Shining a Light on the Florida Digital Bill of Rights
On May 4, 2023, the Florida ‘Digital Bill of Rights’ (SB 262) cleared the state legislature and now heads to the desk of the Governor for signature. SB 262 bears many similarities to the Washington Privacy Act and its progeny (specifically the Texas Data Privacy and Security Act). However, SB 262 is unique given its […]
A New Paradigm for Consumer Health Data Privacy in Washington State
The Washington ‘My Health, My Data’ Act (MHMD or the Act) establishes a fundamentally new legal framework within U.S. law to regulate the collection, use, and transfer of consumer health data. Signed into law by Governor Inslee on April 27, MHMD was introduced by request of the Washington Attorney General in response to the Supreme […]
Tenn. Makes Nine? ‘Tennessee Information Protection Act’ Set to Become Newest Comprehensive State Privacy Law
On Friday April 21, Nashville lawmakers approved the Tennessee Information Protection Act (TIPA) following unanimous votes. Tennessee now joins Iowa, Indiana, and Montana as the four states in 2023 that have advanced baseline privacy legislation governing the collection, use, and transfer of consumer data. TIPA is closely modeled on the Virginia Consumer Data Protection Act […]
Iowa Senate Advances Comparatively Weak Consumer Privacy Bill
By Keir Lamont & Mercedes Subhani Update: On March 28, Governor Kim Reynolds signed SF 262 into law, making Iowa the 6th state to enact a baseline consumer privacy framework. Lawmakers in Iowa are considering the adoption of a new consumer privacy framework that would fall far short of comparable state privacy laws in terms of […]
Five Big Questions (and Zero Predictions) for the U.S. State Privacy Landscape in 2023
Entering 2023, the United States remains one of the only global economic powers that lacks a comprehensive, national framework governing the collection and use of consumer data throughout the economy. Congress made unprecedented progress toward enacting baseline privacy legislation in 2022. However, the apparent impasse in the efforts to move H.R. 8152, the American Data […]
The “Colorado Effect?” Status Check on Colorado’s Privacy Rulemaking
Colorado is set to formally enter a rulemaking process which may establish de facto interpretations for privacy protections across the United States. With the passage of the Colorado Privacy Act (CPA) in 2021, Colorado, along with Virginia, Utah, and Connecticut, became part of an emerging group of states adopting privacy laws that share a similar […]
FPF Addresses ‘Opt-Out Preference Signals’ in Comments on California Draft Privacy Regulations
Yesterday, the Future of Privacy Forum (FPF) filed comments with the California Privacy Protection Agency regarding the Agency’s initial set of draft regulations to implement the California Privacy Rights Act amendments to the California Consumer Privacy Act. FPF’s comments are directed towards ensuring that both individuals and businesses have clarity for the implementation and exercise […]
FPF Files Comments on Colorado Privacy Act Pre-Rulemaking Activity
Today, the Future of Privacy Forum (FPF) filed comments with the Colorado Department of Law regarding forthcoming rulemaking under the Colorado Privacy Act (CPA). The CPA, which goes into effect in July 2023, will establish important new data privacy rights, controls, and protections for individuals in Colorado. FPF’s comments are directed toward ensuring that forthcoming […]
When is a Biometric No Longer a Biometric?
In October 2021, the White House Office of Science and Technology (OSTP) published a Request for Information (RFI) regarding uses, harms, and recommendations for biometric technologies. Over 130 entities responded to the RFI, including advocacy organizations, scientists, experts in healthcare, lawyers, and technology companies. While most commenters agreed on core concepts of biometric technologies used […]
Party of Five: Connecticut Poised to Pass Fifth U.S. State Privacy Law, Improving Upon Virginia, Colorado
This week, the Connecticut legislature passed Senate Bill 6, an ‘Act Concerning Personal Data Privacy and Online Monitoring.’ If SB 6 is enacted by Governor Lamont, Connecticut will follow California, Virginia, Colorado, and Utah as the fifth U.S. state to adopt a baseline regime for the governance of personal data. The law would come into […]