Connecticut's legislature in late April passed a new comprehensive privacy bill similar to the California Consumer Privacy Act and other state acts that will take effect next year in Colorado, Virginia, and other states. Like those bills and the EU privacy rules before them, the bill requires clear disclosures of how consumer data are used, and establishes certain individual rights vis a vis data collected.
Among the specific requirements of the Connecticut law is an opt-in consent model for the sale of data or use of it for targeted advertising, and a requirement that websites honor global privacy settings, which many websites do not currently honor.
Why It Matters
The spread of US privacy laws means that it is virtually impossible not to be subject to privacy compliance rules. Large companies are directly regulated in most instances, and they are generally required to pass on compliance duties to their suppliers via contract. This means that even small businesses not regulated directly will have compliance duties if they contract with larger customers.
/Passle/5fe0c4f453548a10fc881e09/SearchServiceImages/2024-11-19-20-09-31-066-673cf07b25126ee9da0b49bb.jpg)
/Passle/5fe0c4f453548a10fc881e09/SearchServiceImages/2024-09-02-16-51-11-418-66d5ecff75128dc1466c94ac.jpg)
/Passle/5fe0c4f453548a10fc881e09/SearchServiceImages/2024-11-15-14-55-15-714-673760d3d0763092c0219f9d.jpg)