In an article for Infosecurity Magazine, Ali Jessani details the most notable trends from the privacy laws in California, Colorado and Virginia that are likely to influence other states.
Excerpt: It hasn’t been long since the California Consumer Privacy Act (CCPA) was the only game in town for comprehensive privacy laws in the United States. Less than two years since the CCPA went into effect, California passed a new privacy law through a ballot initiative—the California Privacy Rights and Enforcement Act (CPRA)—and has been joined by Virginia and Colorado as other states that have passed their own privacy laws. These three states are already creating a patchwork of compliance obligations for businesses and may be joined by other states in the near future.
The recently passed privacy laws in California, Colorado, and Virginia differ significantly from one another (and this topic could merit its own article). However, as other state regulators and legislatures debate passing their own privacy laws, it is worth taking a step back and assessing how the current US privacy landscape stands and how these new laws could impact future legislation. The purpose of this article is to identify similarities between these laws and analyze which aspects other states are most likely to adopt should they pass their own bills.
