(Cover photo by Aaron Burden on Unsplash)
As of this week, Indiana, Montana and Tennessee are set to become the 7th, 8th and 9th states to pass comprehensive consumer privacy laws.
Eric J. Holcomb, the Governor of Indiana, has signed the Indiana Consumer Data Protection Act into law on May 1st. Originally based on Europe's General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), IAPP reports that the state regulation will be more similar to the Virginia law, as a result of a joint effort from Indiana's legislative and business communities, giving a head start for companies that are already working on compliance in the Old Dominion.
The Indiana Consumer Data Protection Act is set to go into effect 1 Jan. 2026
Montana and Tennessee, on the other hand, have both cleared state legislatures in late April, and are now awaiting for their respective governor's signature.
While the Tennessee law seems to also align with Virginia’s privacy law with business-friendly provisions, the Montana regulation is more akin to the Connecticut law. The bill was amended with changes including recognition of universal opt-out mechanisms, which State Sen. Daniel Zolnikov, R-Mont commented on:
|
"People don't want to be tracked here. This isn't like other states where the top concern is the business community. The number one concern here is 'get out of my life.' ... Here you just have to click a button and nobody will follow you." - Daniel Zolnikov (Source: IAPP) |
If enacted and signed by their governors, the Montana Consumer Data Privacy Act (MCDPA) will take effect on October 1, 2024, and the Tennessee Information Protection Act (TIPA) will take effect on July 1, 2025.
Data protection regulation continues to be a hot topic in the United States, with already 4 states set to pass laws in 2023 (Indiana, Iowa, Montana and Tennesse).
How are you getting ready to address the patchwork of US data protection laws? Head over to the LinkedIn community to discuss: