DE Insights Take 2: Ryan K. M. Taylor on Data Privacy

Data Privacy & Cybersecurity Practice Group Leader Ryan Taylor discusses newly enacted and impending privacy laws and how you can proactively protect your business by complying with them.


In our most recent DE Insight article on data privacy, we highlighted California’s Age-Appropriate Design Act and its effect on businesses that market products and services to children. While the ACT doesn’t go into effect until July 2024, companies need to take the time to really assess if and how it might apply to their businesses now.

The effort of proper due diligence could save you time and money in the future, because the upfront cost of administrative compliance will probably be less than the cost of penalties and fines or settling violations. And in many ways, that’s how data privacy laws work in general. Paying attention to the details now will help you understand the implications of these laws before they become a matter of enforcement by regulators. This is especially important in the current landscape of new data privacy laws.

In addition to U.S federal laws like HIPAA, GLBA, and COPPA, several U.S states have passed data privacy laws that are already in effect now or will be this year. Those states include Colorado, California, Connecticut, Utah, and Virginia. On top of this complex mesh, many other states are introducing legislation past their own data privacy laws.

If you don’t have a good understanding of how you use data, things can get confusing quickly. That’s the value of having legal counsel to help you understand the intricacies of the law that impact your business. “Get ready and stay ready” is the name of the game in data privacy.