▼ CLICK BELOW TO EXPLORE ▼
A DECADE+ OF STORYTELLING POWERED BY THE BEST WRITERS ON THE PLANET

BE PART OF THE LEGACY

TAMPA BAY • FEBRUARY 23-24 2026

This FINAL encore experience will be unlike any other. Because like everything we do, it's been "reimagined" from beginning to end. It's not a virtual or hybrid event. It's not a conference. It's not a seminar, a workshop, a meeting, or a symposium. And it's not your typical run-of-the-mill everyday event crammed with stages, keynote speeches, team-building exercises, PowerPoint presentations, and all the other conventional humdrum. Because it's up close & personal by design. Where conversation trumps presentation. And where authentic connection runs deep.

Why Big Tech Backs Virginia’s New Privacy Bill

–Featuring Special Guest Author Heinrich Long

Last month, Virginia became just the second state in the US to pass a bill that is specifically designed to protect consumer data. Virginia’s Consumer Data Protection Act follows California’s CCPA, but also has significant differences. That’s because the law has been drafted with a good deal of input from tech firms, an aspect which – critics say – undermines the purpose of the act.

In this article, we’ll take a look at the new bill, whether the criticisms made of it are justified, and what it means for the ongoing debate about homeland security vs. data privacy.

Business First

Perhaps the most notable feature of Virginia’s new bill, especially in comparison to similar bills that are slowly crawling through state and federal legislatures, was how quickly it passed. Gov. Ralph Northam, when signing the bill into law, explicitly noted this point, and said that the fact that Virginia was able to pass such significant legislation without a major fight is a testament to the quality of the bill. Specifically, he said, the fact that the bill protected tech companies from a flood of data-related lawsuits meant that lawmakers were more comfortable giving it their approval.

That is very likely the case. The bill, unlike similar legislation in California and elsewhere, was drafted in consultation with industry bodies. This means that it offers tech companies more protection, and more leeway, than similar proposed legislation elsewhere. It’s no surprise, therefore, that the Future of Privacy Forum, a data privacy think tank supported by corporate benefactors such as Google, Amazon, Facebook and Twitter, hailed the passage of the Virginia bill as a “significant milestone” on what is quickly becoming a national issue.

For their part, Virginia lawmakers stress that they were keen to pass a law that was friendly not just to business interests but to other large employers in the state. An estimated 70 percent of internet traffic flows through servers in Virginia, because the state contains the headquarters of the CIA, and therefore hosts much of the infrastructure that powers the various global spy alliances. That makes incorporating strong data privacy in the law pretty difficult.

The Bill

The bill takes, as its starting point, similar legislation that has been passed both in Europe (the GDPR) and California (the CCPA). It first defines “personal data” as “any information that is linked or reasonably linkable to an identified or identifiable natural person,” and then grants Virginia consumers rights in relation to this data. Specifically, they can request access to their data and require that it be corrected or deleted.

There are, however, a number of caveats.

The law only applies to companies that keep data on more than 100,000 consumers in a given year or those that make a significant proportion of their income from buying and selling data. In addition, certain types of data are excluded, including data dealing with health care, creditworthiness, driver’s licenses and education.

The most striking limitation of the law, however, is that it places the sole responsibility for ensuring compliance with the Virginia Attorney General’s Office. The office can levy fines on companies which break the provisions of the act, but its powers are quite limited. The office must give companies 30 days notice that it plans to impose a fine. In that time the company can halt any court action by giving the attorney general’s office a written statement promising the violation(s) have been addressed and no more law-breaking will occur. The attorney general’s office could only proceed with enforcement if the company still fails to comply.

Most problematic of all is the fact that entrusting enforcement to the Attorney General’s Office shields companies from being sued. Consumers who believe their rights have been violated will merely have the right to raise the issue with the attorney general – they will not be able to sue the company directly.

The Future

This last aspect of the act – which protects tech firms from court cases – is likely the reason why it has gained such wide support. It might also spell the downfall of the act, however, because even legislators who recently approved the bill are already saying that it doesn’t go far enough.

Specifically, in a world where few actually read privacy policies, some Senators are pointing out that the public might be disappointed with the act that has been passed with so much congratulatory back-slapping. Sen. Scott Surovell (D-Fairfax) warned colleagues directly that they might face questions about why they had limited consumer power under the act.

He said, “Data is property relating to you. And if anybody should have a right to do something about it, it’s the person who is generating the information.” He went on: “The only person who can fight for your rights under this is the attorney general. And I just believe that’s fundamentally wrong.”

A Final Word

Policymakers and tech analysts are waiting to see how these debates play out, not least because the Virginia law has been mentioned as a potential template for a national privacy law. The fight – between individual privacy rights and the business priorities of tech companies – is just beginning, and both experts and public sentiment are still a long way from agreement.

In other words, watch this space, because the future of data privacy just might be decided in Virginia in the next couple of years.


Author Bio: Heinrich Long was born in a small town in the Midwest before setting sail for offshore destinations. Although he long chafed at the global loss of digital privacy, after Edward Snowden’s revelations in 2013, Heinrich realized it was long past time to join the fight. Heinrich enjoys traveling the world, while also keeping his location secret and digital tracks covered.

BIZCATALYST 360°
BIZCATALYST 360°https://www.bizcatalyst360.com/about/
WE ARE THE AWARD-WINNING PUBLISHING DIVISION OF 360° NATION —PRESENTING OUR LIFE, CULTURE, AND BIZ MULTIMEDIA DIGEST AS A HUB OF CREATIVE EXPRESSION AND PERSONAL GROWTH. WITH AN EMPHASIS ON ACTION, OUR VAST GLOBAL CONTRIBUTOR COMMUNITY EMPOWERS PEOPLE TO TRANSITION FROM KNOWING WHAT TO DO TO ACTUALLY DOING IT —ALL COMPLEMENTED BY SYNDICATION RELATIONSHIPS WITH A CHOICE GROUP OF EQUALLY INNOVATIVE MEDIA OUTLETS. TODAY AND EVERY DAY, WE SIMPLY DELIVER THE VERY BEST INSIGHTS, INTELLIGENCE, AND INSPIRATION AVAILABLE ANYWHERE —DOING IT OUR WAY BY PLACING OUR WRITERS AND OUR AUDIENCE AT THE FOREFRONT. IT'S MAGICAL. IT'S EVERGREEN. AND QUITE FRANKLY, IT'S JUST GOOD STUFF. PERIOD.

DO YOU HAVE THE "WRITE" STUFF? If you’re ready to share your wisdom of experience, we’re ready to share it with our massive global audience – by giving you the opportunity to become a published Contributor on our award-winning Site with (your own byline). And who knows? – it may be your first step in discovering your “hidden Hemmingway”. LEARN MORE HERE


RECIPIENT OF THE 2024 "MOST COMPREHENSIVE LIFE & CULTURE MULTIMEDIA DIGEST" AWARD

WE ARE NOW FEATURED ON

EXPLORE 360° NATION

ENJOY OUR FREE EVENTS

OUR COMMUNITIES