Select Page

On this week of Serious Privacy, Paul Breitbarth and K Royal discuss the potential new law for Colorado, the Colorado Privacy Act, SB21-190. On June 8, it was passed by the House, meaning it is now ready for the governor’s signature. If it passes, it will be the third state omnibus privacy law in the US, with Virginia having passed the Consumer Data Protection Act (CDPA) earlier this year and of course, the California Consumer Privacy Act (CCPA).

In this episode, we cover elements such as government practices, individual rights, the extensive opt outs, and key definitions. For example, one topic is centered on how in Colorado bills can become law by “letting it ride” after 30 days – and why Colorado has 30 days for the governor to sign. This contrasts with the federal provision of the pocket veto.

Join us as we discuss the specifics of the potential Colorado Privacy Act, its penalties, and its comparisons to the CCPA, Virginia CDPA, and the GDPR. More detail on the Colorado Privacy Act can be found on TrustArc’s website, where we provide extensive detail in a series of four blogs –

If you did not catch yesterday’s webinar on the SCCs and EU activities, please feel free to watch it – hot off the presses with both Paul and K. This week’s episode can be heard on our website or streamed below.