Loading
Loading
Your feedback directly shapes Sporos.
Sign in to track your feedback history
Regulation of data brokers; civil penalties. Prohibits a person from acquiring personally identifiable information, defined in the bill, through fraudulent means or acquiring and using such information for the purpose of (i) stalking or harassing another person; (ii) committing a fraud, including identity theft, financial fraud, or email fraud; or (iii) engaging in unlawful discrimination, including employment discrimination or housing discrimination. The bill requires a data broker, defined in the bill, to develop, implement, and maintain a comprehensive information security program that includes certain features and technical elements. The bill also requires a data broker operating in the Commonwealth, beginning on December 1, 2027, and annually thereafter, to register with the Secretary of the Commonwealth. The bill provides that a violation of its provisions constitutes a prohibited practice under the Virginia Consumer Protection Act. The bill has a delayed effective date of July 1, 2027.
Introduced
Jan 13, 2026
Last Action
Feb 9, 2026
Session
VA 2026
Sponsors
1 primary · 2 co
Continued to next session in Communications, Technology and Innovation (Voice Vote)
House subcommittee offered
Subcommittee recommends continuing to (Voice Vote)
Assigned HST sub: Technology and Innovation
Prefiled and ordered printed; Offered 01-14-2026 26105301D
Referred to Committee on Communications, Technology and Innovation
Get a plain-English explanation of what this bill does, who it affects, and why it matters.
Continued to next session in Communications, Technology and Innovation (Voice Vote)
Michelle Lopes Maldonado
Bonita G. Anthony
Rozia A. Henson, Jr.