State Regulators Form Privacy Consortium

Seven state Attorneys General have partnered with the California Privacy Protection Agency (CPPA) to form the Consortium of Privacy Regulators. The goals of the bipartisan privacy consortium include facilitating discussions of privacy law developments and shared priorities, focusing on consumer protection across jurisdictions. The Consortium holds regular meetings and coordinates enforcement.

The participating AGs and CPPA members will use the Consortium of Privacy Regulators to share expertise and resources and coordinate efforts to investigate potential violations of privacy laws. The states represented in the consortium all have privacy laws that place comparable obligations on businesses and provide consumers with similar privacy rights, including the right to access, delete, and stop the sale of personal information. Commonalities in the state laws enable applications across jurisdictions and allow the consortium to work together to promote consumer privacy rights.

“We’ve seen firsthand how misuse of data can harm Californians, whether it’s information about their health, location, kids, identity, and more,” said Michael Macko, the CPPA head of enforcement. “We’re proud to collaborate with states across the country to advance consistent, streamlined enforcement of privacy protections to address real-world privacy harms. The Consortium reflects this shared commitment—now and for the future.”

“Data knows no borders — state and nationwide coordination is vital for protecting consumers’ rights, especially in our data-driven world,” said California Attorney General Bonta. “Collaborating with partners across the country provides another tool in the toolbox for my office to tackle enforcement priorities and continue safeguarding the privacy rights of Californians.”

Attorneys General from the following states are participating in the Consortium of Privacy Regulators:

• California
• Colorado
• Connecticut
• Delaware
• Indiana
• New Jersey
• Oregon

What it Means for Businesses

Through a memorandum of understanding, the formation of this consortium will lead businesses to see a more consistent approach towards enforcement and expectation surrounding compliance with the privacy laws in these states. State regulators have long discussed publicly that they will work together, and this consortium looks to formalize the approach, streamline sharing activities, and make it easier to jointly enforce their respective privacy laws against businesses in violation of these laws.

The CompliancePoint team of privacy professionals can help your organization comply with the GDPR, CCPA, and all state laws and avoid the associated risks. Contact us today at connect@compliancepoint.com to learn more about our services.