CINXE.COM
The American Privacy Rights Act (APRA): What to Expect? | Osano
<!doctype html><html lang="en"><head> <meta charset="utf-8"> <title>The American Privacy Rights Act (APRA): What to Expect? | Osano</title> <link rel="shortcut icon" href="https://www.osano.com/hubfs/v2/icons/favicon/ms-icon-310x310.png"> <meta name="description" content="Explore the American Privacy Rights Act (APRA) and its potential impact on data privacy laws. Learn about key requirements, exemptions, and the likelihood of passage."> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta property="og:description" content="Explore the American Privacy Rights Act (APRA) and its potential impact on data privacy laws. Learn about key requirements, exemptions, and the likelihood of passage."> <meta property="og:title" content="The American Privacy Rights Act (APRA): What to Expect?"> <meta name="twitter:description" content="Explore the American Privacy Rights Act (APRA) and its potential impact on data privacy laws. Learn about key requirements, exemptions, and the likelihood of passage."> <meta name="twitter:title" content="The American Privacy Rights Act (APRA): What to Expect?"> <style> a.cta_button{-moz-box-sizing:content-box !important;-webkit-box-sizing:content-box !important;box-sizing:content-box !important;vertical-align:middle}.hs-breadcrumb-menu{list-style-type:none;margin:0px 0px 0px 0px;padding:0px 0px 0px 0px}.hs-breadcrumb-menu-item{float:left;padding:10px 0px 10px 10px}.hs-breadcrumb-menu-divider:before{content:'›';padding-left:10px}.hs-featured-image-link{border:0}.hs-featured-image{float:right;margin:0 0 20px 20px;max-width:50%}@media (max-width: 568px){.hs-featured-image{float:none;margin:0;width:100%;max-width:100%}}.hs-screen-reader-text{clip:rect(1px, 1px, 1px, 1px);height:1px;overflow:hidden;position:absolute !important;width:1px} </style> <link rel="stylesheet" href="https://www.osano.com/hs-fs/hub/4785246/hub_generated/template_assets/107540355660/1728402644863/Osano/css/main.min.css"> <link rel="stylesheet" href="https://www.osano.com/hs-fs/hub/4785246/hub_generated/module_assets/112224055108/1706649595039/module_112224055108_Announcement_Bar.min.css"> <link rel="stylesheet" href="https://www.osano.com/hs-fs/hub/4785246/hub_generated/module_assets/111415423003/1727864669955/module_111415423003_Header.min.css"> <link rel="stylesheet" href="https://www.osano.com/hs-fs/hub/4785246/hub_generated/module_assets/107873229076/1706649598011/module_107873229076_Stacked_Hero.min.css"> <link rel="stylesheet" href="https://www.osano.com/hs-fs/hub/4785246/hub_generated/template_assets/107541060353/1715363946157/Osano/css/templates/blog.min.css"> <link rel="stylesheet" href="https://www.osano.com/hs-fs/hub/4785246/hub_generated/module_assets/114898789024/1727890381128/module_114898789024_Pillar_Content.min.css"> <link rel="stylesheet" href="https://www.osano.com/hs-fs/hub/4785246/hub_generated/module_assets/158772322476/1709661527797/module_158772322476_Blog_Card_deck.min.css"> <link rel="stylesheet" href="https://www.osano.com/hs-fs/hub/4785246/hub_generated/module_assets/112535877920/1706649593169/module_112535877920_Conversion_Panel_Update.min.css"> <link rel="stylesheet" href="https://www.osano.com/hs-fs/hub/4785246/hub_generated/module_assets/107544076640/1706649594681/module_107544076640_Site_Footer.min.css"> <script src="https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/gsap.min.js"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.5/ScrollTrigger.min.js"></script> <link rel="canonical" href="https://www.osano.com/american-privacy-rights-act-apra"> <meta charset="UTF-8"> <meta name="referrer" content="same-origin"> <meta http-equiv="Content-Security-Policy" content="default-src data: https:; script-src 'unsafe-inline' 'unsafe-eval' https:; worker-src blob: https:; object-src 'none'; style-src data: 'unsafe-inline' https:; img-src data: https:; media-src data: https: blob:; frame-src https:; font-src data: https:; connect-src data: https:"> <meta name="referrer" content="strict-origin-when-cross-origin"> <meta name="msapplication-TileColor" content="%23ffffff"> <meta name="msapplication-TileImage" content="https://www.osano.com/hubfs/v2/icons/favicon/ms-icon-144x144.png"> <meta name="theme-color" content="%23ffffff"> <link rel="apple-touch-icon" sizes="57x57" href="https://www.osano.com/hubfs/v2/icons/favicon/apple-icon-57x57.png"> <link rel="apple-touch-icon" sizes="60x60" href="https://www.osano.com/hubfs/v2/icons/favicon/apple-icon-60x60.png"> <link rel="apple-touch-icon" sizes="72x72" href="https://www.osano.com/hubfs/v2/icons/favicon/apple-icon-72x72.png"> <link rel="apple-touch-icon" sizes="76x76" href="https://www.osano.com/hubfs/v2/icons/favicon/apple-icon-76x76.png"> <link rel="apple-touch-icon" sizes="114x114" href="https://www.osano.com/hubfs/v2/icons/favicon/apple-icon-114x114.png"> <link rel="apple-touch-icon" sizes="120x120" href="https://www.osano.com/hubfs/v2/icons/favicon/apple-icon-120x120.png"> <link rel="apple-touch-icon" sizes="144x144" href="https://www.osano.com/hubfs/v2/icons/favicon/apple-icon-144x144.png"> <link rel="apple-touch-icon" sizes="152x152" href="https://www.osano.com/hubfs/v2/icons/favicon/apple-icon-152x152.png"> <link rel="apple-touch-icon" sizes="180x180" href="https://www.osano.com/hubfs/v2/icons/favicon/apple-icon-180x180.png"> <link rel="icon" type="image/png" sizes="192x192" href="https://www.osano.com/hubfs/v2/icons/favicon/android-icon-192x192.png"> <link rel="icon" type="image/png" sizes="32x32" href="https://www.osano.com/hubfs/v2/icons/favicon/favicon-32x32.png"> <link rel="icon" type="image/png" sizes="96x96" href="https://www.osano.com/hubfs/v2/icons/favicon/favicon-96x96.png"> <link rel="icon" type="image/png" sizes="16x16" href="https://www.osano.com/hubfs/v2/icons/favicon/favicon-16x16.png"> <link rel="manifest" href="https://www.osano.com/hubfs/v2/icons/favicon/manifest.json"> <script> window.dataLayer = window.dataLayer ||[]; function gtag(){dataLayer.push(arguments);} gtag('consent','default',{ 'ad_storage':'denied', 'analytics_storage':'denied', 'ad_user_data':'denied', 'ad_personalization':'denied', 'personalization_storage':'denied', 'functionality_storage':'granted', 'security_storage':'granted', 'wait_for_update': 500 }); gtag("set", "ads_data_redaction", true); </script> <!-- domain: www.osano.com --><link rel="preload" as="script" href="https://cmp.osano.com/2sUBzx7wRdAfu6J2kkS/8e547744-886f-4a9b-a90f-7e96a47aa604/osano.js"><script src="https://cmp.osano.com/2sUBzx7wRdAfu6J2kkS/8e547744-886f-4a9b-a90f-7e96a47aa604/osano.js"></script> <script> var consentStatus = { "ESSENTIAL": "ACCEPT", "ANALYTICS": "DENY", "MARKETING": "DENY", "PERSONALIZATION": "DENY" }; var clearedCookies = false; function clearCookies(o){ if(typeof(o) === "object" && o.ANALYTICS == "DENY" && clearedCookies === false){ var _hsp = window._hsp = window._hsp || []; _hsp.push(['revokeCookieConsent']); var _paq = window._paq = window._paq || []; _paq.push(['disableCookies']); clearedCookies = true; console.log("Cleared Cookies"); } } if(typeof(window.Osano) === "object"){ window.Osano.cm.addEventListener("osano-cm-consent-saved", function (consent) { if(typeof(consent) === "object"){ consentStatus = consent; clearCookies(consent); } }); window.Osano.cm.addEventListener("osano-cm-initialized", function (consent) { if(typeof(consent) === "object"){ consentStatus = consent; clearCookies(consent);}}); } </script> <script> window.hsSetTimeout = window.setTimeout; window.setTimeout = function(func, delay) { if(delay === 99000){ delay = 0; } return window.hsSetTimeout(function() {try {func();} catch (e) {throw e;}}, delay);}; window.hsConversationsSettings = { loadImmediately: false }; window.addEventListener('load', function () { if (window.HubSpotConversations) { onConversationsAPIReady(); } else { window.hsConversationsOnReady = [onConversationsAPIReady]; } }); function onConversationsAPIReady() { window.HubSpotConversations.widget.load(); } </script> <script type="application/ld+json">{"@context": "https://schema.org","@type": "WebSite","url": "https://www.osano.com/","potentialAction": {"@type": "SearchAction","target": "https://www.osano.com/search?term={search_term_string}","query-input": "required name=search_term_string" } }</script> <style>@media print { div#hubspot-messages-iframe-container, .osano-cm-window { display: none!important; } }</style> <style> header { animation: leadinModal-dropin 0.5s; -webkit-animation: leadinModal-dropin 0.5s; -webkit-backface-visibility: hidden; top: 0px; } div.leadinModal.leadinModal-theme-top { z-index: 96; } div.leadinModal.leadinModal-theme-top.leadinModal-hidden { display: block; } div.leadinModal.leadinModal-theme-top.leadinModal-hidden > div.leadinModal-overlay, div.leadinModal.leadinModal-theme-top.leadinModal-hidden > div.leadinModal-content { animation: none; -webkit-animation:none; -moz-animation: none; -o-animation: none; } div.leadinModal.leadinModal-theme-top.leadinModal-closing { animation: leadinModal-dropout 0.5s; -webkit-animation: leadinModal-dropout 0.5s; -webkit-backface-visibility: hidden; } @keyframes bgPulse { 0% { background: inherit; } 40% { background: #7a3ff1; } 50% { background: inherit; } 70% { background: #7a3ff1; } 80% { background: inherit; } } div.leadinModal-theme-top > div.leadinModal-content > div.leadinModal-content-wrapper { animation: bgPulse 5s infinite linear; -webkit-animation: bgPulse 5s infinite linear; } </style> <meta property="og:image" content="https://www.osano.com/hubfs/APRA%20Blog%20Hero.png"> <meta name="twitter:image" content="https://www.osano.com/hubfs/APRA%20Blog%20Hero.png"> <meta property="og:url" content="https://www.osano.com/american-privacy-rights-act-apra"> <meta name="twitter:card" content="summary"> <meta http-equiv="content-language" content="en"> <meta name="generator" content="HubSpot"></head> <body> <div class="body-wrapper hs-content-id-164900361034 hs-site-page page " data-page="american-privacy-rights-act-apra"> <div data-global-resource-path="Osano/templates/partials/header.html"> <header class="header header-main"> <div class="container"> <div class="row mx-0 align-items-center"> <a class="d-inline-flex header__logo" href="https://www.osano.com"> <img src="https://www.osano.com/hubfs/Imported%20images/Logo.svg" alt="Logo" loading="lazy" width="142" height="32" style="max-width: 100%; height: auto;"> </a> <ul class="header__top-menu-wrapper header__menu-wrapper "> <li> <a href="javascript:void(0);" class="open-sub-menu"> <span> Platform </span> <svg xmlns="http://www.w3.org/2000/svg" width="12" height="8" viewbox="0 0 12 8" fill="none"> <path d="M1 1.5L6 6.5L11 1.5" stroke="white" stroke-width="1.66667" stroke-linecap="round" stroke-linejoin="round" /> </svg> </a> <div class="header__submenu-wrapper"> <div class="platform_menu"> <ul> <li class="header__submenu-header hover-arrow "> <h5 class=""> <span> The Osano Platform Overview </span> <svg xmlns="http://www.w3.org/2000/svg" width="13" height="12" viewbox="0 0 13 12" fill="none"> <path d="M1.41699 6H11.917M11.917 6L6.66699 0.75M11.917 6L6.66699 11.25" stroke="white" stroke-width="1.5" stroke-linecap="round" stroke-linejoin="round" /> </svg> </h5> <p> Get an overview of the simple, all-in-one data privacy platform </p> <a class="mask-link" href="https://www.osano.com/products"> </a> </li> <div class="platform"> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/Imported%20sitepage%20images/header__icon-1.svg" alt="header__icon-1" loading="lazy" width="21" height="20" style="max-width: 100%; height: auto;"> <div> <h5> Cookie Consent </h5> <p> Manage consent for data privacy laws in 50+ countries </p> </div> <a class="mask-link" href="https://www.osano.com/cookieconsent"> </a> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/Imported%20sitepage%20images/user-square.svg" alt="user-square" loading="lazy" width="24" height="24" style="max-width: 100%; height: auto;"> <div> <h5> Subject Rights Management </h5> <p> Streamline and automate the DSAR workflow </p> </div> <a class="mask-link" href="https://www.osano.com/products/subject-rights"> </a> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/marketing/assets/icons/assessments%20primary%20200.svg" alt="assessments primary 200" loading="lazy" width="24" height="24" style="max-width: 100%; height: auto;"> <div> <h5> Assessments </h5> <p> Efficiently manage assessment workflows using custom or pre-built templates </p> </div> <a class="mask-link" href="https://www.osano.com/products/privacy-assessments"> </a> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/marketing/assets/icons/Unified%20Consent%20primary%20200.svg" alt="Unified Consent primary 200" loading="lazy" width="24" height="24" style="max-width: 100%; height: auto;"> <div> <h5> Unified Consent & Preference Hub </h5> <p> Streamline consent, utilize non-cookie data, and enhance customer trust </p> </div> <a class="mask-link" href="https://www.osano.com/products/unified-consent-preference-hub"> </a> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/marketing/assets/icons/data%20mapping%20primary%20200.svg" alt="data mapping primary 200" loading="lazy" width="24" height="24" style="max-width: 100%; height: auto;"> <div> <h5> Data Mapping </h5> <p> Automate and visualize data store discovery and classification </p> </div> <a class="mask-link" href="https://www.osano.com/products/data-mapping"> </a> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/Imported%20sitepage%20images/shield-tick.svg" alt="shield-tick" loading="lazy" width="24" height="24" style="max-width: 100%; height: auto;"> <div> <h5> Vendor Privacy Risk Management </h5> <p> Ensure your customers’ data is in good hands </p> </div> <a class="mask-link" href="https://www.osano.com/products/vendor-risk"> </a> </li> </div> </ul> <ul> <li class="header__submenu-header "> <h5 class=""> <span> Features & Integrations </span> </h5> <p> Key Features & Integrations </p> </li> <div class="features"> <li class="header__submenu-list-item"> <div> <h5> Privacy Templates </h5> </div> <a class="mask-link" href="https://www.osano.com/features/privacy-templates"> </a> </li> <li class="header__submenu-list-item"> <div> <h5> GDPR Representative </h5> </div> <a class="mask-link" href="https://www.osano.com/features/gdpr-representative"> </a> </li> <li class="header__submenu-list-item"> <div> <h5> Consult Privacy Team </h5> </div> <a class="mask-link" href="https://www.osano.com/features/privacy-experts"> </a> </li> <li class="header__submenu-list-item"> <div> <h5> Regulatory Guidance </h5> </div> <a class="mask-link" href="https://www.osano.com/features/regulatory-guidance"> </a> </li> <li class="header__submenu-list-item"> <div> <h5> Integrations </h5> </div> <a class="mask-link" href="https://developers.osano.com/integrations/" target="_blank" rel="noopener"> </a> </li> </div> </ul> </div> </div> </li> <li> <a href="javascript:void(0);" class="open-sub-menu"> <span> Solutions </span> <svg xmlns="http://www.w3.org/2000/svg" width="12" height="8" viewbox="0 0 12 8" fill="none"> <path d="M1 1.5L6 6.5L11 1.5" stroke="white" stroke-width="1.66667" stroke-linecap="round" stroke-linejoin="round" /> </svg> </a> <div class="header__submenu-wrapper"> <ul class=" "> <li class="header__submenu-header "> <h5 class=""> <span> By Regulation </span> </h5> </li> <li class="header__submenu-list-item"> <div> <h5> CPRA </h5> <p> Discover how Osano supports CPRA compliance </p> </div> <a class="mask-link" href="https://www.osano.com/solutions/cpra-compliance-software"> </a> </li> <li class="header__submenu-list-item"> <div> <h5> CCPA </h5> <p> Learn about the CCPA and how Osano can help </p> </div> <a class="mask-link" href="https://www.osano.com/solutions/ccpa-compliance-software"> </a> </li> <li class="header__submenu-list-item"> <div> <h5> GDPR </h5> <p> Achieve compliance with one of the world’s most comprehensive data privacy laws </p> </div> <a class="mask-link" href="https://www.osano.com/solutions/gdpr-compliance-software"> </a> </li> </ul> <ul class=" "> <li class="header__submenu-header "> <h5 class=""> <span> By Organization Type </span> </h5> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/Imported%20sitepage%20images/Icon%20(10).svg" alt="Icon (10)" loading="lazy" width="23" height="12" style="max-width: 100%; height: auto;"> <div> <h5> Start-Up </h5> <p> Don’t let data privacy compliance get in the way of growth </p> </div> <a class="mask-link" href="https://www.osano.com/solutions/start-up-privacy-software"> </a> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/Imported%20sitepage%20images/Icon%20(11).svg" alt="Icon (11)" loading="lazy" width="21" height="20" style="max-width: 100%; height: auto;"> <div> <h5> Mid-Sized </h5> <p> Preserve your competitive edge </p> </div> <a class="mask-link" href="https://www.osano.com/solutions/mid-sized-privacy-software"> </a> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/Imported%20sitepage%20images/Icon%20(12).svg" alt="Icon (12)" loading="lazy" width="23" height="20" style="max-width: 100%; height: auto;"> <div> <h5> Enterprise </h5> <p> Manage data privacy at scale </p> </div> <a class="mask-link" href="https://www.osano.com/solutions/enterprise-privacy-software"> </a> </li> </ul> <ul class=" "> <li class="header__submenu-header "> <h5 class=""> <span> By Use Case </span> </h5> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/Imported%20sitepage%20images/Path.svg" alt="Path" loading="lazy" width="21" height="22" style="max-width: 100%; height: auto;"> <div> <h5> Consent Management </h5> <p> Manage consent without the complexity </p> </div> <a class="mask-link" href="https://www.osano.com/solutions/consent-management-platform"> </a> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/Imported%20sitepage%20images/Icon%20(14).svg" alt="Icon (14)" loading="lazy" width="21" height="22" style="max-width: 100%; height: auto;"> <div> <h5> DSAR Automation </h5> <p> Never miss a DSAR deadline again </p> </div> <a class="mask-link" href="https://www.osano.com/products/subject-rights"> </a> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/Imported%20sitepage%20images/Icon%20(16).svg" alt="Icon (16)" loading="lazy" width="23" height="22" style="max-width: 100%; height: auto;"> <div> <h5> Privacy Program Management </h5> <p> Build and grow an end-to-end privacy program </p> </div> <a class="mask-link" href="https://www.osano.com/solutions/privacy-program-management-software"> </a> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/Imported%20sitepage%20images/Icon%20(15).svg" alt="Icon (15)" loading="lazy" width="19" height="22" style="max-width: 100%; height: auto;"> <div> <h5> Vendor Risk Management </h5> <p> Regain insight and control over your customers’ data </p> </div> <a class="mask-link" href="https://www.osano.com/products/vendor-risk"> </a> </li> </ul> </div> </li> <li> <a href="javascript:void(0);" class="open-sub-menu"> <span> Resources </span> <svg xmlns="http://www.w3.org/2000/svg" width="12" height="8" viewbox="0 0 12 8" fill="none"> <path d="M1 1.5L6 6.5L11 1.5" stroke="white" stroke-width="1.66667" stroke-linecap="round" stroke-linejoin="round" /> </svg> </a> <div class="header__submenu-wrapper"> <ul class=" reduced-size "> <li class="header__submenu-header "> <h5 class=""> <span> Resources </span> </h5> <p> Key resources on all things data privacy </p> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/Imported%20sitepage%20images/book-open-01.svg" alt="book-open-01" loading="lazy" width="24" height="24" style="max-width: 100%; height: auto;"> <div> <h5> Articles </h5> <p> Expert insights on all things privacy </p> </div> <a class="mask-link" href="https://www.osano.com/articles"> </a> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/Imported%20sitepage%20images/Icon%20(25).svg" alt="Icon (25)" loading="lazy" width="22" height="20" style="max-width: 100%; height: auto;"> <div> <h5> Resource Center </h5> <p> Key resources to further your data privacy education </p> </div> <a class="mask-link" href="https://www.osano.com/resources"> </a> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/marketing/assets/icons/hand%20a%20heart%20icon%20primary%20200.svg" alt="hand a heart icon primary 200" loading="lazy" width="23" height="22" style="max-width: 100%; height: auto;"> <div> <h5> Customer Stories </h5> <p> Meet some of the 5,000+ leaders using Osano to transform their privacy programs </p> </div> <a class="mask-link" href="https://www.osano.com/customers"> </a> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/marketing/assets/icons/globe%20icon%20primary%20200.svg" alt="globe icon primary 200" loading="lazy" width="21" height="22" style="max-width: 100%; height: auto;"> <div> <h5> U.S. Data Privacy Laws </h5> <p> A guide to data privacy in the U.S. </p> </div> <a class="mask-link" href="https://www.osano.com/us-data-privacy-laws"> </a> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/marketing/assets/icons/code%20icon%20primary%20200.svg" alt="code icon primary 200" loading="lazy" width="22" height="20" style="max-width: 100%; height: auto;"> <div> <h5> Product Updates </h5> <p> What's the latest from Osano? </p> </div> <a class="mask-link" href="https://www.osano.com/updates"> </a> </li> </ul> <ul class=" "> <li class="header__submenu-header "> <h5 class=""> <span> Become a Privacy Insider </span> </h5> <p> Data privacy is complex but you're not alone </p> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/marketing/assets/icons/envelope%20icon%20primary%20200.svg" alt="envelope icon primary 200" loading="lazy" width="22" height="18" style="max-width: 100%; height: auto;"> <div> <h5> The Newsletter </h5> <p> Join our weekly newsletter with over 35,000 subscribers </p> </div> <a class="mask-link" href="https://www.osano.com/newsletter"> </a> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/Imported%20sitepage%20images/Icon%20(17).svg" alt="Icon (17)" loading="lazy" width="16" height="20" style="max-width: 100%; height: auto;"> <div> <h5> The Podcast </h5> <p> Global experts share insights and compelling personal stories about the critical importance of data privacy </p> </div> <a class="mask-link" href="https://www.osano.com/podcast"> </a> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/Imported%20sitepage%20images/book-open-01.svg" alt="book-open-01" loading="lazy" width="24" height="24" style="max-width: 100%; height: auto;"> <div> <h5> The Book </h5> <p> Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start a privacy program </p> </div> <a class="mask-link" href="https://www.osano.com/the-privacy-insider-book"> </a> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/Imported%20sitepage%20images/Icon%20(30).svg" alt="Icon (30)" loading="lazy" width="23" height="20" style="max-width: 100%; height: auto;"> <div> <h5> Events </h5> <p> Upcoming webinars and in-person events designed for privacy professionals </p> </div> <a class="mask-link" href="https://www.osano.com/events"> </a> </li> </ul> <div class="header__navigation-card header__latest-post"> <h4> Latest Blog post </h4> <div class="header__latest-post-content"> <div class="d-flex"> <img class="blog-related-posts__image" src="https://www.osano.com/hs-fs/hubfs/post-summit%20blog.png?width=352&name=post-summit%20blog.png" loading="lazy" width="352" alt="Two professionals discussing" srcset="https://www.osano.com/hs-fs/hubfs/post-summit%20blog.png?width=176&name=post-summit%20blog.png 176w, https://www.osano.com/hs-fs/hubfs/post-summit%20blog.png?width=352&name=post-summit%20blog.png 352w, https://www.osano.com/hs-fs/hubfs/post-summit%20blog.png?width=528&name=post-summit%20blog.png 528w, https://www.osano.com/hs-fs/hubfs/post-summit%20blog.png?width=704&name=post-summit%20blog.png 704w, https://www.osano.com/hs-fs/hubfs/post-summit%20blog.png?width=880&name=post-summit%20blog.png 880w, https://www.osano.com/hs-fs/hubfs/post-summit%20blog.png?width=1056&name=post-summit%20blog.png 1056w" sizes="(max-width: 352px) 100vw, 352px"> </div> <div class="header__latest-post-wrapper"> <h4> It’s Time for Privacy Pros to Make a Strategic Shift </h4> <p> The importance of effective data privacy can no longer be ignored. </p> <span class="btn-inline"> <span> Read Now </span> <svg xmlns="http://www.w3.org/2000/svg" width="14" height="14" viewbox="0 0 14 14" fill="none"> <path d="M1.16699 6.99984H12.8337M12.8337 6.99984L7.00033 1.1665M12.8337 6.99984L7.00033 12.8332" stroke="white" stroke-width="1.66667" stroke-linecap="round" stroke-linejoin="round" /> </svg> </span> </div> </div> <a class="mask-link" href="https://www.osano.com/articles/data-privacy-strategic-shift" target="_blank"></a> </div> </div> </li> <li> <a href="javascript:void(0);" class="open-sub-menu"> <span> Company </span> <svg xmlns="http://www.w3.org/2000/svg" width="12" height="8" viewbox="0 0 12 8" fill="none"> <path d="M1 1.5L6 6.5L11 1.5" stroke="white" stroke-width="1.66667" stroke-linecap="round" stroke-linejoin="round" /> </svg> </a> <div class="header__submenu-wrapper"> <ul class=" "> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/Imported%20sitepage%20images/Vector.svg" alt="Vector" loading="lazy" width="20" height="20" style="max-width: 100%; height: auto;"> <div> <h5> About Us </h5> <p> The Osano story </p> </div> <a class="mask-link" href="https://www.osano.com/company/about"> </a> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/Imported%20sitepage%20images/Icon%20(25).svg" alt="Icon (25)" loading="lazy" width="22" height="20" style="max-width: 100%; height: auto;"> <div> <h5> Careers </h5> <p> Become an Osanian and help us build the future of privacy! </p> </div> <a class="mask-link" href="https://www.osano.com/company/careers"> </a> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/Imported%20sitepage%20images/Icon%20(26).svg" alt="Icon (26)" loading="lazy" width="20" height="21" style="max-width: 100%; height: auto;"> <div> <h5> Contact </h5> <p> We’re eager to hear from you </p> </div> <a class="mask-link" href="https://www.osano.com/company/contact"> </a> </li> </ul> <ul class=" "> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/Imported%20sitepage%20images/%EF%83%A3.svg" alt="" loading="lazy" width="19" height="19" style="max-width: 100%; height: auto;"> <div> <h5> Our Pledge </h5> <p> No fines, no penalties </p> </div> <a class="mask-link" href="https://www.osano.com/pledge"> </a> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/Imported%20sitepage%20images/Icon%20(27).svg" alt="Icon (27)" loading="lazy" width="21" height="22" style="max-width: 100%; height: auto;"> <div> <h5> Data Licensing </h5> <p> Add Osano data privacy ratings and recommendations to your application </p> </div> <a class="mask-link" href="https://www.osano.com/company/data"> </a> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/Imported%20sitepage%20images/Icon%20(28).svg" alt="Icon (28)" loading="lazy" width="21" height="22" style="max-width: 100%; height: auto;"> <div> <h5> Osano Swag Store </h5> <p> Increase Trust. Stay Compliant. Get Cool Swag. </p> </div> <a class="mask-link" href="https://shop.osano.com" target="_blank" rel="noopener"> </a> </li> </ul> <ul class=" "> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/Imported%20sitepage%20images/Icon%20(29).svg" alt="Icon (29)" loading="lazy" width="21" height="21" style="max-width: 100%; height: auto;"> <div> <h5> Press & Media </h5> <p> Inquiries and Osano in the news </p> </div> <a class="mask-link" href="https://www.osano.com/pr"> </a> </li> <li class="header__submenu-list-item"> <img src="https://www.osano.com/hubfs/Imported%20sitepage%20images/Icon%20(30).svg" alt="Icon (30)" loading="lazy" width="23" height="20" style="max-width: 100%; height: auto;"> <div> <h5> Partners & Resellers </h5> <p> Interested in partnering with us? </p> </div> <a class="mask-link" href="https://www.osano.com/company/partners-resellers"> </a> </li> </ul> </div> </li> <li> <a href="https://www.osano.com/plans"> <span> Pricing </span> </a> </li> <li class="header__cta-wrapper ml-auto"> <a class="inline-btn" href="https://my.osano.com/" target="_blank" rel="noopener"> <span> Sign In </span> </a> <a class="primary-btn" href="https://www.osano.com/request/demo"> <span> Book a Demo </span> </a> </li> </ul> <button class="d-xxl-none menu-btn" id="menu-btn"> <svg xmlns="http://www.w3.org/2000/svg" width="24" height="20" viewbox="0 0 24 20" fill="none"> <path d="M1.30078 1.9668H22.6341" stroke="#ffffff" stroke-width="2.41667" stroke-linecap="round"></path> <path d="M1.30078 9.96704H22.6341" stroke="#ffffff" stroke-width="2.41667" stroke-linecap="round"></path> <path d="M1.30078 17.967H22.6341" stroke="#ffffff" stroke-width="2.41667" stroke-linecap="round"></path> </svg> </button> </div> </div> </header> <div class="header-divider"></div></div> <main id="main-content" class="body-container-wrapper"> <div class="container-fluid body-container landing-page-body"> <div class="row-fluid-wrapper"> <div class="row-fluid"> <div class="span12 widget-span widget-type-cell " style="" data-widget-type="cell" data-x="0" data-w="12"> <div class="row-fluid-wrapper row-depth-1 row-number-1 dnd-section"> <div class="row-fluid "> <div class="span12 widget-span widget-type-cell dnd-column" style="" data-widget-type="cell" data-x="0" data-w="12"> <div class="row-fluid-wrapper row-depth-1 row-number-2 dnd-row"> <div class="row-fluid "> <div class="span12 widget-span widget-type-custom_widget dnd-module" style="" data-widget-type="custom_widget" data-x="0" data-w="12"> <div id="hs_cos_wrapper_widget_1701357955384" class="hs_cos_wrapper hs_cos_wrapper_widget hs_cos_wrapper_type_module" style="" data-hs-cos-general-type="widget" data-hs-cos-type="module"><section class="stacked-hero-section"> <div class="container"> <hgroup class="stacked-hero-intro-container"> <span class="eyebrow stacked-hero">U.S. Federal Privacy Law</span> <div class="heading stacked-hero"><h1>The American Privacy Rights Act (APRA): What to Expect? </h1></div> <p class="subheading stacked-hero text-xl">The U.S. is taking another swing at a federal data privacy law with the American Privacy Rights Act, or APRA. While there’s no guarantee that the APRA will become the law of the land, it’s still worthwhile to study in order to see what requirements organizations may be subject to as well as what potential future data privacy laws may resemble. Here, we’ll cover the law’s basic requirements as well as its likelihood of passage.</p> <div class="cta-container stacked-hero"> </div> </hgroup> </div> </section> <section class="stacked-hero-image-section"> <div class="stacked-hero-image-container" style="background-image:url(https://www.osano.com/hubfs/APRA%20Blog%20Hero.png)"></div> </section> </div> </div><!--end widget-span --> </div><!--end row--> </div><!--end row-wrapper --> </div><!--end widget-span --> </div><!--end row--> </div><!--end row-wrapper --> <div class="row-fluid-wrapper row-depth-1 row-number-3 dnd-section"> <div class="row-fluid "> <div class="span12 widget-span widget-type-cell dnd-column" style="" data-widget-type="cell" data-x="0" data-w="12"> <div class="row-fluid-wrapper row-depth-1 row-number-4 dnd-row"> <div class="row-fluid "> <div class="span12 widget-span widget-type-custom_widget dnd-module" style="" data-widget-type="custom_widget" data-x="0" data-w="12"> <div id="hs_cos_wrapper_widget_1701360585494" class="hs_cos_wrapper hs_cos_wrapper_widget hs_cos_wrapper_type_module" style="" data-hs-cos-general-type="widget" data-hs-cos-type="module"><section class="pillar-content-section section"> <div class="pillar-content-container container"> <div class="blog-detail__sidebar"> <div class="blog-headings-nav"> <h5> In this Guide </h5> <ul class="blog-headings-list"> </ul> <div class="pillar-dropdown"> <button onclick="populatePillarDropdown()" class="dropbtn">Jump to...</button> <div id="pillarDropdown" class="pillar-dropdown-content"></div> </div> </div> <div class="pillar-sidebar-cta-container"> <p class="pillar-sidebar-cta-heading text-lg semibold-weight"> Need help complying? </p> <a href="https://www.osano.com/request/demo" class="pillar-sidebar-cta primary-btn btn-lg"> <span>Schedule a Demo</span> </a> </div> </div> <article class="pillar-content"> <h2 aria-level="2"><span data-contrast="none">What Is the American Privacy Rights Act (APRA)?</span><span data-ccp-props="{"134245418":true,"134245529":true,"201341983":0,"335559738":160,"335559739":80,"335559740":279}"> </span></h2> <p><span data-contrast="auto">On April 7</span><span data-contrast="auto">th</span><span data-contrast="auto">, Congress unveiled a bipartisan, bicameral comprehensive data privacy rights bill—the APRA. </span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></p> <p><span data-contrast="auto">Specifically, the APRA was put forth by House Energy and Commerce Chair Cathy McMorris Rodgers (R-WA) and Senate Commerce, Science, and Transportation Chair Maria Cantwell (D-WA). In essence, the law:</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></p> <ul> <li data-leveltext="" data-font="Symbol" data-listid="3" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"> <div><span data-contrast="auto">Would serve as a federal comprehensive data privacy law, preempting most state laws (more on that later).</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></div> </li> <li data-leveltext="" data-font="Symbol" data-listid="3" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"> <div><span data-contrast="auto">Create privacy rights and protections for ALL Americans—not just those living in key states, participating in certain industries, or belonging to certain groups.</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></div> </li> <li data-leveltext="" data-font="Symbol" data-listid="3" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"> <div><span data-contrast="auto">Establish robust enforcement mechanisms to hold violators accountable, including enforcement via the Federal Trade Commission (FTC), state attorneys general, and—notably—a private right of action for individuals.</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></div> </li> </ul> <h2 aria-level="2"><span data-contrast="none">Who Does the APRA Apply To?</span><span data-ccp-props="{"134245418":true,"134245529":true,"201341983":0,"335559738":160,"335559739":80,"335559740":279}"> </span></h2> <p><span data-contrast="auto">Covered entities under the APRA include any entity that collects, processes, retains, or transfers personal data (or has it done for them) and who is subject to the FTC Act. So, the APRA would be quite broad; however, it does have some major exemptions.</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></p> <h2 aria-level="2"><span data-contrast="none">APRA Exemptions</span><span data-ccp-props="{"134245418":true,"134245529":true,"201341983":0,"335559738":160,"335559739":80,"335559740":279}"> </span></h2> <p><span data-contrast="auto">Unlike most state data privacy laws, the APRA does not apply to small businesses, which it defines as those businesses: </span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></p> <ul> <li data-leveltext="" data-font="Symbol" data-listid="5" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span data-contrast="auto">With $40M or less in annual revenue;</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="5" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="5" data-aria-level="1"><span data-contrast="auto">That collect, process, retain, or transfer the covered data of 200,000 or fewer individuals; and</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="5" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="6" data-aria-level="1"><span data-contrast="auto">That do not earn revenue from transferring covered data to third parties (i.e., data brokers).</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> </ul> <p><span data-contrast="auto">In addition to small businesses, governments, entities working on behalf of governments, the National Center for Missing and Exploited Children (NCMEC), and fraud-fighting non-profits are excluded. </span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></p> <p><span data-contrast="auto">If you’re compliant with certain federal laws like the Gramm-Leach-Bliley Act and HIPAA, then congratulations; the APRA already considers you to be compliant.</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></p> <p><span data-contrast="auto">Furthermore, the APRA only covers data that can be reasonably linked to an individual or device. That excludes de-identified data, employee data, publicly available information, and so on.</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></p> <h2 aria-level="2"><span data-contrast="none">Primary APRA Requirements</span><span data-ccp-props="{"134245418":true,"134245529":true,"201341983":0,"335559738":160,"335559739":80,"335559740":279}"> </span></h2> <p><span data-contrast="auto">Organizations will recognize that the APRA tracks the </span><a href="https://www.osano.com/articles/data-privacy-law-components"><span data-contrast="none">basic requirements of most data privacy laws</span></a><span data-contrast="auto">, but there are some notable departures. We’ll cover the major features below.</span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559685":0,"335559737":0,"335559738":0,"335559739":160,"335559740":279}"> </span></p> <h3 aria-level="3"><span data-contrast="none">Data Subject Rights</span><span data-ccp-props="{"134233117":false,"134233118":false,"134245418":true,"134245529":true,"201341983":0,"335551550":1,"335551620":1,"335559685":0,"335559737":0,"335559738":160,"335559739":80,"335559740":279}"> </span></h3> <p><span data-contrast="auto">For the most part, the APRA provides a set of data subject rights that maps to other U.S. privacy laws, including:</span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559685":0,"335559737":0,"335559738":0,"335559739":160,"335559740":279}"> </span></p> <ul> <li data-leveltext="" data-font="Symbol" data-listid="10" data-list-defn-props="{"335552541":1,"335559683":0,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="7" data-aria-level="1"><span data-contrast="auto">The right to know what data has been collected.</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="10" data-list-defn-props="{"335552541":1,"335559683":0,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="8" data-aria-level="1"><span data-contrast="auto">The right to access that data.</span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559685":720,"335559737":0,"335559738":0,"335559739":160,"335559740":279,"335559991":360}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="10" data-list-defn-props="{"335552541":1,"335559683":0,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="9" data-aria-level="1"><span data-contrast="auto">The right to correct data.</span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559685":720,"335559737":0,"335559738":0,"335559739":160,"335559740":279,"335559991":360}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="10" data-list-defn-props="{"335552541":1,"335559683":0,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="10" data-aria-level="1"><span data-contrast="auto">The right to delete data.</span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559685":720,"335559737":0,"335559738":0,"335559739":160,"335559740":279,"335559991":360}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="10" data-list-defn-props="{"335552541":1,"335559683":0,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="11" data-aria-level="1"><span data-contrast="auto">The right to receive that data in a portable format.</span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559685":720,"335559737":0,"335559738":0,"335559739":160,"335559740":279,"335559991":360}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="10" data-list-defn-props="{"335552541":1,"335559683":0,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="12" data-aria-level="1"><span data-contrast="auto">The right to opt out of targeted advertising and profiling.</span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559685":720,"335559737":0,"335559738":0,"335559739":160,"335559740":279,"335559991":360}"> </span></li> </ul> <h3 aria-level="3"><span data-contrast="none">New “Large Data Holder” Category</span><span data-ccp-props="{"134233117":false,"134233118":false,"134245418":true,"134245529":true,"201341983":0,"335551550":1,"335551620":1,"335559685":0,"335559737":0,"335559738":0,"335559739":160,"335559740":279}"> </span></h3> <p><span data-contrast="auto">Arguably the most interesting aspect of the APRA is its distinct category for “Large Data Holders.” Large Data Holders are defined as those organizations that:</span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559685":0,"335559737":0,"335559738":0,"335559739":160,"335559740":279}"> </span></p> <ul> <li data-leveltext="" data-font="Symbol" data-listid="8" data-list-defn-props="{"335552541":1,"335559683":0,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="13" data-aria-level="1"><span data-contrast="auto">Have $250 million or more in annual revenue; </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":160,"335559740":279}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="8" data-list-defn-props="{"335552541":1,"335559683":0,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="14" data-aria-level="1"><span data-contrast="auto">Collect, process, retain, or transfer the covered data of more than 5 million individuals (or 15 million portable devices or 35 million connected devices that are linkable to an individual); or </span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":160,"335559740":279}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="8" data-list-defn-props="{"335552541":1,"335559683":0,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="15" data-aria-level="1"><span data-contrast="auto">Collect, process, retain, or transfer the sensitive data of more than 200,000 individuals (or 300,000 portable devices or 700,000 connected devices).</span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":160,"335559740":279}"> </span></li> </ul> <p><span data-contrast="auto">Large Data Holders are subject to stricter requirements under the APRA, including:</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></p> <ul> <li data-leveltext="" data-font="Symbol" data-listid="9" data-list-defn-props="{"335552541":1,"335559683":0,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span data-contrast="auto">Publishing the last 10 years of their privacy policies and offering a short form of their policies.</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="9" data-list-defn-props="{"335552541":1,"335559683":0,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="auto">Providing a report to the FTC on their subject rights requests processing.</span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559685":720,"335559737":0,"335559738":0,"335559739":160,"335559740":279,"335559991":360}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="9" data-list-defn-props="{"335552541":1,"335559683":0,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="auto">Retaining a data privacy officer and a data security officer on staff.</span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559685":720,"335559737":0,"335559738":0,"335559739":160,"335559740":279,"335559991":360}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="9" data-list-defn-props="{"335552541":1,"335559683":0,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="4" data-aria-level="1"><span data-contrast="auto">Filing an annual report to the FTC regarding their internal controls.</span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559685":720,"335559737":0,"335559738":0,"335559739":160,"335559740":279,"335559991":360}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="9" data-list-defn-props="{"335552541":1,"335559683":0,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="5" data-aria-level="1"><span data-contrast="auto">Conducting privacy impact assessments at least once every two years.</span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559685":720,"335559737":0,"335559738":0,"335559739":160,"335559740":279,"335559991":360}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="9" data-list-defn-props="{"335552541":1,"335559683":0,"335559684":-2,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="6" data-aria-level="1"><span data-contrast="auto">Conducting privacy impact assessments on their algorithms and providing both the public and the FTC with those assessments.</span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559685":720,"335559737":0,"335559738":0,"335559739":160,"335559740":279,"335559991":360}"> </span></li> </ul> <h3 aria-level="3"><span data-contrast="none">Sensitive Data</span><span data-ccp-props="{"134245418":true,"134245529":true,"201341983":0,"335559738":160,"335559739":80,"335559740":279}"> </span></h3> <p><span data-contrast="auto">Like most data privacy regulations, the APRA includes a separate category for sensitive data. Unlike most regulations, its definition is fairly broad. It includes:</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></p> <ul> <li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="7" data-aria-level="1"><span data-contrast="auto">Government identifiers; </span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="8" data-aria-level="1"><span data-contrast="auto">Health information; </span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="9" data-aria-level="1"><span data-contrast="auto">Biometric information; </span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="10" data-aria-level="1"><span data-contrast="auto">Genetic information; </span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="11" data-aria-level="1"><span data-contrast="auto">Financial account and payment data; </span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="12" data-aria-level="1"><span data-contrast="auto">Precise geolocation information; </span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="13" data-aria-level="1"><span data-contrast="auto">Log-in credentials; </span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="14" data-aria-level="1"><span data-contrast="auto">Private communications; </span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="15" data-aria-level="1"><span data-contrast="auto">Information revealing sexual behavior; </span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="16" data-aria-level="1"><span data-contrast="auto">Calendar or address book data, phone logs, photos, and recordings for private use;</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="17" data-aria-level="1"><span data-contrast="auto">Any medium showing a naked or private area of an individual; </span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="18" data-aria-level="1"><span data-contrast="auto">Video programming viewing information; </span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="19" data-aria-level="1"><span data-contrast="auto">An individual’s race, ethnicity, national origin, religion, or sex, in a manner inconsistent with a reasonable expectation of disclosure; </span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="20" data-aria-level="1"><span data-contrast="auto">Online activities over time and across third-party websites, or over time on a high-impact social media site; </span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="21" data-aria-level="1"><span data-contrast="auto">Information about a covered minor; and </span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="6" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="22" data-aria-level="1"><span data-contrast="auto">Other data the FTC defines as sensitive covered data by rule.</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> </ul> <p><span data-contrast="auto">If you’re familiar with other state privacy laws, you’ll notice a few standout items. Notably, third-party tracking is explicitly called out, as well as “private communications,” which could conceivably cover any number of messages. As for the reference to “video programming viewing information,” that may be a reference to the VPPA, a decades-old law that protects video viewing habits and which has been used recently by the plaintiffs’ bar to sue any number of businesses that feature video content on their website.</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></p> <p><span data-contrast="auto">Sensitive data is, as is usually the case, limited to certain use cases under the APRA. Furthermore, consumers must affirmatively opt into its collection and use. Non-sensitive covered data can be collected and processed so long as consumers are given notice and the ability to withdraw consent.</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></p> <p aria-level="3"><span data-contrast="none">Required Data Privacy/Security Officer</span><span data-ccp-props="{"134245418":true,"134245529":true,"201341983":0,"335559738":160,"335559739":80,"335559740":279}"> </span></p> <p><span data-contrast="auto">In contrast to many U.S. data privacy laws, the APRA takes a leaf from the GDPR’s book and requires businesses to establish a data privacy and/or security officer role. This role isn’t exactly comparable to the GDPR’s data privacy officer role, at least not in the draft’s current form—it doesn’t specify what these officers’ duties would be.</span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559685":0,"335559737":0,"335559738":0,"335559739":160,"335559740":279}"> </span></p> <p><span data-contrast="auto">All covered entities are required to have a data privacy officer OR a security officer, but entities that qualify as Large Data Holders must have both.</span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559685":0,"335559737":0,"335559738":0,"335559739":160,"335559740":279}"> </span></p> <h3 aria-level="3"><span data-contrast="none">Data Broker Registration</span><span data-ccp-props="{"134245418":true,"134245529":true,"201341983":0,"335559738":160,"335559739":80,"335559740":279}"> </span></h3> <p><span data-contrast="auto">In a fairly novel requirement for data privacy regulations, the APRA would regulate data brokers specifically.</span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559685":0,"335559737":0,"335559738":0,"335559739":160,"335559740":279}"> </span></p> <p><span data-contrast="auto">The APRA empowers the FTC to create a data broker registry, which requires annual registration for data brokers that “affect” the data of more than 5,000 individuals. On this site, consumers can withdraw their consent for data brokers’ data collection.</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></p> <p><span data-contrast="auto">Under the APRA, data brokers will need to maintain a website that identifies themselves as data brokers, provides a tool for subject rights and opt-out requests, and links to the FTC’s data broker registry.</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></p> <h3 aria-level="3"><span data-contrast="none">Multi-Pronged Enforcement With a Private Right of Action</span><span data-ccp-props="{"134233117":false,"134233118":false,"134245418":true,"134245529":true,"201341983":0,"335551550":1,"335551620":1,"335559685":0,"335559737":0,"335559738":160,"335559739":80,"335559740":279}"> </span></h3> <p><span data-contrast="auto">There are a few different mechanisms for the APRA to be enforced. It could be enforced:</span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559685":0,"335559737":0,"335559738":0,"335559739":160,"335559740":279}"> </span></p> <ul> <li data-leveltext="" data-font="Symbol" data-listid="7" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="1" data-aria-level="1"><span data-contrast="auto">Via the FTC, which will treat violations as unfair or deceptive trade practices.</span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":160,"335559740":279}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="7" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="2" data-aria-level="1"><span data-contrast="auto">Via states attorneys general, who may seek injunctive relief; civil penalties, damages, restitution, or other consumer compensation; attorneys’ fees and other litigation costs; and other relief, as appropriate.</span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":160,"335559740":279}"> </span></li> <li data-leveltext="" data-font="Symbol" data-listid="7" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" aria-setsize="-1" data-aria-posinset="3" data-aria-level="1"><span data-contrast="auto">Via private citizens, who may sue organizations that violate their rights under the act.</span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559737":0,"335559738":0,"335559739":160,"335559740":279}"> </span></li> </ul> <p><span data-contrast="auto">Of these three, the last route of enforcement is by far the least common. There’s a good chance that this private right of action will become a focus during committee discussions.</span><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559685":0,"335559737":0,"335559738":0,"335559739":160,"335559740":279}"> </span></p> <h2 aria-level="2"><span data-contrast="none">Will the APRA Become Law?</span><span data-ccp-props="{"134245418":true,"134245529":true,"201341983":0,"335559738":160,"335559739":80,"335559740":279}"> </span></h2> <p><span data-contrast="auto">It’s difficult to say, but we can say with certainty that there is a long legislative journey for the APRA.</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></p> <p><span data-contrast="auto">Some may be familiar with the </span><a href="https://www.osano.com/articles/adppa"><span data-contrast="none">American Data Privacy and Protection Act, or ADPPA</span></a><span data-contrast="auto">—it was similar to the APRA in several ways and had made it much farther along the legislative process. Ultimately, it failed to pass and remains inactive as of this writing.</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></p> <p><span data-contrast="auto">For the unfamiliar, the U.S. legislative process flows like so:</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></p> <ol> <li><span data-contrast="auto">A representative of the House or Senate sponsors a bill</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li><span data-contrast="auto">The bill is then studied in an appropriate committee (e.g. the House Energy and Commerce Committee or the Senate Commerce, Science, and Transportation Committee).</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li><span data-contrast="auto">The bill is then brought to the House or Senate floor for a vote.</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li><span data-contrast="auto">If it passes, then the bill moves to the opposite body—that could be the Senate or the House, depending upon which body introduced the bill.</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li><span data-contrast="auto">It’s studied and voted on again in the opposite body.</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li><span data-contrast="auto">A committee of House and Senate members meets to work on any differences between the House and Senate versions of the bill.</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li><span data-contrast="auto">The bill returns to the House and Senate for final approval.</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> <li><span data-contrast="auto">The President signs the bill into law or vetoes it.</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></li> </ol> <br> <p><span data-contrast="auto">The ADPPA had made it all the way to step three but was never brought up for a vote—and that was considered a big deal for a comprehensive data privacy law.</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></p> <p><span data-contrast="auto">In contrast, the APRA has only gotten to step one as of this writing. So, while it’s appropriate to be excited about its potential, it’s important to be realistic about its chances and what fate it’ll face in committee.</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></p> <p><span data-contrast="auto">Crucially, the APRA suffers from the same fatal flaw that stalled the ADPPA; preemption. The whole point of a federal comprehensive data privacy law is that it replaces (i.e. preempts) the mishmash of state privacy laws. But it also replaces laws that offer arguably stronger consumer protections, such as the CCPA/CPRA. </span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></p> <p><span data-contrast="auto">Californian privacy stakeholders have already voiced concern that the bill strips protections away from Californians. California Privacy Protection Agency (CPPA) Executive Director Ashkan Soltani said in a statement: </span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></p> <p><span data-contrast="auto">Americans shouldn’t have to settle for a federal privacy law that limits states’ ability to advance strong protections in response to rapid changes in technology and emerging threats in policy – particularly when Californians’ fundamental rights are at stake. Congress should set a floor, not a ceiling.</span><span data-ccp-props="{"201341983":0,"335559685":720,"335559739":160,"335559740":279}"> </span></p> <p><span data-contrast="auto">California swings a lot of weight in Congress, so this could be a significant challenge for the bill.</span><span data-ccp-props="{"201341983":0,"335559739":160,"335559740":279}"> </span></p> <p><span data-contrast="auto">Whether the APRA becomes the law of the land as-is, undergoes significant changes, is replaced by a future bill, or never passes at all, organizations will need to find efficiencies in their compliance efforts. Data privacy platforms like Osano enable you to automate, streamline, and manage your privacy program without extraneous time and effort. Find out whether Osano can prepare your organization for U.S. data privacy regulations—</span><a href="https://www.osano.com/request/demo"><span data-contrast="none">schedule a demo today.</span></a><span data-ccp-props="{"134233117":false,"134233118":false,"201341983":0,"335551550":1,"335551620":1,"335559685":0,"335559737":0,"335559738":0,"335559739":160,"335559740":279}"> </span></p> </article> </div> </section> <script> function populatePillarDropdown() { document.getElementById("pillarDropdown").classList.toggle("show-pillar"); } window.onclick = function(event) { if (!event.target.matches('.dropbtn')) { var dropdowns = document.getElementsByClassName("pillar-dropdown-content"); var i; for (i = 0; i < dropdowns.length; i++) { var openDropdown = dropdowns[i]; if (openDropdown.classList.contains('show-pillar')) { openDropdown.classList.remove('show-pillar'); } } } } </script></div> </div><!--end widget-span --> </div><!--end row--> </div><!--end row-wrapper --> </div><!--end widget-span --> </div><!--end row--> </div><!--end row-wrapper --> <div class="row-fluid-wrapper row-depth-1 row-number-5 dnd-section"> <div class="row-fluid "> <div class="span12 widget-span widget-type-cell dnd-column" style="" data-widget-type="cell" data-x="0" data-w="12"> <div class="row-fluid-wrapper row-depth-1 row-number-6 dnd-row"> <div class="row-fluid "> <div class="span12 widget-span widget-type-custom_widget dnd-module" style="" data-widget-type="custom_widget" data-x="0" data-w="12"> <div id="hs_cos_wrapper_widget_1713470033262" class="hs_cos_wrapper hs_cos_wrapper_widget hs_cos_wrapper_type_module" style="" data-hs-cos-general-type="widget" data-hs-cos-type="module"> <section class="blog-recent-posts-section"> <div class="container"> <hgroup role="group" class="intro-wrapper blog-recent-posts-intro-wrapper "> <span class="eyebrow blog-recent-posts-eyebrow">Expert insights</span> <h2 class="heading blog-recent-posts-heading ">Key Resources on All Things Privacy</h2> <p class="subheading blog-recent-posts-subheading">Discover actionable compliance tips straight from our team of legal and privacy experts through our blogs, webinars, eBooks, guides, and more.</p> <div class="cta-container blog-recent-posts-cta-container"> </div> </hgroup> <div class="grid-container blog-recent-posts"> <div class="blog-post-card flex flex-col"> <div class="blog-post-card-image-wrapper"> <img class="blog-post-card-image" src="https://www.osano.com/hubfs/MAP%20-%20Comprehensive%20State%20Privacy%20Laws%20So%20Far-6-27-24.png" alt="US Data Privacy Laws"> </div> <div class="blog-post-card-copy-wrapper flex-grow flex flex-col"> <a class="blog-tag text-md regular-weight"> <span class="tag-pill blog-post-tag" data-color="yellow-gradient">US Privacy Law</span> </a> <h4 class="blog-card-heading text-xl">U.S. Data Privacy Laws: A Guide to the 2024 Landscape</h4> <p class="blog-card-subheading text-sm flex-grow">With 12 comprehensive data privacy laws enacted and many more in progress, staying...</p> <a class="card-link blog-card-link" href="https://www.osano.com/us-data-privacy-laws"></a> <span class="blog-card-read-now-text"> Read now <svg xmlns="http://www.w3.org/2000/svg" width="14" height="14" viewbox="0 0 14 14" fill="none"> <path d="M1.1665 7.00008H12.8332M12.8332 7.00008L6.99984 1.16675M12.8332 7.00008L6.99984 12.8334" stroke="#0E0416" stroke-width="1.66667" stroke-linecap="round" stroke-linejoin="round" /> </svg> </span> </div> </div> <div class="blog-post-card flex flex-col"> <div class="blog-post-card-image-wrapper"> <img class="blog-post-card-image" src="https://www.osano.com/hubfs/US%20Data%20Privacy%20Checklist%20hero.png" alt="U.S. Data Privacy Compliance Checklist: 10 Steps to Prepare for 2024"> </div> <div class="blog-post-card-copy-wrapper flex-grow flex flex-col"> <a class="blog-tag text-md regular-weight" href="https://www.osano.com/articles/tag/us-privacy-law"> <span class="tag-pill blog-post-tag" data-color="yellow-gradient">US Privacy Law</span> </a> <h4 class="blog-card-heading text-xl">U.S. Data Privacy Compliance Checklist: 10 Steps to Prepare for 2024</h4> <p class="blog-card-subheading text-sm flex-grow">With a patchwork of U.S. state privacy laws, there’s a lot of uncertainty about what...</p> <a class="card-link blog-card-link" href="https://www.osano.com/articles/privacy-compliance-checklist"></a> <span class="blog-card-read-now-text"> Read now <svg xmlns="http://www.w3.org/2000/svg" width="14" height="14" viewbox="0 0 14 14" fill="none"> <path d="M1.1665 7.00008H12.8332M12.8332 7.00008L6.99984 1.16675M12.8332 7.00008L6.99984 12.8334" stroke="#0E0416" stroke-width="1.66667" stroke-linecap="round" stroke-linejoin="round" /> </svg> </span> </div> </div> <div class="blog-post-card flex flex-col"> <div class="blog-post-card-image-wrapper"> <img class="blog-post-card-image" src="https://www.osano.com/hubfs/Data%20Privacy%20Laws%20%281%29.png" alt="Data Privacy Laws: What You Need to Know in 2024"> </div> <div class="blog-post-card-copy-wrapper flex-grow flex flex-col"> <a class="blog-tag text-md regular-weight" href="https://www.osano.com/articles/tag/essentials"> <span class="tag-pill blog-post-tag" data-color="yellow-gradient">Essentials</span> </a> <a class="blog-tag text-md regular-weight" href="https://www.osano.com/articles/tag/eu-privacy-law"> <span class="tag-pill blog-post-tag" data-color="yellow-gradient">EU Privacy Law</span> </a> <a class="blog-tag text-md regular-weight" href="https://www.osano.com/articles/tag/us-privacy-law"> <span class="tag-pill blog-post-tag" data-color="yellow-gradient">US Privacy Law</span> </a> <a class="blog-tag text-md regular-weight" href="https://www.osano.com/articles/tag/international-privacy-law"> <span class="tag-pill blog-post-tag" data-color="yellow-gradient">International Privacy Law</span> </a> <h4 class="blog-card-heading text-xl">Data Privacy Laws: What You Need to Know in 2024</h4> <p class="blog-card-subheading text-sm flex-grow">Virtually every country has enacted some sort of data privacy law to regulate how...</p> <a class="card-link blog-card-link" href="https://www.osano.com/articles/data-privacy-laws"></a> <span class="blog-card-read-now-text"> Read now <svg xmlns="http://www.w3.org/2000/svg" width="14" height="14" viewbox="0 0 14 14" fill="none"> <path d="M1.1665 7.00008H12.8332M12.8332 7.00008L6.99984 1.16675M12.8332 7.00008L6.99984 12.8334" stroke="#0E0416" stroke-width="1.66667" stroke-linecap="round" stroke-linejoin="round" /> </svg> </span> </div> </div> </div> </div> </section> </div> </div><!--end widget-span --> </div><!--end row--> </div><!--end row-wrapper --> </div><!--end widget-span --> </div><!--end row--> </div><!--end row-wrapper --> <div class="row-fluid-wrapper row-depth-1 row-number-7 dnd-section"> <div class="row-fluid "> <div class="span12 widget-span widget-type-cell dnd-column" style="" data-widget-type="cell" data-x="0" data-w="12"> <div class="row-fluid-wrapper row-depth-1 row-number-8 dnd-row"> <div class="row-fluid "> <div class="span12 widget-span widget-type-custom_widget dnd-module" style="" data-widget-type="custom_widget" data-x="0" data-w="12"> <div id="hs_cos_wrapper_widget_1701372497214" class="hs_cos_wrapper hs_cos_wrapper_widget hs_cos_wrapper_type_module" style="" data-hs-cos-general-type="widget" data-hs-cos-type="module"><section class="conversion-panel "> <div class="conversion-panel-wrapper"> <div class="container"> <div class="col-12 col-xl-8 mx-xl-auto conversion-panel__header text-center px-0"> <h2 class="conversion-panel__heading"> Simplify Data Privacy Compliance </h2> <p> With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today. </p> <div class="cta-wrapper mb-0 "> <a class="primary-btn btn-lg" href="https://www.osano.com/request/demo"> <span> Book a Demo </span> </a> </div> </div> </div> </div> </section></div> </div><!--end widget-span --> </div><!--end row--> </div><!--end row-wrapper --> </div><!--end widget-span --> </div><!--end row--> </div><!--end row-wrapper --> </div><!--end widget-span --> </div> </div> </div> </main> <div data-global-resource-path="Osano/templates/partials/footer.html"><div id="hs_cos_wrapper_module_16795059098115" class="hs_cos_wrapper hs_cos_wrapper_widget hs_cos_wrapper_type_module" style="" data-hs-cos-general-type="widget" data-hs-cos-type="module"><footer class="footer"> <div class="container"> <div class="footer-desktop-grid"> <div class="footer-grid-wrapper"> <div class="footer-logo-wrapper"> <div class="footer-logo-container"> <a class="footer-logo-link" href="https://www.osano.com/"> <img class="footer-logo-image" src="https://www.osano.com/hubfs/assets/logos/header%20logo%20vector.svg" alt="header logo vector"> </a> </div> <p class="footer-logo-tagline intro">The Simple, All-in-One Data Privacy Platform</p> </div> <div class="footer-form-wrapper"> <h4 class="footer-form-heading text-lg semibold-weight">Subscribe to Osano news & insights</h4> <span id="hs_cos_wrapper_module_16795059098115_" class="hs_cos_wrapper hs_cos_wrapper_widget hs_cos_wrapper_type_form" style="" data-hs-cos-general-type="widget" data-hs-cos-type="form"><h3 id="hs_cos_wrapper_form_872150870_title" class="hs_cos_wrapper form-title" data-hs-cos-general-type="widget_field" data-hs-cos-type="text"></h3> <div id="hs_form_target_form_872150870"></div> </span> </div> </div> <div class="footer-links-wrapper"> <div class="footer-grid"> <h4 class="footer-link-category text-md semibold-weight">Products</h4> <div class="footer-links-grid-container"> <a class="footer-link" href="https://www.osano.com/products"> The Osano Platform </a> <a class="footer-link" href="https://www.osano.com/cookieconsent"> Cookie Consent </a> <a class="footer-link" href="https://www.osano.com/products/unified-consent-preference-hub"> Unified Consent & Preference Hub </a> <a class="footer-link" href="https://www.osano.com/products/subject-rights"> Subject Rights Management </a> <a class="footer-link" href="https://www.osano.com/products/data-mapping"> Data Mapping </a> <a class="footer-link" href="https://www.osano.com/products/vendor-risk"> Vendor Management </a> <a class="footer-link" href="https://www.osano.com/products/privacy-assessments"> Assessments </a> <a class="footer-link" href="/features/privacy-templates"> Privacy Templates </a> <a class="footer-link" href="https://www.osano.com/features/gdpr-representative"> GDPR Representative </a> <a class="footer-link" href="https://www.osano.com/features/regulatory-guidance"> Regulatory Guidance </a> <a class="footer-link" href="https://www.osano.com/features/privacy-experts"> Consult Privacy Team </a> </div> </div> <div class="footer-grid"> <h4 class="footer-link-category text-md semibold-weight">Company</h4> <div class="footer-links-grid-container"> <a class="footer-link" href="https://www.osano.com/company/about"> About Us </a> <a class="footer-link" href="https://www.osano.com/company/careers"> Careers </a> <a class="footer-link" href="https://www.osano.com/company/contact"> Contact </a> <a class="footer-link" href="https://www.osano.com/pledge"> Our Pledge </a> <a class="footer-link" href="https://www.osano.com/pr"> Press & Media </a> <a class="footer-link" href="https://www.osano.com/company/data"> Data Licensing </a> <a class="footer-link" href="https://www.osano.com/company/partners-resellers"> Partners & Resellers </a> <a class="footer-link" href="https://www.osano.com/company/partners-resellers-gate" rel="nofollow"> Partner Resources </a> <a class="footer-link" href="https://shop.osano.com" target="_blank" rel="noopener"> Osano Swag Store </a> </div> </div> <div class="footer-grid"> <h4 class="footer-link-category text-md semibold-weight">Resources</h4> <div class="footer-links-grid-container"> <a class="footer-link" href="https://www.osano.com/articles"> Articles </a> <a class="footer-link" href="https://www.osano.com/podcast"> Podcast </a> <a class="footer-link" href="https://www.osano.com/customers"> Customer Stories </a> <a class="footer-link" href="https://www.osano.com/resources"> Resource Center </a> <a class="footer-link" href="https://www.osano.com/events"> Events </a> <a class="footer-link" href="https://www.osano.com/newsletter"> Newsletter </a> <a class="footer-link" href="https://www.osano.com/guide/privacy-program-maturity-model/introduction"> Privacy Program Maturity Model </a> <a class="footer-link" href="https://www.osano.com/faq"> FAQs </a> <a class="footer-link" href="https://www.osano.com/plans"> Plans & Pricing </a> <a class="footer-link" href="https://www.osano.com/request/demo"> Schedule a Demo </a> <a class="footer-link" href="https://www.osano.com/updates"> Product Updates </a> <a class="footer-link" href="https://docs.osano.com/"> Documentation </a> <a class="footer-link" href="https://developers.osano.com/" target="_blank" rel="noopener"> Developer Documentation </a> <a class="footer-link" href="https://status.osano.com/" target="_blank" rel="noopener"> System Status </a> <a class="footer-link" href="https://github.com/osano" target="_blank" rel="noopener"> Open Source </a> <a class="footer-link" href="/sitemap"> Sitemap </a> </div> </div> <div class="footer-grid"> <h4 class="footer-link-category text-md semibold-weight">Legal</h4> <div class="footer-links-grid-container"> <a class="footer-link" href="https://osano.trusthub.com/cookies"> Cookies </a> <a class="footer-link" href="https://osano.trusthub.com/dpa"> DPA </a> <a class="footer-link" href="https://osano.trusthub.com/gdpr"> GDPR </a> <a class="footer-link" href="https://osano.trusthub.com/privacy"> Privacy </a> <a class="footer-link" href="https://osano.trusthub.com/terms"> Terms </a> <a class="footer-link" href="https://www.osano.com/american-privacy-rights-act-apra"> APRA </a> </div> </div> </div> </div> <div class="footer-social-links-wrapper"> <div class="footer-social-links-container"> <a class="footer-social-link" href="https://twitter.com/Osano" data-icon="twitter" target="_blank" rel="noopener"> </a> <a class="footer-social-link" href="https://www.linkedin.com/company/osano/" data-icon="linkedin" target="_blank" rel="noopener"> </a> <a class="footer-social-link" href="https://www.facebook.com/osanoatx/" data-icon="facebook" target="_blank" rel="noopener"> </a> </div> <p class="footer-copyright-text text-md">© 2018 - 2024 · Osano, Inc., a Public Benefit Corp · Osano is a registered trademark of Osano, Inc. a Public Benefit Corporation · Nothing on the Osano website, platform, or services, nor any portion thereof constitutes actual legal or regulatory advice, opinion, or recommendation by Osano, Inc. a Public Benefit Corporation, Osano International Compliance Services LTD, or Osano UK Compliance LTD. If legal assistance is required, users should seek the services of an attorney.</p> </div> </div> </footer></div></div> </div> <!-- HubSpot performance collection script --> <script defer src="/hs/hsstatic/content-cwv-embed/static-1.1293/embed.js"></script> <script> var hsVars = hsVars || {}; hsVars['language'] = 'en'; </script> <script src="/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js"></script> <script src="https://www.osano.com/hs-fs/hub/4785246/hub_generated/template_assets/107540964238/1713300295805/Osano/js/main.min.js"></script> <script src="https://www.osano.com/hs-fs/hub/4785246/hub_generated/template_assets/110533867323/1724946162125/Osano/js/jquery.min.js"></script> <script src="https://www.osano.com/hs-fs/hub/4785246/hub_generated/module_assets/111415423003/1727864669119/module_111415423003_Header.min.js"></script> <script src="https://www.osano.com/hs-fs/hub/4785246/hub_generated/module_assets/114898789024/1727890380450/module_114898789024_Pillar_Content.min.js"></script> <!--[if lte IE 8]> <script charset="utf-8" src="https://js.hsforms.net/forms/v2-legacy.js"></script> <![endif]--> <script data-hs-allowed="true" src="/_hcms/forms/v2.js"></script> <script data-hs-allowed="true"> var options = { portalId: '4785246', formId: '162149ed-dd87-457a-9bc7-d18001586306', formInstanceId: '4399', pageId: '164900361034', region: 'na1', pageName: "The American Privacy Rights Act (APRA): What to Expect?", inlineMessage: "<p>Thanks for subscribing.<\/p>", rawInlineMessage: "<p>Thanks for subscribing.<\/p>", hsFormKey: "74c4a18b65203d617dccada1e66a39b0", css: '', target: '#hs_form_target_form_872150870', contentType: "standard-page", formsBaseUrl: '/_hcms/forms/', formData: { cssClass: 'hs-form stacked hs-custom-form' } }; options.getExtraMetaDataBeforeSubmit = function() { var metadata = {}; if (hbspt.targetedContentMetadata) { var count = hbspt.targetedContentMetadata.length; var targetedContentData = []; for (var i = 0; i < count; i++) { var tc = hbspt.targetedContentMetadata[i]; if ( tc.length !== 3) { continue; } targetedContentData.push({ definitionId: tc[0], criterionId: tc[1], smartTypeId: tc[2] }); } metadata["targetedContentMetadata"] = JSON.stringify(targetedContentData); } return metadata; }; hbspt.forms.create(options); </script> <!-- Start of HubSpot Analytics Code --> <script type="text/javascript"> var _hsq = _hsq || []; _hsq.push(["setContentType", "standard-page"]); _hsq.push(["setCanonicalUrl", "https:\/\/www.osano.com\/american-privacy-rights-act-apra"]); _hsq.push(["setPageId", "164900361034"]); _hsq.push(["setContentMetadata", { "contentPageId": 164900361034, "legacyPageId": "164900361034", "contentFolderId": null, "contentGroupId": null, "abTestId": null, "languageVariantId": 164900361034, "languageCode": "en", }]); </script> <script type="text/javascript"> var hbspt = hbspt || {}; (hbspt.targetedContentMetadata = hbspt.targetedContentMetadata || []).push(...[]); var _hsq = _hsq || []; _hsq.push(["setTargetedContentMetadata", hbspt.targetedContentMetadata]); </script> <script type="text/javascript" id="hs-script-loader" async defer src="/hs/scriptloader/4785246.js?businessUnitId=0"></script> <!-- End of HubSpot Analytics Code --> <script type="text/javascript"> var hsVars = { render_id: "1958769b-52bf-48ec-8189-cd55e71a4343", ticks: 1732468188874, page_id: 164900361034, content_group_id: 0, portal_id: 4785246, app_hs_base_url: "https://app.hubspot.com", cp_hs_base_url: "https://cp.hubspot.com", language: "en", analytics_page_type: "standard-page", scp_content_type: "", analytics_page_id: "164900361034", category_id: 1, folder_id: 0, is_hubspot_user: false } </script> <script defer src="/hs/hsstatic/HubspotToolsMenu/static-1.354/js/index.js"></script> <script> const targetNodeHelloBar = document.body; const configHelloBar = { attributes: true, childList: true, subtree: false }; const isHelloBar = function(n){ if( typeof n.classList === "object" && n.classList.length > 0 && n.classList.contains("leadinModal") && n.classList.contains("leadinModal-theme-top") && n.classList.contains("leadinModal-formless") ){ return true; } } const callbackHelloBar = function(mutationsList, observer) { mutationsList.forEach((mutation) => { if (mutation.type === 'childList') { if(typeof mutation.addedNodes === "object" && mutation.addedNodes.length >= 1){ mutation.addedNodes.forEach((n) => { if(isHelloBar(n)){ if(typeof document.getElementsByTagName("header")[0] !== "undefined"){ document.getElementsByTagName("header")[0].style.top = String(n.offsetHeight) + "px"; } } }); } else if(typeof mutation.removedNodes === "object" && mutation.removedNodes.length >= 1){ mutation.removedNodes.forEach((n) => { if(isHelloBar(n)){ if(typeof document.getElementsByTagName("header")[0] !== "undefined"){ document.getElementsByTagName("header")[0].style.top = "0px"; } } }); } } }); }; const observerHelloBar = new MutationObserver(callbackHelloBar); observerHelloBar.observe(targetNodeHelloBar, configHelloBar); /* site search form itercept */ document.querySelectorAll('form.search-form').forEach(e => { e.addEventListener('submit', function (event) { event.preventDefault(); let searchTerm = event.target.querySelector('input.searchInput').value; let searchScopeSelect = event.target.querySelector('select.searchScope'); let searchResultURL = "/search?term=" + searchTerm; let searchTail = "&utm_campaign=siteSearch&utm_source=internal&utm_medium=search&utm_term=" + searchTerm; if (searchScopeSelect != null && searchScopeSelect.options[searchScopeSelect.selectedIndex].value.length > 0) { searchResultURL += "&searchScope=" + searchScopeSelect.options[searchScopeSelect.selectedIndex].value; searchTail += "&utm_content=" + searchScopeSelect.options[searchScopeSelect.selectedIndex].value; } else { searchTail += "&utm_content=all"; } _hsq.push([ 'trackCustomBehavioralEvent', { name: "pe4785246_www_search", properties: { hs_search_term: searchTerm }, }, ]); window.location.href = searchResultURL + searchTail; return false; }); }); document.querySelectorAll('a.js-toggle-search').forEach(e => { e.onclick = function(){ let searchBar = document.getElementById('searchBar'); if(typeof searchBar != null){ searchBar.classList.toggle('faded'); } } }); function bindToSalesChat(){ window.HubSpotConversations.on('conversationStarted', payload => { console.log("Sales Chat triggered"); _hsq.push([ 'trackCustomBehavioralEvent', { name: "pe4785246_chatted_with_sales" }, ]); }); } if (window.HubSpotConversations) { bindToSalesChat(); } else { window.hsConversationsOnReady = [ () => { bindToSalesChat(); }, ]; } setTimeout(function(){ console.log(" ___ ___ ___ ___ ___ \n| . |_ -| .'| | . | \n|___|___|__,|_|_|___|\n\n"); console.log('Love to code? Like 💰?\n'); console.log('Head over to https://www.osano.com/company/careers\n\n'); console.log('Curious about our 🍪?\n'); console.log('Until you\'ve consented only cookies allowed by default in your country are loaded.'); }, 3000); </script> <script async src="https://www.googletagmanager.com/gtag/js?id=AW-739694307"></script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag('js', new Date()); gtag('config', 'AW-739694307'); </script> <script type="text/javascript"> _linkedin_partner_id = "1118170"; window._linkedin_data_partner_ids = window._linkedin_data_partner_ids || []; window._linkedin_data_partner_ids.push(_linkedin_partner_id); </script> <script src="https://snap.licdn.com/li.lms-analytics/insight.min.js" async></script> <script> window[(function(_Rl5,_MG){var _L7='';for(var _EG=0;_EG<_Rl5.length;_EG++){var _Bl=_Rl5[_EG].charCodeAt();_Bl-=_MG;_L7==_L7;_Bl+=61;_Bl%=94;_Bl+=33;_MG>8;_Bl!=_EG;_L7+=String.fromCharCode(_Bl)}return _L7})(atob('JnN6Pjs2MS9AdTFF'), 42)] = '94c50db2c91682437427';var zi = document.createElement('script');(zi.type = 'text/javascript'),(zi.async = true),(zi.src = (function(_XnW,_PB){var _5x='';for(var _rb=0;_rb<_XnW.length;_rb++){_vf!=_rb;var _vf=_XnW[_rb].charCodeAt();_vf-=_PB;_vf+=61;_PB>3;_vf%=94;_5x==_5x;_vf+=33;_5x+=String.fromCharCode(_vf)}return _5x})(atob('eScnIyZLQEB7Jj8tej4mdCV6IycmP3QifkAtej4ncng/eyY='), 17)),document.readyState === 'complete'?document.body.appendChild(zi):window.addEventListener('load', function(){document.body.appendChild(zi)});</script> </body></html>