U.S. State Privacy Laws Insights
Stay on top of significant updates to U.S. State Consumer Privacy Laws with our Data, Cyber + Privacy team’s client alerts, news, and webinars. Continue to check back regularly, as our team will present a series of webinars about key aspects of state consumer privacy laws to assist companies as they work toward be in compliance.
Featured Webinar
Bite-Sized Compliance: Who Needs a Cookie Banner and Why?
In this webinar, MoFo partner Purvi G. Patel and of counsel Mary Race discussed recent regulatory and wiretapping litigation trends concerning internet technologies like cookies, pixels, session replay, and other JavaScript-based tools.
Featured Insights
Client AlertA MoFo Privacy Minute: Neural Data Added to Montana’s Genetic Information Privacy Act
How does Montana’s amendment to its Genetic Information Privacy Act (“GIPA”) regulate neurotechnology data, and what obligations might my business face compared to the amendments that were passed in Colorado and California?
Client AlertA MoFo Privacy Minute Q&A: Amendments to Texas’s “Mini-TCPA”
:Amendments to Texas’s “Mini-TCPA” take effect on September 1, 2025. How will these changes impact my business’s telemarketing activities?
Client AlertThe New York Child Data Protection Act: What Businesses Need to Know About the Empire State’s New Teen Privacy Law
New York’s Child Data Protection Act (NYCDPA) has gone into effect, introducing sweeping new requirements for businesses that collect personal data from minors under 18. While New York has not yet joined the ranks of the nearly two dozen states that have enacted a general consumer privacy law, the NYCDPA serves the purpose of “protect[ing] the privacy of children and young adults by restricting digital services from collecting or using the personal data of users under the age of 18 without consent.”
ArticleNew York Tightens the Breach Clock: 30 Days to Notify
Melissa Crespo and Reiley Porter wrote this article for Corporate Compliance Insights about recent amendments to New York's data breach notification law, which imposed a 30-day notification requirement and expanded the definition of protected information to include medical and health insurance data.
Client AlertFederal Court Enjoins California Teen Privacy Law . . . Again
In a significant blow to state efforts to regulate online privacy for minors, constitutional challenges continue to prevail in federal courts.
Client AlertMore States Propose Privacy Laws Safeguarding Neural Data
Neural data privacy has continued to be a hot topic in 2025, with more states turning their focus to neural data privacy in their new legislative sessions.
Blog PostUtah’s New App Store Age Verification Law: What S.B. 142 Means for Kids, Parents, and Tech
A groundbreaking law in Utah is poised to shake up how minors access apps. Earlier this month, Utah’s state legislature passed S.B. 142 (App Store Accountability Act), which requires major app store providers to verify users’ ages and secure parental consent for anyone under 18 before an app download.
Client Alerts
U.S. State Consumer Privacy Law client alerts:
- Texas Privacy Enforcement Marches On (11 Mar 2025)
- COPPA Rule Updates Are Here (for Now): What Businesses Need to Know About New Children’s Privacy Requirements (04 Feb 2025)
- A MoFo Privacy Minute: New York Data Breach Notification (14 Mar 2025)
- A MoFo Privacy Minute Q&A: Upcoming January 2025 US State Consumer Privacy Laws (23 Dec 2024)
- 2024 Year in Review: Navigating California’s Landmark Deepfake Legislation (11 Dec 2024)
- MoFo Privacy Minue Q&A: Massachusetts’ High Court Rejects Wiretap Claims Over Online Tracking (05 Dec 2024)
- Texas Privacy Enforcement Heats Up (12 Nov 2024)
- Uptick in Florida Telephone Solicitation Act Litigation and Ways to Mitigate Risk (11 Nov 2024)
- A MoFo Privacy Minute Q&A: California Revises CCPA to Cover Neural Data, 11 Oct 2024
- A MoFo Privacy Minute Q&A: New York’s Court Officers Get Privacy Rights Under New Judicial Security Act, 06 Aug 2024
- A MoFo Privacy Minute Q&A: New NY State Employee Social Media Monitoring Restrictions, 25 Mar 2024
- Connecticut AG Issues First Enforcement Report of the CT Data Privacy Act, 13 Mar 2024
- A MoFo Privacy Minute Q&A: CPPA Can Now Enforce Amended CCPA Regulations, 22 Feb 2024
- Privacy + Data Security Predictions for 2024, December 11, 2023
- Keeping Pace with Changes to the CPPA’s Draft Regulations on Cybersecurity Audits, Risk Assessments, and Automated Decision-Making Technology, December 5, 2023
- Mixed News: Florida and Maryland Telemarketing Developments, June 6, 2023
- Across the Finish Line: Final Rules and Regulations Issued under the Colorado and California Privacy Laws, April 18, 2023
- Understanding the Virginia Consumer Data Protection Act (VCDPA), March 30, 2023
- CPRA Regulations Sent to OAL: MoFo Surveyed How They Came Out on the Open Issues, February 8, 2023
- Privacy Litigation 2022 Year in Review: CCPA Litigation & Enforcement, February 1, 2023
- Privacy + Data Security Predictions for 2023, December 7, 2022
- Exempt No More: What Does the CPRA Mean for HR Department? November 28, 2022
- What Personal Information Access Rights Will California Employees Have Under the California Privacy Rights Act Starting January 1, 2023? November 18, 2022
- A MoFo Privacy Minute Q&A: California Employers: Get Ready for Requests from California Employees, September 9, 2022
- A MoFo Privacy Minute Q&A: What All Online Businesses Need To Know About The California Attorney General’s $1.2 Million Settlement with Sephora for “Sale” of Personal Information to Ad Tech and Web Analytics Providers, September 1, 2022
- A MoFo Privacy Minute Q&A: California Privacy Protection Agency’s CPRA Rulemaking Process Is Underway – What Should Businesses Care About? July 22, 2022
- A MoFo Privacy Minute Q&A: What PI Access Rights Will California Employees Have Under CPRA Starting January 1, 2023? July 18, 2022
- Another State Imposes Prior Consent Obligations for Telemarketing Calls - Along with a Private Right of Action, June 7, 2022
- Challenges Ahead: Proposed CPRA Regulations Would Dramatically Expand Compliance Obligations, June 6, 2022
- Connecticut Becomes the Fifth State to Enact A Comprehensive Consumer Privacy Law (the “CTDPA”), Following The Rest Of The Alphabet (CCPA, CPRA, VCDPA, CPA and UCPA), May 19, 2022
- California AG Issues First CCPA Opinion: Consumers’ “Right to Know” Includes Businesses’ Internally Generated Inferences, March 22, 2022
- And Then There Were Four? Utah on the Verge of Enacting Consumer Privacy Law, March 14, 2022
- How May I Help You? Responding to Consumer Privacy Requests Under New U.S. State Laws, March 2, 2022
- California AG Issues Notices of Violations: Will We Soon Have Guidance on Loyalty Programs Under the CCPA? February 1, 2022
- Privacy Litigation 2021 Year in Review: CCPA Litigation, January 18, 2022
- Privacy + Data Security Predictions for 2022, December 8, 2021
- How Can We Opt-Out? Let Me Count the Ways: Businesses Must Honor the Global Privacy Control as a Valid CCPA Opt-Out of Sale Request, July 19, 2021
- TCPA-Like Florida Law Takes Effect, July 6, 2021
- Colorado Consumer Privacy Bill Passes, Heads to Governor’s Desk, June 25, 2021
- A MoFo Privacy Minute Q&A: Preparing for the CPRA and VCDPA, May 18, 2021
- Setting the Stage: Virginia Leads in Consumer Privacy Laws, April 21, 2021
- Virginia's Consumer Data Protection Act: What Changes Does it Require, and How Does it Compare to CPRA, 23 March, 2021
- Additional CCPA Regulations Finalized, March 17, 2021
- Financial Institutions Exempt from New Virginia Privacy Law, March 2, 2021
Webinars
Webinars centered around various aspects of the recent U.S. State Consumer Privacy Laws, their differences, the operational challenges they present, and practical steps companies can take to approach them:
- State Privacy Law Round-Up: What’s in Store For 2024 (and Beyond), Jan 30, 2024
- Get Your Steps In By July 1st: Actionable Steps for Businesses Under the New Privacy Rules and Regulations in Colorado and California, May 11 2023
- State Privacy Law Round-Up: What’s in Store For 2024 (and Beyond), January 24, 2023
- Get Your Steps In By July 1st: Actionable Steps for Businesses Under the New Privacy Rules and Regulations in Colorado and California, May 11, 2023
- Your HR Data Is Covered—by the New Privacy Law in California, March 21, 2023
- Exempt No More: What Does the CPRA Mean for Your HR Data? June 16, 2022
- How May I Help You? Responding to Consumer Privacy Requests Under New U.S. State Laws March 2, 2022
- Take Notice: Exploring the Impacts of new U.S. State Laws on Companies' Privacy Disclosures, November 12, 2021
- At Your Service: How the New CA, CO, and VA Privacy Laws Impact Service Providers and the Businesses That Engage Them, September 22, 2021
- Getting Ahead: Practical Steps to Consider Now for CPRA 2023, April 7, 2021
- Virginia's Consumer Data Protection Act: What Changes Does it Require, and How Does it Compare to CPRA, March 23, 2021
- Cracking the CCPA Code Video Series, September 2019
News
Stay on top of significant U.S. State Consumer Privacy law developments with news from our Data, Cyber + Privacy team:
- Key HR Data Rights and Restrictions Under the CPRA, August 18, 2022
- 2 State Cybersecurity, Data Privacy Laws Enacted, July 13, 2021
- Privacy Right of Action Proving Problematic for State Privacy Laws (subscription based), May 5, 2021
- MoFo’s CPRA Placemat, December 2020
Continue to check back regularly, as our keeps you updated about key aspects of U.S. State Consumer Privacy laws.