Following in the footsteps of California, members of the Washington state legislature introduced the Washington Privacy Act (“WPA”) last month, which would regulate businesses that collect, use, and share the personal data of Washington residents. The WPA is modeled largely on the European Union’s General Data Protection Regulation (“GDPR”) rather than the California Consumer Privacy Act (“CCPA”) and thus would further complicate the landscape for companies doing business in the United States.

The WPA is subject to amendment, and if it passes, may very well look different. Below we provide a summary of key provisions of the bill as introduced.

Read the full analysis here.