Connecticut Attorney General Issues Violations on Use of Consumer Data

 The Connecticut Data Privacy Act (CDPA) became effective on July 1, 2023.  The CDPA applies to business that control or process the data of at least 100,000 Connecticut residents per year, or 25,000 residents per year, if more than 25 percent of their gross revenue comes from selling personal data. 

The Attorney General (AG) has since release a report which outlines how the state has been enforcing this law.  To date, the AG's office has issued violation notices to business related to the collection and use of the consumer data and provided violators a 60-day cure period (the ability to correct the violation).

At this time, the Compliance Department states this law does not apply to our company or the entities for which they are responsible for.  Should this decision change, we will update via the Compliance Digest.

 

Source: JD Supra, received on 02.13.2024.