Introduction to Resource Center
This page provides an overview of the IAPP's Resource Center offerings.

Contact Resource Center
For any Resource Center related inquiries, please reach out to resourcecenter@iapp.org.

US State Privacy
 

Resource Center / Topic Pages / US State Privacy

Image

US State Privacy

TOPIC PAGE

Navigate Page

On this topic page, you can find the IAPP’s collection of coverage, analysis and resources covering US state privacy.

Back to top

News Articles

US State Privacy

View all News Articles

Virginia Legislature passes AI bill, but unclear if governor will sign it

NEWS ARTICLE

The state of US reproductive privacy in 2025: Trends and operational considerations

NEWS ARTICLE

U.S. privacy outlook for 2025: Horror vacui

NEWS ARTICLE

Open letter: Why now is the time to act on US state AI legislation

NEWS ARTICLE

Privacy in Arkansas: Is Arkansas ready for a consumer privacy law?

NEWS ARTICLE

Deployers and developers: Colorado’s partnership for AI governance

NEWS ARTICLE

Last-minute legislative decisions shape California’s AI, privacy regimes

NEWS ARTICLE

Colorado’s approach to universal opt-out requirements

NEWS ARTICLE

California awaits fate of legislature-approved AI safety bill

NEWS ARTICLE

How Texas strives to be US state privacy enforcement leader

NEWS ARTICLE

Rhode Island’s comprehensive privacy bill raises patchwork misalignment concerns

NEWS ARTICLE

The Vermont veto is a step backward for privacy

NEWS ARTICLE

Navigating the legal and ethical landscape of brain-computer interfaces: Insights from Colorado and Minnesota

NEWS ARTICLE

Unpacking the shift toward substantive data minimization rules in proposed legislation

NEWS ARTICLE

PRA highlights novelties in Vermont’s comprehensive privacy bill

NEWS ARTICLE

Colorado awaits fate of AI regulation bill

NEWS ARTICLE

Assessing ‘necessity’ under state health privacy laws

NEWS ARTICLE

Framework debate shows as Kentucky nears comprehensive privacy law

NEWS ARTICLE

Private-sector AI bill clears Utah Legislature

NEWS ARTICLE

A look at proposed US state private sector AI legislation

NEWS ARTICLE

Adverse event reporting and preparing for the next wave of privacy litigation

NEWS ARTICLE

State lawmaker’s take on New Hampshire comprehensive privacy bill’s impacts

NEWS ARTICLE

Nuances highlight New Jersey’s comprehensive privacy bill

NEWS ARTICLE

CPPA releases initial automated decision-making rules proposal

NEWS ARTICLE

What’s next for US state-level AI legislation

NEWS ARTICLE

California Legislature passes Delete Act regulating data brokers

NEWS ARTICLE

California privacy agency lays out vision for cybersecurity regulation

NEWS ARTICLE

Connecticut takes a first stab at regulating government use of AI

NEWS ARTICLE

Practical considerations for bias audits under NYC Local Law 144

NEWS ARTICLE

Texas latest to add comprehensive state privacy law

NEWS ARTICLE

The ranging impacts of Florida’s Digital Bill of Rights

NEWS ARTICLE

Utah drafting statewide privacy plan for state agencies

NEWS ARTICLE

Key steps for meeting US state PIA obligations

NEWS ARTICLE

State privacy dispatch: Why the floodgates opened

NEWS ARTICLE

UK and California age-appropriate design rules — Similar principles, subtle differences

NEWS ARTICLE

Montana, Tennessee comprehensive privacy bills clear legislatures

NEWS ARTICLE

Washington state on track to pass broad-based health data privacy law

NEWS ARTICLE

Indiana poised to add to US state privacy law patchwork

NEWS ARTICLE

The rise of US state-level BIPA: Illinois leads, others catching up

NEWS ARTICLE

Iowa set to finalize sixth US comprehensive state privacy law

NEWS ARTICLE

State privacy prospects bring new paradigm in 2023

NEWS ARTICLE

State privacy dispatch: How the 2023 landscape is materializing

NEWS ARTICLE

Takeaways from Ohio court ruling on ransomware and insurance exclusions

NEWS ARTICLE

2023 brings US state privacy law preparedness into focus

NEWS ARTICLE

Home stretch: Finalization of CPRA regulations draws closer

NEWS ARTICLE

New York Attorney General James on protecting consumer privacy, enforcement and possible federal legislation

NEWS ARTICLE

California Age-Appropriate Design Code final passage brings mixed reviews

NEWS ARTICLE

Michigan Attorney General Nessel on strengthening consumer protections, right to privacy

NEWS ARTICLE

Indiana Attorney General Rokita on federal, Indiana privacy regulations, cybersecurity and more

NEWS ARTICLE

Colorado attorney general details his CPA enforcement priorities at IAPP GPS22

NEWS ARTICLE

Iowa Attorney General Miller on advocating for consumer rights, policing algorithms and offering support during breaches

NEWS ARTICLE

Unpacking Washington state’s cluster of comprehensive privacy bills

NEWS ARTICLE

State attorneys general sue Google with ‘dark patterns’ claims

NEWS ARTICLE

California attorney general offers CCPA enforcement update, launches reporting tool

NEWS ARTICLE

Update by the California attorney general could be a game-changer

NEWS ARTICLE

NYC biometric law enters into force

NEWS ARTICLE

Maine passes statewide facial recognition ban

NEWS ARTICLE

Whittled Florida privacy bill moves forward

NEWS ARTICLE

House Appropriations Committee passes amended WPA

NEWS ARTICLE

House committee advances WPA with limited private right of action

NEWS ARTICLE

What the CPPA’s appointments say about enforcement priorities, strategy

NEWS ARTICLE

NYPL’s privacy leader on safeguarding patron trust, transparency

NEWS ARTICLE

California names appointees to new privacy enforcement agency

NEWS ARTICLE

What Virginia’s Consumer Data Protection Act means for your privacy program

NEWS ARTICLE

Facebook’s $650M BIPA settlement ‘a make-or-break moment’

NEWS ARTICLE

Challenge accepted: Initial Virginia CDPA reactions, considerations

NEWS ARTICLE

Proposed opt-in law voted down by North Dakota committee

NEWS ARTICLE

What is the California Privacy Protection Agency?

NEWS ARTICLE

A conversation with Nev. Attorney General Aaron Ford

NEWS ARTICLE

Privacy pros underwhelmed by Texas privacy council’s report

NEWS ARTICLE

Mass. attorney general stands up Data Privacy, Security Division

NEWS ARTICLE

NY’s SHIELD Act has taken effect — what does this mean for your business?

NEWS ARTICLE

Vermont attorney general talks regulating data brokers, protecting consumers

NEWS ARTICLE

US federal privacy preemption part 1: History of federal preemption of stricter state laws

NEWS ARTICLE

Analysis: Vermont’s data broker regulation

NEWS ARTICLE

Indiana attorney general talks black market, breaches and priorities

NEWS ARTICLE

The Truth Is Out There: Compliance and Security Are Not Enough

NEWS ARTICLE

View More

Back to top

Research Articles

US State Privacy

View all Research Articles

US Data Privacy Litigation: Litigating accountability through shareholder action

RESOURCE ARTICLE

US Data Privacy Litigation: Data brokers and judicial privacy litigation

RESOURCE ARTICLE

US Data Privacy Litigation: Biometrics and consumer health data litigation

RESOURCE ARTICLE

US Data Privacy Litigation: Security breach litigation

RESOURCE ARTICLE

Peering through the US state privacy law kaleidoscope

RESEARCH ARTICLE

US Data Privacy Litigation: Website tracking litigation

RESOURCE ARTICLE

US Data Privacy Litigation: Breach of contract and warranties litigation

RESOURCE ARTICLE

Free speech battles and age-appropriate balance: Maryland and Connecticut try again for youth safety rules

RESEARCH ARTICLE

New laws in California look to the future of privacy and AI

RESEARCH ARTICLE

Workplace privacy in US laws and policies

RESEARCH ARTICLE

US state AI governance bills: Reflecting on the 2024 cycle with a new resource

RESEARCH ARTICLE

Private Rights of Action in US Privacy Legislation

RESOURCE ARTICLE

Major trends in US cybersecurity law and policy

RESEARCH ARTICLE

Defining ‘comprehensive’: Florida, Washington and the scope of state tracking

RESEARCH ARTICLE

Biased AI systems face the music: Analyzing the FTC’s Rite Aid enforcement

RESEARCH ARTICLE

Addressing the duty of care in state privacy laws

RESEARCH ARTICLE

U.S. privacy legislation in 2023: Something old, something new?

RESEARCH ARTICLE

Indiana governor signs a comprehensive privacy act into law

RESEARCH ARTICLE

Washington’s My Health, My Data Act

RESOURCE ARTICLE

How should mobile apps prepare for California’s privacy scrutiny?

RESEARCH ARTICLE

Iowa becomes sixth US state to enact comprehensive consumer privacy legislation

RESEARCH ARTICLE

Filling the void? The 2023 state privacy laws and consumer health data

RESEARCH ARTICLE

California legislative wrap-up: CCPA amendments, children’s privacy and more

RESEARCH ARTICLE

Exceptions in new US state privacy laws leave data without security coverage

RESEARCH ARTICLE

Connecticut enacts comprehensive consumer data privacy law

RESEARCH ARTICLE

Virginia amendment process complete, text finalized, ahead of Jan. 1 effective date

RESEARCH ARTICLE

Utah becomes fourth US state to enact comprehensive consumer privacy legislation

RESEARCH ARTICLE

Status of the California Privacy Protection Agency’s work

RESEARCH ARTICLE

Colorado Privacy Act becomes law

RESEARCH ARTICLE

Opt-in vs. opt-out approaches to personal information processing

RESEARCH ARTICLE

Virginia passes the Consumer Data Protection Act

RESEARCH ARTICLE

5 Steps You Must Take to Prepare for the CCPA

WHITE PAPER

CCPA Compliance Operation: Delivering Data Access via Accounts

WHITE PAPER

The state Senate version of the Washington Privacy Act: A summary

RESEARCH ARTICLE

Top 5 Operational Impacts of CCPA: Part 5 – Penalties and enforcement mechanisms

RESEARCH ARTICLE

Top 5 Operational Impacts of the CCPA: Part 4 — Rights of erasure, objection to sale, and nondiscrimination

RESEARCH ARTICLE

Top 5 Operational Impacts of the CCPA: Part 3 – Responding to consumers’ personal information access requests

RESEARCH ARTICLE

Top 5 Operational Impacts of the CCPA: Part 2 – Transparency and notice obligations

RESEARCH ARTICLE

Top 5 Operational Impacts of the CCPA: Part 1 — Determining if you’re a business collecting or selling consumers’ personal information

RESEARCH ARTICLE

View More

Back to top

Tools and Trackers

US State Privacy

View all Tools and Trackers

Enacted Federal Statutes with PRA

TOOL

California Rulemaking Process Overview

TOOL

BIPA Legislation Introduced in 2021

TOOL

U.S. State Data Breach Lists

TOOL

State Data Breach Notification Chart

CHART

CCPA Enforcement Infographic

INFOGRAPHIC

The Top 10 Most Impactful Provisions of the CPRA

INFOGRAPHIC

What is “selling” under the California Consumer Privacy Act?

INFOGRAPHIC

CCPA Transparency Chart

CHART

View More

Back to top

Podcasts, Videos, Web Conferences

US State Privacy

View all: Podcasts, Videos, Web Conferences

2024 in US state privacy law: A retrospective with Keir Lamont and David Stauss

PODCAST EPISODE

What does the Colorado AI Act mean for AI governance and policymaking?

VIDEO

My Health, My Data, My Class Action Lawsuit — Mitigating Healthcare Privacy Risk

WEB CONFERENCE

The sweeping scope of Washington’s My Health, My Data Act

VIDEO

State AGs and Privacy in 2023: What Your Business Needs to Know

WEB CONFERENCE

All things ‘California Privacy Law’ with Lothar Determann

PODCAST EPISODE

US state privacy laws: What you need to know

VIDEO

Ohio Lt. Governor Jon Husted discusses the state’s privacy bill

PODCAST EPISODE

Analyzing Virginia’s new privacy law with Odia Kagan

PODCAST EPISODE

View More

Back to top

Back to Top

Back to top