4 minute read | July.08.2021
On July 7, the Colorado governor signed SB 21-190 to create the Colorado Privacy Act (CPA) and establish a framework for personal data privacy rights. Colorado now joins Virginia and California as the third state in the nation to enact comprehensive consumer privacy laws. In 2018, California became the first state to put in place significant consumer data privacy measures under the California Consumer Privacy Act (covered by an Orrick Special Alert), and earlier this year in March, Virginia enacted the Consumer Data Protection Act (covered by InfoBytes here).
Highlights of the CPA include:
The CPA takes effect July 1, 2023, with certain opt-out provisions taking effect July 1, 2024.
If you have any questions regarding the Colorado Privacy Act, please visit our Cyber, Privacy & Data Innovation practice page or contact an Orrick attorney with whom you have worked in the past.