disclaimer
You are responsible for reading, understanding and agreeing to the National Law Review s (NLR’s) and the National Law Forum LLC s Terms of Use and Privacy Policy before using the National Law Review website. The National Law Review is a free to use, no-log in database of legal and business articles. The content and links on www.NatLawReview.com are intended for general information purposes only. Any legal analysis, legislative updates or other content and links should not be construed as legal or professional advice or a substitute for such advice. No attorney-client or confidential relationship is formed by the transmission of information between you and the National Law Review website or any of the law firms, attorneys or other professionals or organizations who include content on the National Law Review website. If you require legal or professional advice, kindly contact an attorney or other suitable professional advisor.
Introduction
Consistent with a growing national trend, Virginia joined
California in recently passing consumer privacy legislation with
broad national reach. Both the Virginia Consumer Data Protection
Act (Virginia CDPA) and the California Privacy Rights Act (CPRA)
take effect on Jan. 1, 2023, following closely behind the recently
passed and enacted California Consumer Privacy Act (CCPA), which
went into effect in January 2020. Kramer Levin developed the
following checklist to help businesses better understand:
Whether these laws apply to your business
What consumer rights they create
How to respond to consumers exercising these rights
The best practices to streamline and ensure business
compliance
For companies that have already implemented the CCPA, the good
To print this article, all you need is to be registered or login on Mondaq.com.
Virginia has joined California as the second state to enact a
comprehensive data privacy law. On March 2, 2021, Virginia Governor
Ralph Northam signed the Virginia Consumer Data Protection
Act (VCDPA) into law. The VCDPA does not go into effect
until January 1, 2023, but the broad privacy mandate will have an
immediate impact on compliance efforts for many Virginia
businesses.
The law includes elements similar to those found in the California Consumer Privacy Act (CCPA)
and the newly enacted California Privacy Rights Act (CPRA),
such as provisions granting Virginia residents the right to access,
The Virginia legislature, which adjourned its annual legislative session last week, passed the second state-level consumer data privacy law in the nation.