In the coming months, more states will be able to to initiate investigations into and penalize companies that violate state consumer privacy laws as mandatory cure periods expire. Five states—Delaware, Minnesota, Montana, New Hampshire, and Oregon—will sunset their mandatory cure provision, with varying expiration dates between Oct. 1, 2025, and Jan. 31, 2026, according to Bloomberg Law’s State Comprehensive Privacy Laws vs. GDPR Chart Builder.
Many states initially included a cure period (typically 30, 60, or 90 days) in their privacy laws as a way to encourage proactive compliance. Their aim was to give businesses time to understand new requirements ...
Learn more about Bloomberg Law or Log In to keep reading:
Learn About Bloomberg Law
AI-powered legal analytics, workflow tools and premium legal & business news.
Already a subscriber?
Log in to keep reading or access research tools.