Blog
New State Privacy Laws in Virginia and Colorado
In the absence of federal privacy legislation and in response to growing public concern over businesses’ use of personal data here in the U.S., more states are filling the void that exists in the area of consumer privacy protection. Earlier this year, Virginia passed the Virginia Consumer Data Protection Act (CDPA), and more recently, Colorado introduced the Colorado Privacy Act (CPA) on July 7th, 2021. Both of these laws will take effect in 2023.
In addition, privacy legislation is currently under consideration in Washington, New York and Minnesota. For companies who do business throughout the U.S., the onerous compliance obligations presented by this patchwork of privacy laws might best be managed by complying with the most restrictive requirements across the board, rather than trying to implement and manage state-by-state requirements.
Side-by-Side Comparison
This chart summarizes and compares the privacy laws in California, Virginia and Colorado. These summaries are meant to highlight the main requirements of these laws, and are not comprehensive. Companies should work with their lawyers to create a compliance program that best suits their needs.
If your business is impacted by Virginia’s CDPA, Colorado’s CPA, or both, it is important to review your privacy policies and practices and prepare for compliance by 2023. We are happy to help.
This publication should not be construed as legal advice or a legal opinion on any specific facts or circumstances nor an offer to represent you. It is not intended to create, and receipt does not constitute, an attorney-client relationship. The contents are intended for general informational purposes only, and you are urged to consult your attorney concerning any particular situation and any specific legal questions you may have. Pursuant to applicable rules of professional conduct, portions of this publication may constitute Attorney Advertising.