Law: Please note this State does not have a general privacy law in effect, you can visit USA State Law Tracker to monitor the progress of US State bills.

Regulator: The Rhode Island Attorney General ('AG')

Summary: There is currently no comprehensive privacy law in Rhode Island. However, the right to privacy is explicitly created by Rhode Island statute, which further provides for a specific right of action violations of such right under §9-1-28.1 of the State of Rhode Island General Laws. In addition, under Rhode Island Identity Theft Protection Act of 2015 under §11-49.3 et seq. of the State of Rhode Island General Laws, there is a requirement that any person that stores, owns, collects, processes, maintains, acquires, uses, or licenses data that includes personal information notify personal data breaches involving unauthorised access to unencrypted computerised records to affected consumers as well as the AG and consumer reporting agencies, if more than 500 consumers may have been affected by the breach. The AG holds the power to sanction violations of the law and issue penalties.