On January 16, Governor Murphy signed S332 (Sixth Reprint) into law, making New Jersey the 13th or 14th state (depending on if you count Florida) with a consumer privacy law on the books. We previously covered the now enacted law here. S332 applies to controllers and processors who conduct business in the state or produce products or services that are targeted to residents of the state, and meet certain processing thresholds.

In his statement, Governor Murphy specifically addressed enforcement of the law, stating concerns that the bill created a private right of action under other laws due to an amendment that removed language prohibiting “a private right of action ‘under any other law’’” are unfounded. According to Governor Murphy, “nothing in this bill expressly establishes such a private right of action,” and Section 16 of S332 specifically states that “[n]othing in [this law] shall be construed as providing the basis for, or subject to, a private right of action for violations of [this law].”

Most of New Jersey’s consumer privacy law will take effect one year from today, with the requirement to recognize universal opt-out mechanisms (“UOOM”) taking effect eighteen (18) months from the date of enactment. Enforcement will be handled by the New Jersey Attorney General and there will be a cure period for the first eighteen months following the effective date.

For more information, you may review our prior coverage of S332. If you would like to discuss the impact this law may have on your business, feel free to contact the authors or your usual firm contact.

Disclaimer: While every effort has been made to ensure that the information contained in this article is accurate, neither its authors nor Squire Patton Boggs accepts responsibility for any errors or omissions. The content of this article is for general information only, and is not intended to constitute or be relied upon as legal advice.