![Photo of David Stauss [Former Attorney]](https://lexblogplatform.com/wp-content/uploads/sites/631/userphoto/7147-1572288796.jpg)
This 18 minute on-demand webinar provides an overview of the Utah Consumer Privacy Act (UCPA). The UCPA passed the Utah legislature on March 3, 2022. Subject to the Governor’s approval, Utah will become the fourth state to enact consumer privacy legislation, following in the footsteps of California, Colorado, and Virginia.
The webinar provides an analysis
Keypoint: This week the Utah legislature passed the Utah Consumer Privacy Act, the Florida House passed HB 9, there was activity with bills in Connecticut, Nebraska and Washington, and Virginia lawmakers have now passed four VCDPA amendment bills.
Below is our eighth weekly update on the status of proposed state privacy legislation in 2022. Before we get to our update, we wanted to provide two reminders.
First, we regularly update our 2022 State Privacy Law Tracker to keep pace with the latest developments with CCPA-like privacy bills. We encourage you to bookmark the page for easy reference.
Second, the contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated. If you are interested in tracking developments between blog posts, consider following on LinkedIn and/or Twitter.
Keypoint: Organizations subject to these laws will need to determine whether they are engaging in “sales,” which can be a complex and multifaceted analysis given the statutes’ varying definitions and exemptions.
This is the fifth post in our ten-part weekly series comparing key provisions of the California Privacy Rights Act (CPRA), Colorado Privacy Act (CPA), and Virginia Consumer Data Protection Act (VCDPA). With the operative dates of these laws drawing near, we are exploring important distinctions between them. If you are not already subscribed to our blog, consider subscribing now to stay updated.
In this article, we analyze how each of these laws treat “sales” of personal information/data. The CPRA, CPA, and VCDPA all give consumers the right to opt-out of the sale of their personal information/data by businesses/controllers. Whether organizations need to provide this right is obviously dependent on whether they are selling personal data. That analysis, however, is complicated by the fact that the laws define “sale” differently and contain different exemptions. Reconciling the definitions and exemptions will be an important step for any organization complying with these laws.
In the below article, we analyze these issues by first comparing the definitions of sale under the three laws and then analyzing the various exemptions.
Keypoint: Utah is on the cusp of becoming the fourth state to pass consumer privacy legislation while Florida’s bill is now through one chamber.
There were two significant developments in state privacy law on March 2 with the Utah Senate passing SB 227 and the Florida House passing HB 9. Below are updates on both of the bills.
Keypoint: This week the Utah Senate and Wisconsin Assembly passed bills, the Florida House Judiciary Committee advanced HB9, new bills were introduced in Connecticut and Kentucky, and Virginia lawmakers passed a VCDPA amendment.
Below is our seventh weekly update on the status of proposed state privacy legislation in 2022. Before we get to our update, we wanted to provide two reminders.
First, we regularly update our 2022 State Privacy Law Tracker to keep pace with the latest developments with CCPA-like privacy bills. We encourage you to bookmark the page for easy reference.
Second, the contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated. If you are interested in tracking developments between blog posts, consider following on LinkedIn and/or Twitter.
As first reported by the IAPP’s Joe Duball, the Wisconsin Assembly voted 59-37 to pass AB 957. The bill is similar, but not identical, to the Virginia Consumer Data Protection Act (VCDPA).
Wisconsin is the second state (after Indiana) to pass a consumer privacy bill out of a chamber during the 2022 legislative
Keypoint: California legislators introduced eight bills to amend or supplement the CPRA, including AB2891 that seeks to extend the employee and business-to-business exemptions, and AB2871 that seeks to make those exemptions indefinite.
Last week, California lawmakers proposed eight bills to amend or supplement the California Privacy Rights Act (CPRA).
AB2871 and AB2891, both filed by Assembly Member Low on February 18, 2022, would extend the employee and business-to-business exemptions either indefinitely (AB2871) or until January 1, 2026 (AB2891). Both exemptions are currently set to sunset on January 1, 2023. The filing of these bills was first reported by Jennifer Ruehr. Whether either of these bills has a chance at passing remains to be seen.
Keypoint: This week Indiana’s bill continued to advance in the House (after previously passing the Senate), lawmakers voted bills out of committee in Iowa and Oklahoma, and new bills were introduced in Maine, Utah and Wisconsin.
Below is our sixth weekly update on the status of proposed state privacy legislation in 2022. Before we get to our update, we wanted to provide three reminders.
First, on February 23, 2022, we will be hosting a webinar to analyze the proposed CCPA-like privacy bills. For more information, and to register, click here.
Second, we regularly update our 2022 State Privacy Law Tracker to keep pace with the latest developments with CCPA-like privacy bills. We encourage you to bookmark the page for easy reference.
Finally, the contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated. If you are interested in tracking developments between blog posts, consider following on LinkedIn and/or Twitter.
Keypoint: The CPRA requires that businesses use certain types of sensitive personal information only for limited purposes, otherwise they must notify consumers of the additional purposes and provide consumers the opportunity to opt-out of such processing, while the VCDPA and CPA require controllers to obtain consumer consent and conduct data processing assessments prior to processing sensitive data.
This is the fourth article in our ten-part weekly series comparing key provision of the California Privacy Rights Act (CPRA), Colorado Privacy Act (CPA), and Virginia Consumer Data Protection Act (VCDPA). With the operative dates of these laws drawing near, we are exploring important distinctions between them. If you are not already subscribed to our blog, consider subscribing now to stay updated.
In this article, we examine how the three laws treat sensitive personal information. The CPRA has a broad definition of sensitive personal information although, to be subject to the law’s limitations, a business must collect or process that information for the “purpose of inferring characteristics about a consumer.” If so, the CPRA grants consumers the right to limit a business’s processing of such data to certain purposes specified in the law. Conversely, the VCDPA and CPA define sensitive data differently than the CPRA and require controllers to obtain consumer consent and conduct a data processing assessment prior to processing such information.
Below is an analysis of this topic.
Keypoint: This week new bills were introduced in Arizona, Iowa, Rhode Island, and Wisconsin, bills were voted out of committee in Florida, New York, and Ohio, and there was more movement on the VCDPA amendment bills.
Below is our fifth weekly update on the status of proposed state privacy legislation in 2022. Before we get to our update, we wanted to provide three reminders.
First, on February 23, 2022, we will be hosting a webinar to analyze the proposed CCPA-like privacy bills. For more information, and to register, click here.
Second, we regularly update our 2022 State Privacy Law Tracker to keep pace with the latest developments with CCPA-like privacy bills. We encourage you to bookmark the page for easy reference.
Finally, the contents provided below are time-sensitive and subject to change. If you are not already subscribed to our blog, consider doing so to stay updated. If you are interested in tracking developments between blog posts, consider following on LinkedIn and/or Twitter.