CYBERSECURITY & DATA PRIVACY

By Laura Clark Fey, Esq. and Maddie Level, Esq. Fey LLC

Five state comprehensive privacy laws will become fully effective in 2023. The first two, the California Consumer Privacy Rights Act, which significantly updates the current California Consumer Protection Act, and the Virginia Consumer Data Protection Act, will become fully effective on January 1, 2023. These comprehensive state privacy laws impose strict obligations on organizations that collect and use personal information of state residents’ personal information and impose significant penalties for violations. This makes it particularly important not to give compliance the cold shoulder this winter. For many entities, the patchwork quilt of U.S. data protection and privacy laws, soon to include multiple, comprehensive state privacy laws, creates a regulatory maze of obligations. We have written this article to provide a guide designed to assist readers in understanding and meeting their obligations arising from these state comprehensive data privacy laws, including: The California Privacy Rights Act, the Colorado Privacy Act, the Connecticut Data Privacy Act, the Virginia Consumer Data Privacy Act, and the Utah Consumer Privacy Act.

These laws provide consumers with multiple privacy protections and rights concerning their personal information. The laws also impose a number of privacy and security obligations on organizations collecting or processing personal information.

Read the full article from DRI’s For The Defense at: https://bit.ly/3fxRysM.

Laura Clark Fey, Chair of DRI’s Cybersecurity and Data Privacy Committee and one of the first twenty-seven U.S. attorneys recognized as Privacy Law Specialists through the IAPP, leads Fey LLC, a global data privacy and information governance law firm. Maddie Level is an associate at Fey LLC. She assists the firm’s clients in navigating a broad variety of global data privacy and information governance issues.