Law.com Subscribers SAVE 30%
Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.
New Study Shows Which States Lead in Privacy Protection Laws
General counsel who navigate the mishmash of state privacy laws may relate to a new study showing that individual U.S. states' privacy statutes are spread across a broad spectrum.
The study, conducted by Comparitech, a technology research firm and publisher based in the U.K., evaluated the states on how well they protected people's privacy through 20 basic laws. How each state stands on each of those laws is shown on the website graphic.
As might be expected, California, which has passed what is probably the toughest privacy law in the country, ranked by far as the top protector with a score of 75%, followed by Delaware with 55%. The rest of the top five states in the rankings include Utah at 45%, Illinois at 40% and Arkansas at 35%.
Paul Bischoff, the Comparitech editor who authored the report, says that this is the third year for the study, and California and Delaware have always been on or near the top. "Now California has pulled ahead even further," he says, with its California Consumer Privacy Act of 2018.
Bischoff, who is based in Indiana, also cites California's comprehensive digital privacy law, and the fact that it is the only state with a law to specifically protect data gathered from the Internet of Things. It is also the only state to mention an inalienable right to privacy in its state constitution, according to the report.
David Shonka, a partner in the Washington, DC, office of Redgrave, says the study is potentially helpful to in-house and corporate lawyers, but noted it is an area of law where the statutes are constantly changing. Shonka served three terms as the acting general counsel at the Federal Trade Commission, the federal protector of privacy, and 10 years as the agency's principal deputy general counsel before going into private practice last year.
He agrees with the study that "California is the best and most out-front state" on privacy rights.
Shonka cautions, however, that privacy laws are only as good as the state agencies implementing and enforcing them. He notes the depth and intricacies of the new California privacy act, which goes into effect in January, and says, "There could be potential practical problems in all those requirements."
Shonka says the result will depend on "how close attention the attorney general pays to what can only be described as a very difficult task."
He expressed surprise that Utah and Arkansas scored so highly in the study, but added "just having a law on the books doesn't mean a whole lot by itself."
The study scored the states based on which ones had enacted any of 20 privacy protection laws. The laws range from one that requires companies to delete personal data on demand to one requiring employers to inform employees if they're monitoring emails or Internet access.
Bischoff says one thing the study did not take into account is court precedent.
"Just because there is no law on the books for a particular protection doesn't necessarily mean that a state doesn't have the protection," he explains. "There might be case law."
Other findings in the study include:
- Wyoming, which has passed only one of the 20 privacy laws examined in the study, scored as the worst U.S. state for privacy protection.
- Maine is the only state that prohibits tracking a person's location using GPS.
- Illinois is the only one with a law specifically to protect biometric data.
- Utah is one of two states that bar internet service providers from sharing customer data with third parties without consent.
- New Hampshire's Kilton Public Library, in the town of West Lebanon, offers users access to Tor, a web browser that enables the user to operate online anonymously, despite the U.S. Department of Homeland Security urging the state to stop it.
*****
Sue Reisinger is a Senior Reporter at ALM. Based in Florida, she covers general counsel and white collar crime. She can be reached at [email protected].
This premium content is locked for Entertainment Law & Finance subscribers only
ENJOY UNLIMITED ACCESS TO THE SINGLE SOURCE OF OBJECTIVE LEGAL ANALYSIS, PRACTICAL INSIGHTS, AND NEWS IN ENTERTAINMENT LAW.
- Stay current on the latest information, rulings, regulations, and trends
- Includes practical, must-have information on copyrights, royalties, AI, and more
- Tap into expert guidance from top entertainment lawyers and experts
Already a have an account? Sign In Now Log In Now
For enterprise-wide or corporate acess, please contact Customer Service at [email protected] or 877-256-2473
'Huguenot LLC v. Megalith Capital Group Fund I, L.P.': A Tutorial On Contract Liability for Real Estate Purchasers
In June 2024, the First Department decided Huguenot LLC v. Megalith Capital Group Fund I, L.P., which resolved a question of liability for a group of condominium apartment buyers and in so doing, touched on a wide range of issues about how contracts can obligate purchasers of real property.
Strategy vs. Tactics: Two Sides of a Difficult Coin
With each successive large-scale cyber attack, it is slowly becoming clear that ransomware attacks are targeting the critical infrastructure of the most powerful country on the planet. Understanding the strategy, and tactics of our opponents, as well as the strategy and the tactics we implement as a response are vital to victory.
CoStar Wins Injunction for Breach-of-Contract Damages In CRE Database Access Lawsuit
Latham & Watkins helped the largest U.S. commercial real estate research company prevail in a breach-of-contract dispute in District of Columbia federal court.
The Article 8 Opt In
The Article 8 opt-in election adds an additional layer of complexity to the already labyrinthine rules governing perfection of security interests under the UCC. A lender that is unaware of the nuances created by the opt in (may find its security interest vulnerable to being primed by another party that has taken steps to perfect in a superior manner under the circumstances.