United States of America: Consumer Data Protection Act (SB 1023) failed to pass Virginia House

On 18 February 2025, the Consumer Data Protection Act failed to pass the Virginia House, as it remained in the House Committee on Communications, Technology, and Innovation without further action. The Act seeks to amend S 59.1-578 of the Code of Virginia, expanding data controller responsibilities under the Consumer Data Protection Act, specifically prohibiting data controllers from selling or offering for sale precise geolocation data concerning consumers. The Act outlines obligations for data controllers to enhance transparency, safeguard personal data, and ensure compliance with both state and federal privacy laws, including the federal Children's Online Privacy Protection Act for the processing of children's data.