Best Practices, CPRA, Laws & Regulations, Privacy Trends

January 2023 Privacy Legislation: The States to Watch

States are ramping up in the new year with more proposed legislation in the absence of movement on federal law. In the coming months, the Colorado Privacy Act and Connecticut Personal Data Privacy and Online Monitoring Act will go into effect on July 1st, the Utah Consumer Privacy Act hits on December 31st, and other states want to join the fray.

Here are the states looking to join California and Virginia with privacy laws in 2023:

  • Indiana
    • Senate Bill 5 is in the Senate and mirrors VCDPA.
  • Iowa
    • House Bill 12 was introduced this month and sent to the Economic Growth and Technology Committee.
  • Kentucky
    • Senate Bill 15 was introduced this month and referred to the Committee on Economic Development, Tourism and Labor.
  • Maryland
    • House Bill 33, a biometric privacy bill, has been reintroduced after stalling in the Senate last year.
  • Mississippi
    • House Bill 467 was introduced this month and has been referred to the Judiciary Committee.
  • Oklahoma
    • House Bill 1030 was introduced and is awaiting the opening of the Oklahoma legislature next month.
  • Oregon
    • Senate Bill 619 is with the Senate president, awaiting referral.
    • Senate Bill 196m, the Oregon Age-Appropriate Design Code, was introduced.
  • Tennessee
    • Senate Bill 73 was introduced this month and is awaiting committee appointments.

How Will Newly Proposed Privacy Laws Affect You

Of those listed above, Indiana and Oregon are proposing the most comprehensive laws. If Indiana and Oregon can pass, that will greatly affect companies that haven’t fallen under other comprehensive laws like CCPA, CPRA, or VCDPA, but for those who are already on the compliance journey, they don’t pose significant changes. However, the New York Privacy Act will introduce intricacies that organizations need to keep an eye on and furthers the new wave of potential legislation.

New York’s Proposed Privacy Law

The New York Privacy Act has unique obligations including strong consent requirements, introduces a limited private right of action and a revenue threshold. This version doesn’t include the data fiduciary but some of the conspectuses still persist in the form of managing personal data “responsibility” thus still indicating a more general duty. At this time, the proposed New York Privacy Act would have the greatest impact on US com

Author

Dan Clarke
Dan Clarke
President, Truyo
January 19, 2023

Let Truyo Be Your Guide Towards Safer AI Adoption

Connect with us today