Posts

Showing posts with the label RIDTPPA

How New Rhode Island Privacy Law May Impact Businesses Across U.S.

Rhode Island businesses and any company with Rhode Island customers are officially on the clock. The Rhode Island Data Transparency and Privacy Protection Act (“RIDTPPA” or “the Act”) takes effect January 1, 2026 , meaning compliance deadlines are quickly approaching . Unlike many other state privacy laws, the Act provides no right to cure violations before penalties apply. With potential fines of up to $10,000 per violation, businesses should begin compliance efforts now by reviewing data practices, updating privacy notices, and preparing consumer rights workflows before year-end. Key Definitions: Controllers and Processors The Act follows the same framework used in other state privacy laws and the European Union’s General Data Protection Regulation (GDPR) by distinguishing controllers and processors: Controller : The individual or business that decides why personal data is collected and how it will be used. For example, a retailer deciding to collect customer email addresses for mark...

Rhode Island enacts data privacy law

The Rhode Island Data Transparency and Privacy Protection Act (RIDTPPA) outlines how businesses must protect customer data. What’s the impact? While similar in many respects to other recently enacted comprehensive privacy acts, RIDTPPA privacy notice applicability and disclosure requirements exceed those seen in other states. Businesses serving Rhode Island residents will need to evaluate their privacy practices to make necessary adjustments to comply with RIDTPPA’s opt-out and applicability requirements. On June 28, 2024, Rhode Island became the nineteenth state to enact a data privacy law, joining California, Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, and Virginia. The law focuses on providing customers with transparency with regard to how their personally identifiable information (PII), particularly that of children, is used and shared by data controllers and processo...