U.S. Privacy and Data Protection | Insights | Dec. 2024 (State Law)

2024 was an ever-growing year for data privacy and security legislation, marking significant growth on both a federal and state level, with no signs of slowing down. To put your business in a good position, it is important to review data protection practices and anticipate privacy legislation that will be rolling out in the new year.

Here is an overview of some upcoming state regulations in 2025, including compliance requirements for businesses and when they go into effect. These new laws are in addition to existing comprehensive data privacy laws, including in California, Colorado, Connecticut, Utah, Virginia, Texas, Montana, Nevada, and Oregon, and laws in specific areas such as for biometric, health, financial, credit, minor/children, large social media, wiretap/recording, employment, and artificial intelligence (AI) issues.

State Privacy Laws Effective in January 2025:

Delaware Personal Privacy Data Act (DPDPA), effective January 1, 2025

Provides e.g., the right to opt out of the sale of data and to opt in for sensitive data processing.

Iowa Consumer Data Protection Act (Iowa CDPA), effective January 1, 2025

Provides e.g., the right to opt out of the sale of data and to opt out for sensitive data processing.

Nebraska Data Privacy Act (NDPA), effective January 2025

Provides e.g., the right to opt out of the sale of data and to opt in for sensitive data processing.

New Hampshire Data Privacy Act (NHPA), effective January 1, 2025

Provides e.g., the right to opt out of the sale of data and to opt in for sensitive data processing.

New Jersey Data Privacy Act (NJDPA), effective January 15, 2025

Provides e.g., the right to opt out of the sale of data and to opt in for sensitive data processing.

There are other state privacy laws with effective dates later in 2025 and in 2026, including in Tennessee, Minnesota, Maryland, Indiana, Kentucky, and Rhode Island.

This evolving landscape emphasizes the need for businesses to remain compliant with varying state law, including as they adapt to prioritize consumers’ rights and protections. Failure to stay up to date with these regulations can lead to potential fines and legal action. Kronenberger Rosenfeld, LLP regularly advises clients regarding advertising and privacy compliance. Contact our firm using our online case submission form here.