If Iowa Governor Kim Reynolds signs Senate File (SF) 262, the Hawkeye State will become the sixth state to adopt a comprehensive consumer privacy law. Iowa’s House and Senate have both passed Senate File 262 unanimously. If approved, SF 262 will go into effect January 1, 2025.
The potential addition of another state privacy law to those that are already on the books in California, Colorado, Connecticut, Utah, and Virginia is significant in its own right. However, SF 262 doesn’t provide any novel rights for consumers or requirements on companies. Rather, it stays within the boundaries established by other state privacy laws and closely resembles the Utah Consumer Privacy Act (UCPA), with a few additional business-friendly terms.
Broad Exemptions and Limited Controller Duties. SF 262 would provide consumers a rights to confirm processing of personal data; obtain a copy of personal data; delete personal data provided by the consumer; and opt-out of the Sale of personal data and Targeted Advertising.