Utah’s Privacy Bill
Supreme Court Justice urges colleagues to take on Section 230; U.S. government presses agencies to secure software
The Wavelength is now a subscription newsletter, so if you want access to all the content, join those who have already subscribed.
And, it bears mention that content on technology policy, politics, and law that preceded the Wavelength can be found on my blog.
The “Utah Consumer Privacy Act” (S.B.227) is reportedly on the verge of becoming the United States (U.S.) fourth state data privacy act. The bill has been passed by both chambers of the legislature and has been sent to the governor for his signature, which looks likely. Obviously, Utah is following other states in enacting data privacy laws over the last few years: California (see here and here), Virginia (see here), and Colorado (see here.) And, there are other states with privacy bills moving through their legislatures, meaning there may be an even more varied privacy landscape in the U.S.
Passage of more state privacy bills would lend heft to the argument being made in the Congress that the U.S. needs one national privacy standard. Of course, the impasse in Washington is over what that bill would look like with Republicans and Democrats disagreeing over whether people should be able to sue for violations and whether state privacy laws should be preempted. Nonetheless, the impasse could last into next year and even longer based on Congress’ track record on similar legislation (anyone remember the national data breach bill from ten years ago that never quite got enacted?) As a result, the U.S. may indeed have a patchwork of privacy laws covered entities will need to negotiate, much like all the different state data breach laws.