Conclusions

There’s no way around it, navigating the current patchwork of state-level privacy laws can feel incredibly messy. Just when you think your data privacy program is compliant across the board, you may discover a new regulation or area of enforcement in a particular state.

But more and more state laws are starting to crop up, as evidenced by the three-month span between May and August 2023 during which five state-level laws were passed. It’s therefore important to exercise due diligence to address any areas within a given law that differ from the overwhelming majority. Getting a handle on them now will put you ahead of the curve once state-level laws become the rule instead of the exception.

Both 2022 and 2023 were bumper years for state privacy laws. Expect this trend to continue in 2024—active bills remain in states including New Jersey, Massachusetts, and North Carolina, and other states like New York have been trying to pass a privacy law for years.

By reading this, you’re already one step ahead. You understand how privacy law is changing business practices across the US, and you’re in a position to leverage this opportunity. 

Take control of your organization’s data collection practices, put automated privacy processes in place where you can, and aim for full transparency with your customers. Getting these fundamentals right will help you thrive in this new privacy-focused landscape.