Tennessee Gov. Bill Lee on May 11 signed into law House Bill 1181, making Tennessee the eighth state to enact a comprehensive consumer data privacy law, following California, Virginia, Colorado, Utah, Connecticut, Iowa, and Indiana. The law will take effect July 1, 2024.
Posts tagged as “Privacy”
Indiana Gov. Eric Holcomb on May 1 signed into law Senate Bill 5, making Indiana the seventh state to enact a comprehensive consumer data privacy law, following California, Virginia, Colorado, Utah, Connecticut, and Iowa. The law will take effect Jan. 1, 2026.
The Texas House of Representatives on April 4 voted unanimously in favor of Texas House Bill 4, the Texas Data Privacy and Security Act. The Texas legislature remains in session through May 29, so there is ample time for the legislation to continue its course.
The Illinois Supreme Court recently held that a separate claim accrues under the Illinois Biometric Information Privacy Act each time a private entity scans or transmits an individual’s biometric identifier or other protected information in violation of section 15(b) or (d) of BIPA.
The upward trend in data privacy legislation continued in 2022. According to the National Conference of State Legislatures, “[a]t least 35 states and the District of Columbia in 2022 introduced or considered almost 200 consumer privacy bills,” which is a significant increase from 160 bills in 2021.
In a pair of recent enforcement actions, the Federal Trade Commission cracked down on companies with allegedly lax data security measures that resulted in the theft of personal information of millions of consumers.
On Oct. 25, 2022, the Director of the Consumer Financial Protection Bureau (CFPB), Rohit Chopra, announced at a fintech conference that the CFPB “will launch the process to activate a dormant authority under Section 1033 of the Consumer Financial Protection Act . . . [to] provide for personal financial data rights for Americans . . .”
On Sept. 27, Michigan Sen. Rosemary Bayer and eight fellow Democrat cosponsors introduced Senate Bill 1182, which would create the Michigan Personal Data Privacy Act. The Michigan Legislature remains in session through the end of the year.
Insufficient data protection or information security can violate the prohibition against unfair acts or practices according to a circular released last week by the federal Consumer Financial Protection Bureau.
On Aug. 11, 2022, the Federal Trade Commission issued an Advance Notice of Proposed Rulemaking seeking input that will shape potential rules “to crack down on harmful commercial surveillance and lax data security.”
Determining whether your business engages in activities that can trigger coverage is discussed by the Federal Trade Commission in just released guidance entitled “FTC Safeguards Rule: What Your Business Needs to Know.” The Rule applies to many businesses beyond the scope of what are commonly understood to be “financial institutions” and has implications for service providers to covered entities.
On May 10, Gov. Ned Lamont signed into law Substitute Senate Bill 6 (Public Act 22-15), Connecticut’s version of comprehensive consumer data privacy legislation. This makes Connecticut the fifth state to enact such legislation, following California, Virginia, Colorado, and Utah. The Act will go into effect July 1, 2023.