#52 – New Privacy Law for People Who Live in Connecticut, and Any Company That Serves Them


EFFECTED USERS: Everyone who lives in Connecticut, and every company that serves Connecticutians

Hair of fire 2 of 5

SUMMARY: Patchwork of state Consumer Privacy laws continues

If you are a customer in Connecticut, you should to understand this. But if you sell to people in Connecticut, you NEED to understand this.

Any company anywhere that sells in the US, also sells to Connecticut.

On July 1, 2023 a new law will go into effect for the State of Connecticut concerning privacy.

  • the right of access – which allows consumers to confirm whether or not a controller is processing their personal data, and to access such personal data, unless such confirmation or access would require the controller to reveal a trade secret;
  • the right of rectification – which allows consumers to correct inaccuracies in their personal data, taking into account the nature of the personal data and the purposes of the processing of this personal data;
  • the right of deletion – which allows consumers to delete personal data which they have previously provided;
  • the right of data portability – which allows consumers to obtain a copy of their personal data which is processed by the controller, and to obtain this data in a portable and, to the extent technically feasible, readily usable format that allows the consumer to transmit the data to another controller without hindrance, where the processing is carried out by automated means, provided that such controller shall not be required to reveal any trade secret; and
  • the right to opt out – which allows consumers to opt out of the processing of their personal data for:purposes of targeted advertising;

Keir Lamont, the senior counsel at the Future of Privacy Forum, added that Connecticut’s privacy
bill goes beyond existing state privacy laws by “directly limiting the use of facial recognition
technology, establishing default protections for adolescent data, and strengthening consumer
choice, including through requiring recognition of many global opt-out signals. Nevertheless, a
federal privacy law remains necessary to ensure that all Americans are guaranteed strong,
baseline protections for the processing of their personal information.”

Steve Gibson, Security Now Episode #869

Yes – a national program is needed.

So far, 4 states have enacted privacy legislation, according to the National Conference of State Legislators:

California, Colorado, Utah and Virginia

THERE ARE 50 STATES!! Any company has to know and all of these laws, which have similarities, but also have significant differences. National laws needed.

That’s all the time we have!

Don’t forget to check out our sponsor, and home of my day-job: SAFE Classroom, at http://www.thesafe.io

Thanks for listening

Published by

David W. Schropfer

David W. Schropfer is the CEO of SAFE (Smartphone Authentication For Everyone), a cybersecurity company in New York (www.theSafe.io).  Every day, he and his team of professionals keep the people who use The SAFE Button protected from some of the most common traps, hacks and attacks that target computer systems of all sizes. David is the author of the bestselling cybersecurity book, Digital Habits: 5 Simple Tips to Help Keep You and Your Information Safe Online. His previous books, including The Smartphone Wallet and industry whitepapers, predicted some of the biggest trends in the payments, mobile, and security industries.  Since graduating Boston College, David earned an Executive MBA from the University of Miami.