From JDSupra, Sharon Klein, Alex Nisenbaum, and Karen Shin discuss recent privacy and cybersecurity developments. Sharon, Alex and Karen write:
STATE AND LOCAL LAWS AND REGULATION –
Virginia Consumer Data Protection Act Work Group Issues Final Report –
The Virginia Consumer Data Protection Act Work Group (“Work Group”) released its final report. The Virginia Consumer Data Protection Act (“VCDPA”) requires the chair of the Virginia Joint Commission on Technology and Science to set up the Work Group to review the provisions of the VCDPA and discuss issues relating to its implementation. Points of emphasis and recommendations cited by the Work Group in its final report include submitting a budget amendment to fund a small staff to lead VCDPA enforcement on day one of enactment, allowing the state attorney general to pursue actual damages based on consumer harm, authorizing consumers to submit opt-out requests via a global opt-out setting, sunsetting the “right to cure” provisions, amending the right to delete under the VCDPA to be a right to opt out of sale to restrict further dissemination of personal data, and directing a Virginia state agency to promulgate VCDPA-related regulations. The Work Group’s recommendations will be presented to the Virginia legislature in its upcoming session and could influence potential amendments to the VCDPA ahead of its January 1, 2023, effective date.
Originally published in the February–March 2022 edition of Pratt’s Privacy & Cybersecurity Law Report (Vol. 8, No. 2).
Please see full publication below for more information.