KMK Law Cybersecurity & Privacy Blog

The Colorado Privacy Act (the “CPA”) was signed into law on July 8, 2021 by Governor Jared Polis, only 6 months after Virginia enacted its data privacy law, the Virginia Consumer Data Privacy Act (“VCDPA”).

On March 2, 2021, Virginia Governor Ralph Northam signed the Virginia Consumer Data Protection Act (the “VCDPA”) into law. The VCDPA, which will become effective January 1, 2023, creates rights and obligations related to the collection and processing of consumer personal data. While many of these rights are similar to what we have seen under the California Consumer Protection Act (“CCPA”) or Europe’s General Data Protection Regulation (“GDPR”), many rights, such as the right to appeal the denial of a consumer data request and the establishment of a 30-day cure ...

With the passing of the Utah Consumer Privacy Act and Connecticut Data Privacy Act, data privacy laws are back in the focus of business owners across America. Five states now have comprehensive data privacy protection for consumers—California, Virginia, Colorado, Utah, and Connecticut.

As we ring in the New Year, privacy professionals are collectively holding their breath: January 1, 2020 marked the effective date of the California Consumer Privacy Act, also known as the CCPA.

Every month, we see a new set of privacy best practices or a new set of regulations proposed or adopted by a state, Congress, the White House, or countries around the globe. The versions of best practices continue to multiply and the layers of regulation continue to expand. Every new group or political entity wants to out-perform the last – but has this one-upmanship gone too far?

September 2018 was a busy month for data privacy. We expect the next several months to be extremely active as well, especially with the number of new complaints and data breach notices filed in Europe since May. We will continue to monitor and update developments as the data privacy framework continues to evolve.