For many companies, keeping pace with the nationwide patchwork of ever-changing data privacy compliance requirements has been overwhelming. Adding to the mix, Connecticut and Oregon recently joined Montana, Utah, Virginia and Colorado as part of the handful of states that have made major revisions to their comprehensive data privacy laws in 2025. This first installment of a two-part article series, with insights from McDermott Will & Emery, Hintze Law, Reed Smith and Orrick, covers the latest amendments’ broader threshold and scope, new and expanded definitions of key terms, and enhanced consumer protections. Part two will discuss a new and unique impact assessment obligation, privacy notice requirements, prohibitions on the sale of certain data types, and heightened protections for children and minors. It also will offer practical compliance measures that companies should consider taking before the revised provisions go into effect. See “Connecticut AG’s Report Reveals Privacy Enforcers Reaching Deeper Into Their State Laws” (Apr. 30, 2025).