Despite the national and global events that took center stage in 2021, the upward trend in data privacy legislation at the state level continued and with the addition of the amendments to the Safeguards Rule, 2022 brings new compliance challenges for many businesses and financial institutions.
Posts published by “Eric Rosenkoetter”
Eric Rosenkoetter is a principal at Maurice Wutscher LLP, and is focused on advising clients with respect to federal and state consumer financial protection laws and data privacy and security, and he is a Certified Information Privacy Professional though the International Association of Privacy Professionals. He also brings to the table experience as a litigator, chief compliance and ethics officer, director of legislative affairs, federal lobbyist, and administrative hearings officer. Eric earned his Juris Doctor from Washington University School of Law, and his Bachelor of Business Administration from Southern Methodist University. He is a member of the International Association of Privacy Professionals, the Receivables Management Association International (RMAI), and ACA International. He is admitted to practice law in Texas and Missouri and in the U.S. District Courts for the Northern, Southern, Eastern, and Western Districts of Texas. For more information, see https://mauricewutscher.com/attorneys/eric-rosenkoetter/
On Oct. 8, S.737A was signed into New York law, “requiring debt collectors to inform debtors that written communications are available in large print format.” The legislation becomes effective Nov. 7, 2021.
The Consumer Financial Protection Bureau (CFPB) announced on July 30, 2021, that it will be withdrawing its earlier proposal to extend the Regulation F effective date by 60 days. Thus, the original effective date of Nov. 30, 2021, will remain.
On July 6, Colorado Gov. Jared Polis signed into law Senate Bill 21-190, the Colorado Privacy Act. This makes Colorado the third state, behind California and Virginia, to enact comprehensive consumer data privacy legislation. The act becomes effective July 1, 2023.
On April 7, the Consumer Financial Protection Bureau (CFPB) issued a Proposed Rule that would postpone the effective date of the Debt Collection Final Rules, Part 1 and Part 2, by 60 days, from Nov. 30, 2021, to Jan. 29, 2022.
On March 19, Sen. Robert Rodriguez (D), Chair of the Business, Labor & Technology Committee, and Sen. Paul Lundeen (R), Minority Whip, introduced Senate Bill 21-190 that would create the Colorado Privacy Act.
On March 15, the California Office of the Attorney General announced that additional regulations relating to the California Consumer Privacy Act (CCPA) had been approved, effective immediately.
On Feb. 21, Alabama Rep. Craig Lipscomb introduced House Bill 216 which would create the Alabama Consumer Privacy Act. The legislation is similar to the California Consumer Privacy Act but has far broader application.
On March 15, West Virginia Delegate Danny Hamrick, joined by 10 other Republicans, introduced House Bill 3159 which is consumer data privacy legislation similar to the California Consumer Privacy Act (CCPA), though arguably less business friendly.
On March 2, Virginia Gov. Ralph Northam signed into law the Virginia Consumer Data Protection Act. House Bill 2307 was introduced Jan. 20, 2021, and a substitute was passed in the House just nine days later. Its companion, Senate Bill 1392, followed a similar trajectory and on Feb. 19, each chamber concurred in the other’s substitute. The Act will become effective Jan. 1, 2023.
On Jan. 11 Washington State Sen. Reuven Carlyle introduced SB 5062, the Washington Privacy Act (WPA). Its predecessors, SB 6281 and SB 5376, failed to pass in 2020 and 2019, respectively.
On the heels of the EU’s General Data Protection Regulation (GDPR) going into effect in 2018, and passage of the California Consumer Privacy Act of 2018 (CCPA), 2019 proved to be a banner year for introduction of state consumer data privacy legislation.












