Pennsylvania Gov. Josh Shapiro recently approved Senate Bill 824, which amends Pennsylvania’s data breach notification law, 73 Pa. Stat. Ann. § 2301, et seq.
Posts published by “Eric Rosenkoetter”
Eric Rosenkoetter is a principal at Maurice Wutscher LLP, where he provides counsel to businesses and consumer financial services firms nationwide. For many years, he has focused his practice on various aspects of financial services law. As a litigation attorney, he has conducted every aspect of the litigation process, including countless depositions, motion proceedings, bench and jury trials, and appeals in various courts. In addition, he has significant experience as a compliance and transactional attorney, providing strategic, business growth, legislative, compliance and regulatory advice to national corporations and trade associations. For example, he has drafted consumer contracts and disclosures designed to state-specific statutory requirements, and developed “Best Practices” guides and state-by-state compliance grids, for national financial services companies. He also conducted research and crafted a metrics report for a national trade association with analysis designed to counter the claims of advocacy groups. Eric’s experience also includes working for a national corporation as Executive Counsel, Chief Compliance and Ethics Officer, and Director of Legislative Affairs, and as a federal lobbyist and Director of Government and Public Affairs for a national financial services trade association. In the government sector, Eric presided over approximately 6,000 state administrative hearings, served as a staff attorney for the Missouri Senate, and handled litigation in 33 counties as a regional managing attorney. Eric frequently speaks to audiences on topics relevant to the financial services industry including regulatory compliance, data privacy law and related advocacy initiatives. For more information, see https://mauricewutscher.com/attorneys/eric-rosenkoetter/
Rhode Island Senate Bill 2500, the "Rhode Island Data Transparency and Privacy Protection Act," was enacted on June 28 without Gov. Dan McKee’s signature. The Act will go into effect Jan. 1, 2026.
Minnesota Gov. Tim Walz recently signed into law HF 4757, the Minnesota Consumer Data Privacy Act, making Minnesota the 18th state to enact a comprehensive consumer data privacy law. The Act will go into effect July 31, 2025.
Maryland Gov. Wes Moore on May 9 signed into law House Bill 567/Senate Bill 541, the Maryland Online Data Privacy Act of 2024, making Maryland the 17th state to enact a comprehensive consumer data privacy law.
The Massachusetts Office of Attorney General (“AGO”) recently issued an Advisory on the development, supply, and use of artificial intelligence (“AI”). The Advisory provides guidance in the context of the Massachusetts Consumer Protection Act,[1] Anti-Discrimination Law,[2] Data Security Law,[3] and associated regulations.
Nebraska Gov. Jim Pillen on April 17 signed into law LB 1074, the Nebraska Data Privacy Act, making Nebraska the 16th state to enact a comprehensive consumer data privacy law following California, Virginia, Colorado, Utah, Connecticut, Iowa, Indiana, Tennessee, Montana, Texas, Oregon, Delaware, New Jersey, New Hampshire, and Kentucky. The law will go into effect Jan. 1, 2025.
Kentucky Gov. Andy Beshear on April 4 signed into law House Bill 15, the Kentucky Consumer Data Protection Act, making Kentucky the 15th state to enact a comprehensive consumer data privacy law following California, Virginia, Colorado, Utah, Connecticut, Iowa, Indiana, Tennessee, Montana, Texas, Oregon, Delaware, New Jersey, and New Hampshire.
New Hampshire Gov. Chris Sununu on March 6 signed into law Senate Bill 255, making New Hampshire the 14th state to enact a comprehensive consumer data privacy law, following California, Virginia, Colorado, Utah, Connecticut, Iowa, Indiana, Tennessee, Montana, Texas, Oregon, Delaware, and New Jersey. The law will go into effect Jan. 1, 2025.
New Jersey Gov. Phil Murphy on Jan. 16 signed into law Senate Bill 332, making New Jersey the 13th state to enact a comprehensive consumer data privacy law, following California, Virginia, Colorado, Utah, Connecticut, Iowa, Indiana, Tennessee, Montana, Texas, Oregon and Delaware. The law will go into effect Jan. 16, 2025.
The upward trend in data privacy legislation continued in 2023. According to the National Conference of State Legislatures, “[a]t least 40 states and Puerto Rico introduced or considered at least 350 consumer privacy bills in 2023,” a significant increase from the 200 bills in 2022.
The Federal Trade Commission recently announced approval of an amendment to the Gramm-Leach-Bliley Act Safeguards Rule to require nonbank financial institutions to report to the FTC the unauthorized acquisition of unencrypted customer information involving at least 500 consumers (a “notification event”).
Delaware Gov. John Carney on Sept. 11 signed into law House Bill 154, the Delaware Personal Data Privacy Act. This makes Delaware the 12th state to enact a comprehensive consumer data privacy law.