Washington – As state legislatures return they are introducing a range of privacy measures, building on previous efforts during the 2021-2022 biennium. During that period, more than 80 bills were introduced in over 30 states ranging from comprehensive consumer data privacy packages to proposals more narrowly focused on biometric or health data.
The Computer & Communications Industry Association released its summary of the previous legislative session and predictions for the year ahead for state privacy legislation. 2023 marks an important landmark as five state laws – Colorado, Connecticut, Utah, and Virginia, and revisions to California Privacy Protection Act – become effective. Virginia and Connecticut may further amend their recently enacted privacy laws, while many other states are poised to follow suit and enact their own legislative proposals.
CCIA has advocated for comprehensive federal privacy legislation and supported baseline privacy measures for 25 years.
The following can be attributed to CCIA State Policy Director Khara Boender:
“While we understand the urge for state legislators to address data privacy concerns, Congress should enact baseline privacy legislation to provide consumers with consistent data protections and companies with uniform compliance standards and better legal certainty. Patchwork privacy protections are especially difficult for smaller businesses that may have smaller legal compliance teams and may struggle to comply with variable local and state regulations. We are monitoring and engaging in state efforts to ensure that the good intentions of legislation are not undermined by unintended consequences, such as creating subjective compliance standards or requirements for companies to gather more data, particularly for children.”