State Privacy Laws Adding ‘Layers of Complexity to Compliance’: Vizio
The “regulatory framework” for data protection, privacy and information security is “evolving rapidly,” said Vizio’s 10-K annual report Thursday at the SEC. The California Consumer Privacy Act (CCPA) “prompted a number of proposals for federal and state privacy legislation,” it said. Virginia enacted the Virginia Consumer Data Protection Act (CDPA) March 2 and Colorado enacted the Colorado Privacy Act (CPA) July 7, “both of which are comprehensive privacy statutes that share similarities” with the CCPA and legislation proposed in other states, it said. “The CDPA and CPA will require us to incur additional costs and expenses in an effort to comply with these new laws before they become effective” Jan. 1, 2023, and July 1, 2023, respectively, it said. “The CDPA, CPA, and any other state or federal legislation that is passed, could increase our potential liability, add layers of complexity to compliance in the U.S. market, increase our compliance costs and adversely affect our business.” At least three states’ privacy bills appeared to fail last week as legislators struggled to reach agreement before their sessions ended (see 2203100062). Vizio settled with the FTC in 2017 over allegations the smart TV vendor collected viewing data on 11 million consumers without their consent or knowledge (see 1702080029). Vizio's "obligations" under the FTC settlement agreement remain in effect through 2037, said the 10-K.