Yet another state has passed its own data privacy law, with the Oklahoma Consumer Data Privacy Act signed last month and taking effect in 2027. The key particulars:
“OKDPA grants consumers a set of rights…including rights of access, deletion, correction, and portability, and rights to opt-out of targeted advertising, sale, or profiling “in furtherance of a decision that produces a legal or similarly significant effect concerning the consumer.””
As for enforcement:
“Enforcement authority rests with the Oklahoma Attorney General.The bill includes a mandatory 30-day cure period, which does not sunset. The law imposes civil penalties of up to $7,500 per violation.”
As of now, between 19 and 22 states have privacy laws, depending upon how you count.
- Some aren’t counting Florida because of its limited scope. It only applies to companies with over $1 billion in revenue.
- Some aren’t counting Illinois because BIPA only applies to biometrics.
- Some aren’t counting Oklahoma yet because it’s so new.
But we can agree that many states have privacy laws.
For now
And if some have their way, they will all disappear, to be replaced by a single uniform federal law. However, the level of preemption of state laws is an issue of discussion. The Future of Privacy Forum has addressed preemption here.
And if you need to write about privacy, biometric or otherwise, Bredemarket can help. Click below to book a free meeting with me.
Here is a video about my services.
Bredemarket 