Similar to the well-known California Consumer Privacy Act, on July 1, 2024, the Colorado Privacy Act (CPA) goes into effect and will provide Colorado residents with express rights over their data collected by businesses. The CPA requires businesses to provide consumers with an option to opt-out of the sale of their personal information or sharing
Colorado
Controversial ‘Keyword Search’ Warrant Leads to Arrests in Murder Case
This week, the Colorado Supreme Court upheld a criminal conviction which relied in part on evidence obtained pursuant to a warrant for Google search data. People v. Seymour, 2023 CO 53 (Oct. 16, 2023) (available at http://www.courts.state.co.us).
In investigating the cause of a 2020 apparent arson fire at a Denver residence which resulted…
CPRA Enforcement Postponed to March 2024
This week, the California Superior Court ruled that the California Privacy Protection Agency (CPPA) cannot begin enforcement of the California Privacy Rights Act (CPRA) until March 2024. The ruling stems from a lawsuit filed by the California Chamber of Commerce which argued that state businesses would not have enough time to prepare for the upcoming…
Colorado AG Updates Draft Rules for Colorado Privacy Act
Colorado Attorney General Phil Weiser’s office recently published an updated version of the draft rules governing the Colorado Privacy Act, which goes into effect on July 1, 2023. The updates build upon the original draft rules published on October 10, 2022, and are based on input received by the AG’s office through December 2, 2022.…
Cyber-Attack Disrupts Public Services in Fremont County, Colorado
Government offices and public services in Fremont County, Colorado, have been disrupted since August 17, 2022, due to a “cybersecurity event affecting our county computer systems.”
As of the official update issued August 24, 2022, “all of the county’s buildings remain closed. This includes administration and public health buildings.”
The update reveals how difficult it…
Colorado Law Restricts Use of Facial Recognition Technology by Government Agencies
Ramping up its continued focus on data privacy, on June 8, 2022, Colorado Governor Jared Polis signed into law legislation aimed to limit the use of facial recognition technology by government agencies and state institutions of higher education.
The legislation, SB 113, requires an agency – defined as “an agency of the state government…
Connecticut’s Privacy Law Signed by Governor
Connecticut Governor Ned Lamont signed the Personal Data Privacy and Online Monitoring Act (CPDPA) into law on May 10, 2022, making Connecticut the most recent state to pass its own privacy law in the absence of comprehensive federal privacy legislation. Connecticut follows in the steps of Nevada, California, Virginia, Colorado and Utah in enacting its…
Utah Consumer Privacy Act Newest State Privacy Act Signed into Law
The newest state data privacy law, the Utah Consumer Privacy Act (the Act), was signed into law by Utah Governor Spencer J. Cox on March 24, 2022. This makes Utah the fifth state to pass its own privacy law instead of waiting for the federal government to enact a nationwide federal law.
There are other…
Data Minimization: What Is It and Why Practice It?
The European Union’s General Data Protection Regulation (GDPR) first launched the concept of data minimization, which states that a data controller should limit the collection of personal information to what is directly relevant and necessary to accomplish a specified purpose. This seems like a simple concept: an entity should only collect personal information that is…
New State Privacy Laws Impose Higher Restrictions on Processing Sensitive Personal Data
With the passage of the Colorado Privacy Act, Colorado joins Virginia and California as early adopters of state-level privacy legislation. These laws impose higher restrictions on companies processing specific sensitive categories of data that reveal information such as sexual orientation and ethnic origin. However, the law remains unclear on what constitutes “revealing” information. For example,…