Connecticut Governor Ned Lamont has signed into law Public Act 22-15, which provides consumers with greater ability to safeguard their personal data that is collected by online companies.
The law also requires companies to lessen the amount of data they collect and only use that data for the purposes they are collecting it for, therefore having less data breaches and identity theft.
In addition, it requires consumers under the age of 16 to provide consent to data collection.
Companies will be prohibited from discriminating against consumers who choose to exercise these rights.
The law takes effect July 1, 2023, except for a provision related to a task force, which is effective immediately.
Connecticut becomes the fifth state to enact this kind of law protecting data privacy, following similar ones recently enacted in California, Colorado, Utah and Virginia.
Lamont said that while he prefers that Congress enact a similar data privacy standard at the federal level, he is hopeful that this growing number of states adopting these protections will result in companies defaulting to these standards nationwide.
“Digital commerce is now a way of life for nearly all of us, and every time we stream a television show or movie online, every time we go for a walk while wearing a fitness tracking device, and every time we purchase something from our favorite website, our actions are being logged and frequently sold and shared with others,” Lamont said.
“Consumers have a right to know what information of theirs is being collected, have the ability to correct any false data that is collected, and have the right to delete that data if they don’t want it collected. I am glad that Connecticut has joined this growing coalition of states taking action to protect consumers’ privacy. Its time has come.”
Connecticut’s law was approved in the state Senate by a vote of 35 to 0 and in the House by a vote of 144 to 5.
Interested in Data Privacy?
Get automatic alerts for this topic.