On July 13, Ohio Lt. Gov. Jon Husted announced the introduction of the Ohio Personal Privacy Act. The law applies to organizations doing business in Ohio or whose products or services target consumers in the state. Businesses with annual gross revenue exceeding $25 million, or process personal data of 100,000 or more Ohio consumers, or derive 50% of gross annual revenue from the sale of personal data would be covered. Like other laws, it offers some consumer rights, including correction, deletion and portability, as well as an opt-out right for the sale of personal data. Most notably, the OPPA includes a carve-out for businesses that reasonably conform with the U.S. National Institution of Standards and Technology’s Privacy Framework. IAPP Editorial Director Jedidiah Bracy, CIPP, recently caught up with Husted to discuss the bill, the NIST provision and what the OPPA could mean for the future of privacy law at the state, federal and international levels.
13 Aug. 2021
Ohio Lt. Governor Jon Husted discusses the state's privacy bill
Related stories
A view from Brussels: Will the EU pause the AI Act?
Notes from the Asia-Pacific region: India's digital landscape marches ahead
Navigate 2025: Rise of AI brings novel litigation, copyright issues
Navigate 2025: How individuals' feelings inform AI governance practices
There's no opting-out of universal opt-outs
This article is eligible for Continuing Professional Education credits. Please self-submit according to CPE policy guidelines.