Many of our clients have been speaking with us to get a better understanding of their responsibilities under existing privacy laws and regulations. This blog has been developed to help organizations understand their responsibilities under the four state privacy legislations currently enacted in the United States.
Privacy laws have been developing rapidly over the past several years both globally and nationally. California passed the first comprehensive state privacy bill in 2018 with the California Consumer Privacy Act (CCPA). Since then, many state-level privacy laws have been developed and introduced. So far, California has passed and signed a more stringent law in the California Privacy Rights Act (CPRA); Virginia has passed and signed the Consumer Data Protection Act (CDPA); and Colorado has passed the Colorado Privacy Act (CPA).
The table below illustrates the requirements and scope of these laws while showing where they overlap and when they will take effect.