Over the past three months, in the absence of a comprehensive federal consumer data privacy law, eight U.S. states have grabbed the reins and passed their own laws: Iowa, Indiana, Tennessee, Florida, Montana, Texas, Oregon and Delaware. With insights from partners at Nixon Peabody, Squire Patton Boggs and Husch Blackwell, this first installment of a two-part article series discusses the key provisions and definitions in the first six of the new laws to be enacted and provides recommended privacy program measures for companies operating in multiple states. Part two will focus on the most recent additions, Oregon and Delaware, including some of their unique provisions, and will also address enforcement trends. See our four‑part series on a roadmap for building an efficient global privacy program: “Organizational Structure” (May 4, 2022), “Scope and Prioritization” (May 11, 2022), “Buy-In, Scalability and Outside Resources” (May 18, 2022), and “Maintenance” (Jun. 1, 2022).