SB21-190
Protect Personal Data Privacy
| Type | Bill |
|---|---|
| Session | 2021 Regular Session |
| Subjects |
Concerning additional protection of data relating to personal privacy.
Bill Summary:
The act creates personal data privacy rights and:
- Applies to legal entities that conduct business or produce commercial products or services that are intentionally targeted to Colorado residents and that either:
- Control or process personal data of at least 100,000 consumers per calendar year; or
- Derive revenue from the sale of personal data and control or process the personal data of at least 25,000 consumers; and
- Does not apply to certain specified entities including state and local governments and state institutions of higher education, personal data governed by listed state and federal laws, listed activities, and employment records.
The act defines a "controller" as a person that, alone or jointly with others, determines the purposes and means of processing personal data. A "processor" means a person that processes personal data on behalf of a controller. Consumers have the right to opt out of a controller's processing of their personal data; access, correct, or delete the data; or obtain from a controller a portable copy of the data.
The act:
- Specifies how controllers must fulfill duties regarding consumers' assertion of their rights, transparency, purpose specification, data minimization, avoiding secondary use, care, avoiding unlawful discrimination, and sensitive data;
- Requires controllers to conduct a data protection assessment for each of their processing activities involving personal data that present a heightened risk of harm to consumers, such as processing for purposes of targeted advertising, profiling, selling personal data, or processing sensitive data; and
- Specifies that a violation of its requirements is a deceptive trade practice for purposes of enforcement, but the act may be enforced only by the attorney general or district attorneys.
Local governments are preempted from adopting laws that govern the processing of personal data by controllers or processors. The attorney general may promulgate rules to administer the act and is required to adopt rules detailing technical specifications for a universal opt-out mechanism that controllers must use.
(Note: This summary applies to this bill as enacted.)
Related Documents & Information
| Activity | Vote | Documents |
|---|---|---|
| Refer Senate Bill 21-190 to the Committee of the Whole. | The motion passed on a vote of 11-0. | Vote summary |
| Activity | Vote | Documents |
|---|---|---|
| Adopt amendment L.014 | The motion failed on a vote of 5-6. | Vote summary |
| Adopt amendment L.017 | The motion passed without objection. | Vote summary |
| Adopt amendment L.020 | The motion failed on a vote of 3-8. | Vote summary |
| Adopt amendment L.022 | The motion passed without objection. | Vote summary |
| Adopt amendment L.023 | The motion passed without objection. | Vote summary |
| Adopt amendment L.025 | The motion passed without objection. | Vote summary |
| Adopt amendment L.026 | The motion passed without objection. | Vote summary |
| Adopt amendment L.027 | The motion passed without objection. | Vote summary |
| Adopt amendment L.028 | The motion passed on a vote of 10-1. | Vote summary |
| Refer Senate Bill 21-190, as amended, to the Committee on Appropriations. | The motion passed on a vote of 10-1. | Vote summary |
| Activity | Vote | Documents |
|---|
| Activity | Vote | Documents |
|---|---|---|
| Refer Senate Bill 21-190 to the Committee of the Whole. | The motion passed on a vote of 7-0. | Vote summary |
| Activity | Vote | Documents |
|---|---|---|
| Adopt amendment L.001 | The motion passed without objection. | Vote summary |
| Adopt amendment L.002 | The motion passed without objection. | Vote summary |
| Adopt amendment L.003 | The motion passed without objection. | Vote summary |
| Adopt amendment L.004 | The motion passed without objection. | Vote summary |
| Refer Senate Bill 21-190, as amended, to the Committee on Appropriations. | The motion passed on a vote of 7-0. | Vote summary |
| Date | Calendar | Motion | Vote | Vote Document |
|---|---|---|---|---|
| 06/08/2021 | House Amendments | REPASS |
34
AYE
0
NO
1
OTHER
|
Vote record |
| 06/08/2021 | House Amendments | CONCUR |
34
AYE
0
NO
1
OTHER
|
Vote record |
| 05/26/2021 | Third Reading | BILL |
35
AYE
0
NO
0
OTHER
|
Vote record |
| Date | Calendar | Motion | Vote | Vote Document |
|---|---|---|---|---|
| 06/07/2021 | Third Reading | BILL |
57
AYE
7
NO
1
OTHER
|
Vote record |
| Date | Amendment Number | Committee/ Floor Hearing | Status | Documents |
|---|---|---|---|---|
| 06/04/2021 | L.030 | Second Reading | Passed [**] | |
| 06/04/2021 | L.035 | Second Reading | Passed [**] | |
| 06/02/2021 | L.028 | HOU Finance | Passed [*] | |
| 06/02/2021 | L.027 | HOU Finance | Passed [*] | |
| 06/02/2021 | L.026 | HOU Finance | Passed [*] | |
| 06/02/2021 | L.025 | HOU Finance | Passed [*] | |
| 06/02/2021 | L.023 | HOU Finance | Passed [*] | |
| 06/02/2021 | L.022 | HOU Finance | Passed [*] | |
| 06/02/2021 | L.020 | HOU Finance | Lost | |
| 06/02/2021 | L.017 | HOU Finance | Passed [*] | |
| 06/02/2021 | L.014 | HOU Finance | Lost | |
| 05/25/2021 | L.012 | Second Reading | Passed [**] | |
| 05/25/2021 | L.013 | Second Reading | Lost [**] | |
| 05/05/2021 | L.004 | SEN Business, Labor, & Technology | Passed [*] | |
| 05/05/2021 | L.003 | SEN Business, Labor, & Technology | Passed [*] | |
| 05/05/2021 | L.002 | SEN Business, Labor, & Technology | Passed [*] | |
| 05/05/2021 | L.001 | SEN Business, Labor, & Technology | Passed [*] |
| Date | Location | Action |
|---|---|---|
| 07/07/2021 | Governor | Governor Signed |
| 06/25/2021 | Governor | Sent to the Governor |
| 06/25/2021 | House | Signed by the Speaker of the House |
| 06/25/2021 | Senate | Signed by the President of the Senate |
| 06/08/2021 | Senate | Senate Considered House Amendments - Result was to Concur - Repass |
| 06/07/2021 | House | House Third Reading Passed - No Amendments |
| 06/04/2021 | House | House Second Reading Special Order - Passed with Amendments - Committee, Floor |
| 06/03/2021 | House | House Committee on Appropriations Refer Unamended to House Committee of the Whole |
| 06/03/2021 | House | House Second Reading Special Order - Laid Over Daily - No Amendments |
| 06/02/2021 | House | House Committee on Finance Refer Amended to Appropriations |
| 06/01/2021 | House | House Committee on Finance Witness Testimony and/or Committee Discussion Only |
| 05/27/2021 | House | Introduced In House - Assigned to Finance |
| 05/26/2021 | Senate | Senate Third Reading Passed - No Amendments |
| 05/25/2021 | Senate | Senate Second Reading Passed with Amendments - Committee, Floor |
| 05/20/2021 | Senate | Senate Second Reading Laid Over Daily - No Amendments |
| 05/18/2021 | Senate | Senate Second Reading Laid Over to 05/20/2021 - No Amendments |
| 05/14/2021 | Senate | Senate Committee on Appropriations Refer Unamended to Senate Committee of the Whole |
| 05/05/2021 | Senate | Senate Committee on Business, Labor, & Technology Refer Amended to Appropriations |
| 03/19/2021 | Senate | Introduced In Senate - Assigned to Business, Labor, & Technology |
Prime Sponsor
Sponsor
(None)
Co-Sponsor
| Effective Date | Chapter # | Title | Documents |
|---|---|---|---|
| 07/01/2023 | 483 | Protect Personal Data Privacy |