Nebraska Gov. Jim Pillen on April 17 signed into law LB 1074, the Nebraska Data Privacy Act, making Nebraska the 16th state to enact a comprehensive consumer data privacy law following California, Virginia, Colorado, Utah, Connecticut, Iowa, Indiana, Tennessee, Montana, Texas, Oregon, Delaware, New Jersey, New Hampshire, and Kentucky. The law will go into effect Jan. 1, 2025.
Posts published in “Data Privacy and Security”
Kentucky Gov. Andy Beshear on April 4 signed into law House Bill 15, the Kentucky Consumer Data Protection Act, making Kentucky the 15th state to enact a comprehensive consumer data privacy law following California, Virginia, Colorado, Utah, Connecticut, Iowa, Indiana, Tennessee, Montana, Texas, Oregon, Delaware, New Jersey, and New Hampshire.
New Hampshire Gov. Chris Sununu on March 6 signed into law Senate Bill 255, making New Hampshire the 14th state to enact a comprehensive consumer data privacy law, following California, Virginia, Colorado, Utah, Connecticut, Iowa, Indiana, Tennessee, Montana, Texas, Oregon, Delaware, and New Jersey. The law will go into effect Jan. 1, 2025.
New Jersey Gov. Phil Murphy on Jan. 16 signed into law Senate Bill 332, making New Jersey the 13th state to enact a comprehensive consumer data privacy law, following California, Virginia, Colorado, Utah, Connecticut, Iowa, Indiana, Tennessee, Montana, Texas, Oregon and Delaware. The law will go into effect Jan. 16, 2025.
The upward trend in data privacy legislation continued in 2023. According to the National Conference of State Legislatures, “[a]t least 40 states and Puerto Rico introduced or considered at least 350 consumer privacy bills in 2023,” a significant increase from the 200 bills in 2022.
The Federal Trade Commission recently announced approval of an amendment to the Gramm-Leach-Bliley Act Safeguards Rule to require nonbank financial institutions to report to the FTC the unauthorized acquisition of unencrypted customer information involving at least 500 consumers (a “notification event”).
Delaware Gov. John Carney on Sept. 11 signed into law House Bill 154, the Delaware Personal Data Privacy Act. This makes Delaware the 12th state to enact a comprehensive consumer data privacy law.
The U.S. Court of Appeals for the Seventh Circuit recently affirmed a trial court’s dismissal of a purported data leak class action alleging unauthorized disclosure of driver’s license numbers.
The Illinois Supreme Court, after receiving a certified question from the U.S. Court of Appeals for the Seventh Circuit, recently held that a separate claim accrues under the Illinois Biometric Information Privacy Act each time a private entity improperly scans or transmits an individual’s biometric identifier or information.
Oregon Gov. Tina Kotek has signed into law Senate Bill 619, making Oregon the 11th state to enact a comprehensive consumer data privacy law, following California, Virginia, Colorado, Utah, Connecticut, Iowa, Indiana, Tennessee, Montana, and Texas. The Act will go into effect July 1, 2024.
Nevada installment loan companies are subject to significant new data security requirements as specified in Nevada Senate Bill 355, which was approved by Gov. Joe Lombardo in June and goes into effect Oct. 1, 2023.
Texas Gov. Greg Abbott on June 18 signed into law House Bill 4, the Texas Data Privacy and Security Act. This makes Texas the 10th state to enact a comprehensive consumer data privacy law, following California, Virginia, Colorado, Utah, Connecticut, Iowa, Indiana, Tennessee, and Montana.