A series of bad headlines about location data revealing individuals’ visits to abortion clinics, gun shops and addiction recovery facilities have made companies hesitant to use precise location data. Companies also face a compliance puzzle from the five state privacy laws, which diverge on their obligations, and a voluntary new standard that instructs sellers of location data to remove 13 types of sensitive locations. This article, the second of a two-part series, examines new legal requirements, looks at the potential impact of the new standard among companies and regulators, and provides compliance insights for companies seeking to use location data. Part one examined two enforcement actions addressing location data. See “Recent FTC Cases Highlight Evolving Regulatory Expectations in the Use of Multi-Factor Authentication” (Dec. 14, 2022).