New Hampshire Privacy Act: 101 – What You Need to Know
New Hampshire became the 15th US state to enact consumer privacy legislation when Governor Chris Sununu signed Senate Bill 255…
Scott Dooley
Scott Dooley is a seasoned entrepreneur and data protection expert with over 15 years of experience in the tech industry. As the founder of Measured Collective and Kahunam, Scott has dedicated his career to helping businesses navigate the complex landscape of data privacy and GDPR compliance.
With a background in marketing and web development, Scott brings a unique perspective to data protection issues, understanding both the technical and business implications of privacy regulations. His expertise spans from cookie compliance to implementing privacy-by-design principles in software development.
Scott is passionate about demystifying GDPR and making data protection accessible to businesses of all sizes. Through his blog, he shares practical insights, best practices, and the latest developments in data privacy law, helping readers stay informed and compliant in an ever-changing regulatory environment.
New Jersey Data Protection Act: 101 – What You Need to Know
New Jersey enacted its Data Protection Act in January 2024, with the law taking effect on January 15 2025. As…
Delaware Personal Data Privacy Act: 101 – What You Need to Know
Delaware enacted its Personal Data Privacy Act in September 2023, joining the growing number of states with consumer privacy legislation.…
Tennessee Information Protection Act: 101 – What You Need to Know
Tennessee passed its Information Protection Act in May 2023, with the law taking effect on July 1 2025. The law…
Iowa Consumer Data Protection Act: 101 – What You Need to Know
Iowa became the sixth US state to enact consumer privacy legislation when Governor Kim Reynolds signed Senate File 262 in…
Utah Consumer Privacy Act: 101 – What You Need to Know
Utah became the fourth US state to enact consumer privacy legislation when Governor Spencer Cox signed the Utah Consumer Privacy…
Montana Consumer Data Privacy Act: 101 – What You Need to Know
Montana passed its Consumer Data Privacy Act in May 2023, with the law taking effect on October 1 2024. The…
Oregon Consumer Privacy Act: 101 – What You Need to Know
Oregon passed its Consumer Privacy Act in July 2023, becoming one of the growing number of US states with consumer…
Vietnam’s New Data Protection Law: What You Need to Know Before January 2026
Vietnam has passed its first comprehensive data protection law. Law No. 91/2025/QH15 on Personal Data Protection (the PDPL) takes effect…
Colorado Privacy Act: 101 – What You Need to Know
Colorado was the third US state to pass a consumer privacy law, following California and Virginia. The Colorado Privacy Act…
Virginia Consumer Data Protection Act: 101 – What You Need to Know
Virginia was the second US state to enact a comprehensive consumer privacy law, following California. The Virginia Consumer Data Protection…
Texas Data Privacy and Security Act: 101 – What You Need to Know
Texas became the largest US state by population to enact a consumer privacy law when Governor Greg Abbott signed the…
California CCPA/CPRA: 101 – What You Need to Know
California was the first US state to pass a consumer privacy law, and it remains the most significant. If your…
The UK Cyber Security and Resilience Bill: What Data Protection Officers Need to Know
The UK Government introduced the Cyber Security and Resilience Bill in November 2025, proposing significant changes to how organisations manage…
ICO’s Public Sector Approach: Why the Post Office Received a Reprimand Instead of a £1m Fine
In December 2025, the ICO concluded its investigation into a data breach that exposed personal information belonging to 502 victims…
The EU’s First DSA Fine: What X’s €120m Penalty Means for Digital Platform Compliance
On 5 December 2025, the European Commission issued its first-ever fine under the Digital Services Act (DSA). X, formerly Twitter,…
EU Digital Omnibus Explained: Will Cookie Banners Finally Disappear?
Cookie fatigue is real. We’ve all done it – visited a website, seen yet another cookie banner, and clicked “Accept…
ICO Enforcement in 2025: Record Fines and What They Mean
The Information Commissioner’s Office issued fewer fines in the first half of 2025 than in previous years. Yet it collected…
GDPR Subject Access Requests When AI Processes Your Data
When someone submits a subject access request (SAR), you have 30 days to respond. For most organisations, this is straightforward.…
What is the UK Cyber Security and Resilience Bill?
In November 2025, the UK government introduced the Cyber Security and Resilience Bill to Parliament, marking the most significant update…