U.S. state privacy enforcement is increasing as several laws took effect on January 1, 2026. New California regulations
under the CCPA expand requirements for automated decision-making tech, risk assessments, and cybersecurity
audits, and launch the DROP data broker deletion/opt-out platform. Comprehensive privacy laws in Indiana, Kentucky,
and Rhode Island also began, bringing data subject rights, impact assessments, and opt-out rules. Oregon’s privacy
updates and phased implementations further broaden state-level obligations.

Read More Here