Data and user privacy under GDPR
US State Privacy Laws
States are increasingly enacting laws to protect consumer privacy. The California Consumer Privacy Act (CCPA) was passed in 2018 and came into effect in 2020. This law was later amended by the California Privacy Rights Act (CPRA) on January 1, 2023. Since then, four other states (Virginia, Colorado, Connecticut, and Utah) have implemented comprehensive consumer privacy laws that will be in effect during 2023, and more states are considering similar legislation. These laws are collectively referred to as “State Privacy Laws” and they give residents of these states greater control over their personal information. If your website is accessible to residents of these states or if you handle personal information from those states, these laws may apply to your business.
Other Data Privacy Laws
Data privacy laws vary by country and region, but many have been implemented to protect the personal information of individuals. Apart from GDPR and several United States laws there are other countries with similar laws. There is the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada, the Lei Geral de Proteção de Dados Pessoais (LGPD) in Brazil, the Act on the Protection of Personal Information, also known as the APPI in Japan, the Personal Data Protection Act (PDPA) which is a data protection law in Thailand and many others.