Multiple U.S. states roll out new data privacy laws

2025 began with a bang in terms of data privacy, as new laws took effect in Delaware, Iowa, Nebraska, New Hampshire, and New Jersey. While each law presents the specific state’s outlook on data privacy, this regulation as a whole demonstrates the momentum of privacy legislation across the U.S. and beyond. The specifics vary, but the general trend continues to follow in the footsteps of data privacy pioneering legislation, such as CCPA, GDPR, and CDPA, among others. 

‍

Standard features include requiring companies to disclose their data collection practices through detailed and transparent policies, establishing users’ rights to access, delete, and correct their data, and, in some cases, to opt out of targeted advertising. These laws apply to businesses that meet specific thresholds, typically based on revenue or the number of consumers. Some thresholds are relatively low, making new regulations applicable even for smaller businesses. 

‍

Companies must stay up-to-date on recent and emerging regulations and adopt a proactive approach to comply with various state requirements.

‍