For Questions or to Enroll - Call us at (800) 948-0498
This website contains affiliate links, and we may earn a commission

This website contains affiliate links, and we may earn a commission on purchases made through these links. Any commissions earned help support our work in providing valuable content. Please note that LifeLock is not responsible for the content or claims made on this website. We strive for accuracy, but all opinions and recommendations are our own.

Back to Blog

New laws to help secure your private data

January 16, 2025
Ryan Rudd

In response to escalating concerns about data privacy, several jurisdictions have enacted new laws to enhance the protection of personal information. Here’s an overview of recent legislative developments:

United States

State-Level Legislation

In 2025, eight U.S. states have implemented comprehensive data privacy laws:

  • Delaware Personal Data Privacy Act: Effective January 1, 2025, this law grants consumers rights to access, delete, and opt out of the sale of personal information. It also imposes obligations on businesses regarding data collection and processing.
  • Iowa Consumer Data Protection Act: Also effective January 1, 2025, Iowa’s law provides consumers with rights concerning their personal data and requires businesses to implement data security measures.
  • Nebraska Data Privacy Act: Taking effect on January 1, 2025, this act outlines consumer rights and business obligations related to personal data protection.
  • New Hampshire Data Privacy Act: Effective January 1, 2025, this legislation provides consumers with rights over their personal data and sets requirements for businesses on data handling practices.
  • New Jersey Data Privacy Act: Set to take effect on January 15, 2025, this act enhances consumer rights regarding personal data and imposes stricter regulations on businesses.
  • Tennessee Information Protection Act: Effective July 1, 2025, this law introduces measures to protect consumer data and outlines business responsibilities in data processing.
  • Minnesota Consumer Data Privacy Act: Taking effect on July 31, 2025, this act grants consumers rights over their personal information and sets compliance requirements for businesses.
  • Maryland Online Data Protection Act: Effective October 1, 2025, this legislation focuses on safeguarding consumer data in online transactions and services.

These state laws generally provide consumers with rights to access, delete, and opt out of the sale of their personal information, while imposing obligations on businesses to ensure data security and transparency.

Federal Developments

The American Privacy Rights Act (APRA) was introduced in April 2024 as a comprehensive federal data privacy law. APRA aims to limit the types of data companies can collect, grant users access to their data, and allow them to opt out of data sales. However, as of January 2025, APRA has not been enacted into law.

International Developments

India

In January 2025, the Indian government released draft rules for the Digital Personal Data Protection Act, 2023. These rules propose mandatory data localization and require parental consent for social media use by individuals under 18. Public feedback on these rules is open until February 18, 2025.

China

As of January 2025, China’s state planner has announced efforts to crack down on illegal data handling, targeting black and grey markets that unlawfully obtain, sell, or provide data. New regulations aim to improve data security governance, emphasizing the need to monitor data security risks, particularly in key industries.

Implications

These legislative measures reflect a global trend toward strengthening data privacy protections. For consumers, these laws offer greater control over personal information and enhanced security. Businesses are now required to comply with a complex landscape of regulations, necessitating robust data management and security practices to ensure compliance and maintain consumer trust.