The Illinois Consumer Data Privacy Act establishes consumer rights regarding personal data, including access, correction, and deletion rights, with enforcement by the Attorney General.
If you process personal data of Illinois consumers, you must ensure compliance with consumer rights or face enforcement actions.
What do these statuses mean? ▼
Affected Industries
Topics
What This Means
The Illinois Consumer Data Privacy Act aims to enhance consumer rights over personal data, impacting businesses that handle such data. It establishes rights to access, correct, and delete personal data, as well as opt-out options for targeted advertising. The bill applies to entities processing data of at least 100,000 consumers or 25,000 consumers with over 50% of revenue from data sales and includes enforcement provisions by the Attorney General, who has exclusive authority.
Key Provisions
- Establishes consumer rights to access, correct, and delete personal data.
- Applies to businesses processing data of at least 100,000 consumers or 25,000 consumers with over 50% of revenue from data sales.
- Attorney General has exclusive enforcement authority.
- Creates the Consumer Privacy Fund for enforcement activities.
- Exempts certain entities from the Act's provisions.
- Amends the Freedom of Information Act regarding data assessments.
Latest Legislative Action
Rule 2-10 Committee Deadline Established As April 24, 2026
Compliance Checklist
Who: Businesses processing consumer data in Illinois.
Penalty: Enforcement actions by the Attorney General.
Who: Businesses processing consumer data in Illinois.
Penalty: Enforcement actions by the Attorney General.
Full Legal Analysis
Full Analysis for Subscribers
Get the complete legal breakdown, compliance checklist, enforcement timeline, and expert commentary on SB3220.
Unlock Full Analysis →Related Topics
Affected Industries
More Illinois AI Legislation
View All IL Laws →More Illinois AI Laws
Browse all AI bills and regulations tracked for Illinois.