Virginia is the latest state to shape the US privacy landscape, as its Consumer Data Protection Act (CDPA) is set to pass. The bill aims to increase the protection of consumers’ data and notably aims to establish new definitions for terms including precise geolocation data, profiling, targeted advertising, and the sale of personal data. 

Check out the video: USA State Privacy Bill Developments: What You Need To Know 

At present there are two versions of the bill, one in each chamber. The bill introduced in the Senate has passed the Senate and is waiting to be passed in the House, with another having passed the House and waiting Senate approval. Once any differences in the bills are reconciled, the bill will be re-enrolled and examined before being sent to the governor to be signed into law. The governor’s signature is the final stage before the bill becomes law. The bill would enter into force January 1, 2023. 

Who Will the Virginia’s Consumer Data Protection Act Apply to?

Virginia’s Consumer Data Protection Act will apply to organizations that conduct their business in Virginia, or that produce products or services that are targeted to residents of Virginia and that meet one or more of the following requirements: 

The definition of “consumer” in the bill is narrower than the definition used in the CCPA, it only extends to natural persons acting in an individual or household context. This definition excludes any natural person acting in a commercial or employment context. There are also a range of exemptions for financial institutions, businesses governed by HIPAA, non-profit organizations, and higher education institutions. 

What Does Virginia’s Consumer Data Protection Act Look Like?

Below is an outline of some of the key aspects of Virginia’s Consumer Data Protection Act: 

Check out the video: USA State Privacy Bill Developments: What You Need To Know 

Virginia’s Consumer Data Protection Act is another key development in the US privacy landscape and poses a new set of compliance challenges for organizations. Stay up to date on the latest CDPA developments with the OneTrust DataGuidance What You Need To Know video, or request a demo to find out how OneTrust can support your privacy compliance. 

Further reading on Virginia’s Consumer Data Protection Act 

Next steps on Virginia’s Consumer Data Protection Act