This year, comprehensive privacy laws are going into effect in eight states to regulate how businesses handle digital information and to give consumers more protections over their personal data.
The laws in Delaware, Iowa, Minnesota, Nebraska, New Hampshire, New Jersey and Tennessee have taken effect already this year, according to a database from the International Association of Privacy Professionals’ Westin Research Center. Maryland’s privacy law, signed by Democratic Gov. Wes Moore last year, will go into effect Oct. 1.
Privacy laws enacted in Indiana, Kentucky and Rhode Island will go into effect next year.
Several other states are considering comprehensive privacy bills during this year’s legislative sessions. They include Massachusetts, Michigan, North Carolina, Pennsylvania and Wisconsin.
When a person visits a website, applies to a job or logs into an online portal, they may be sharing their personal information. Comprehensive privacy laws can apply to a wide range of companies that participate in this kind of data collection.
These laws generally include two types of provisions — those related to consumer rights and those that establish business obligations, according to the association.
Under each of the new laws, consumers have the right to control when and how their data is collected and shared. Some of those provisions include the right to delete data from a company’s database, the ability to opt out of sharing sensitive information and the right to prohibit a company from selling their data.
The new measures also require businesses to ask consumers if they want to opt in to data collection. In some states, businesses are required to complete consumer data risk assessments and identify ways in which discrimination could take place. Some companies also may be required to limit to how consumer data is processed.
Hellbound and Down 