Washington State is working towards the passage of a new privacy law.
Industry likes it.
The ACLU doesn't.
Reading through the actual proposed bill is tedious, but it does have a lot of GDPR-like aspects to it. Unfortunately, it also has lots and lots of wiggle room for corporations who want to avoid provisions for correcting or deleting data they hold (including a wonderful mention of needing info for "legal defense" reasons, which I suspect can be used to invalidate just about any request in the good old United States of Litigiosity).
Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413
This message may or may not be governed by the terms of