United States of America: Introduced Georgia Computer Data Privacy Act (SB 394)
Description
Introduced Georgia Computer Data Privacy Act (SB 394)
On 26 January 2021, the Georgia Computer Data Privacy Act (SB 394) was introduced in the Georgia Senate. The Act would allow businesses to collect personal information only after having provided notice and obtained the consumer’s affirmative and explicit consent. To sell data, the companies shall allow the consumers' to opt-out and provide notice including the persons to whom data will be sold and the pro-rata value of the consumer’s personal information. Also, the Act introduces the right to data deletion and the right to be forgotten. Moreover, research activities by corporations shall only be pursued with anonymised or aggregated data. Finally, consumers would have a private right of action against any person violating the Act.
Original sourceScope
Policy Area
Data governance
Policy Instrument
Data protection regulation
Regulated Economic Activity
cross-cutting
Implementation Level
subnational
Government Branch
executive
Government Body
central government
Complete timeline of this policy change
Key regulatory dimensions
Regulated subjects
The businesses, government agencies or individuals affected by this policy or regulatory change.
producer / supplier
1
Type
Private organisation
Economic activity
cross-cutting
Category
All
Policy change by business practice
The detailed activities within the scope of this policy or regulatory change.
personal data (all forms): data collection
Regulatory tool
User right to deletion of personal data
User notification requirement
User consent: Opt-in requirement
Private right of action
Sanctions
Civil penalty
Regulated subjects
1
personal data (all forms): sale
Regulatory tool
User right to deletion of personal data
User consent: Permit user opt-out
User notification requirement
Private right of action
Sanctions
Civil penalty
Regulated subjects
1