July 26, 2023
Legaltech News
Currently, there is not one federal law that governs data privacy in the United States. Instead, individual states have passed their own legislation in hopes of providing a comprehensive regulation of data. Oregon and Delaware have now entered the arena by recently passing their own state data privacy laws.
While the two laws have commonalities with the states that came before them, the key difference with Oregon and Delaware is that they have broadened definitions of sensitive data including what constitutes a sale.
“It might demonstrate a maturity of legislatures and oversight organizations in understanding how these laws will work in application,” Finnegan partner and leader of the firm’s privacy practice Lynn Parker Dupree told LegalTech News. “They’ve had some examples of other states passing laws, being able to see from their successes and from their areas of opportunity, where they might want to draft their laws differently. And I think for oversight bodies or enforcement bodies, they want to make sure that they aren’t leaving loopholes.”
The expansion of terms in Delaware’s law for instance, now includes genetic data that adds a new level of detail. Lynn said that “Delaware’s definition of genetic data is also very broad and … very clearly [explains] the gamut of genetic data in a way that I don’t think I have seen in any other law.”
Read “Oregon, Delaware Join Data Privacy Law Patchwork, With Expanded Definitions of Sensitive Data”
Commentary
May 20, 2026
Award/Ranking
Finnegan Partner Antje Brambrink Shortlisted for Women in Business Law EMEA Award
May 13, 2026
Commentary
What xAI’s Challenge to California’s Generative AI Disclosure Law Means for Trade Secrets
January 6, 2026
Due to international data regulations, we’ve updated our privacy policy. Click here to read our privacy policy in full.