11 States Pass Privacy Laws – Here is the Criteria for including their unique rules in your policy

Arkansas – social media companies must use a third-party vendor to perform reasonable age verification before allowing access to their platforms. This verification could include requiring a digital copy of a driver’s license, government ID or other “commercially reasonable” method.

California – Has annual gross revenues in excess of twenty-five million dollars ($25,000,000) OR annually buys, receives, sells or shares personal information of 50,000 or mor consumers anywhere.

Colorado – Conducting business in Colorado targeting 100,000 residents OR derives revenue from the sale of personal data of 25,000 or more consumers (anywhere)

Connecticut – Conducting business in Connecticut targeting100,000 residents OR derives revenue from the sale of personal data of 25,000 or more consumers (anywhere)

Illinois – Any collection of Biometric Identifiers

Indiana – Conducting business in Indiana targeting100,000 residents OR derives revenue from the sale of personal data of 25,000 or more consumers (anywhere)

Iowa – Conducting business in Iowa targeting100,000 residents OR derives revenue from the sale of personal data of 25,000 or more consumers (anywhere)

Nevada – Conducts business in Nevada

Ohio – 200 or more sales or transactions or gross sales of $5,000.00 or more

Montana – Conducting business in Montana targeting 50,000 residents OR derives revenue from the sale of personal data of 25,000 or more consumers (anywhere)

Tennessee – Conducting business in Tennessee and has annual gross revenues in excess of twenty-fie million dollars ($25,00,0000.00) AND processes the personal information of 25000 consumers and derives more than 50% of gross revenue for the sale of personal information or process personal information of at least 175000 consumers per year.

COVID-19 Consumer Protection Act

COVID-19 Consumer Protection Act of the 2021 Consolidated Appropriations Act

For the duration of the COVID-19 public health emergency declared pursuant to section 319 of the Public Health Service Act (42 U.S.C. 247d), this Act makes it unlawful under Section 5 of the Federal Trade Commission Act for any person, partnership, or corporation to engage in a deceptive act or practice in or affecting commerce associated with the treatment, cure, prevention, mitigation, or diagnosis of COVID–19 or a government benefit related to COVID–19. The Act provides that such a violation shall be treated as a violation of a rule defining an unfair or deceptive act or practice prescribed under Sec. 18(a)(1)(B) of the FTC Act.