Comprehensive Privacy Law

Subscribe to Comprehensive Privacy Law via RSS

Oregon’s Privacy Law: Six Month Update, With Six Months to End of Cure Period

By Liisa Thomas & Kathryn Smith on March 26, 2025

Posted in Comprehensive Privacy Law, Oregon Privacy, Rights Requests, US Privacy

Oregon’s Attorney General released a new report this month, summarizing the outcomes since Oregon’s “comprehensive” privacy law took effect six months ago. A six-month report isn’t new: Connecticut released a six month report in February of last year to assess how consumers and businesses were responding to its privacy law.Continue Reading Oregon’s Privacy Law: Six Month Update, With Six Months to End of Cure Period

The Comprehensive Privacy Law Deluge: Impact on Loyalty Programs

By Liisa Thomas, Julia Kadish & Kathryn Smith on October 2, 2023

Posted in California Privacy, Colorado Privacy, Comprehensive Privacy Law, Consumer Privacy, Florida Privacy, US Privacy

Among the various requirements under US state comprehensive privacy laws, those that relate to loyalty programs may be some of the most confusing. Only three states — California, Colorado and Florida — regulate these programs. How they do this varies, and the level of detail contained in the laws also varies. In California and Florida, the laws’ impact on loyalty programs is in how they define “financial incentives.” These are times when a company “pays” a consumer for their personal information. This might occur with a straight cash payment. More common though, is optimized pricing or providing a higher quality of services in exchange for getting personal information. For those who offer loyalty programs, depending on how they are operated, they may viewed as be financial incentives under these laws. Colorado’s comprehensive privacy law, on the other hand, imposes obligations on companies that operate “bona fide loyalty programs.” These are defined as programs where information is processed solely to provide the program’s benefits. Benefits must be -like in California- better pricing or quality of services.Continue Reading The Comprehensive Privacy Law Deluge: Impact on Loyalty Programs

The “First State” Officially Becomes the Thirteenth State with a Comprehensive Data Privacy Law

By Liisa Thomas, Julia Kadish & Kathryn Smith on September 13, 2023

Posted in Comprehensive Privacy Law, Delaware Privacy, US Privacy

After some delay, Delaware’s governor has at last signed into law the thirteenth state comprehensive privacy law. This is the seventh law passed in 2023, joining Iowa, Indiana, Tennessee, Montana, Florida, and Oregon. The law takes effect on January 1, 2025. The bill was passed by Delaware’s congress at the end of June and was sent to the governor’s office for signature on June 30, 2023. He did not sign it, though, until this week.Continue Reading The “First State” Officially Becomes the Thirteenth State with a Comprehensive Data Privacy Law

The Comprehensive Privacy Law Deluge: Record-Keeping and Related Requirements

By Liisa Thomas & Kathryn Smith on September 11, 2023

Posted in Comprehensive Privacy Law, Consumer Privacy, Delaware Privacy, Florida Privacy, Indiana Privacy, Iowa Privacy, Montana Privacy, Oregon Privacy, Tennessee Privacy, Texas Privacy, US Privacy, Utah Privacy

It’s been a busy summer for US state privacy laws, and companies now need to keep track of a growing list of requirements from these laws. These include many we have written about in the past, including notice, vendor contract provisions, and offering consumers rights and choices. The laws also impose certain record keeping requirements, which we discuss here.Continue Reading The Comprehensive Privacy Law Deluge: Record-Keeping and Related Requirements

Eye On Privacy