August 5, 2020

Volume X, Number 218

August 05, 2020

Subscribe to Latest Legal News and Analysis

August 04, 2020

Subscribe to Latest Legal News and Analysis

August 03, 2020

Subscribe to Latest Legal News and Analysis

Nevada Passes Opt-out Privacy Law, Effective October 1, 2019

While businesses prepare to comply with the California Consumer Privacy Act (CCPA), Nevada has followed California’s lead and has amended its law to provide consumers with the right to opt-out of the “sale” of their personal information by website operators.

The amendment, SB 220, will take effect October 1, 2019, three months before the effective date of the CCPA. Accordingly, nationwide website operators focusing on CCPA compliance now will also need to make changes to their posted privacy notices and internal procedures to comply with the Nevada law by October.

Under the new law, covered operators must provide consumers with notice of a designated email, toll-free phone, or website address to submit opt-out requests. Operators will have 60 days to respond to “verified requests” to opt-out. The legislation defines a “verified request” as a request for which “an operator can reasonably verify the authenticity of the request and the identity of the consumer using commercially reasonable means,” but does not define what constitutes “commercially reasonable means.”

While the opt-out concept is similar to the heart of CCPA, Nevada’s definition of a “sale” is narrower than under CCPA. Nevada’s definition is limited to “the exchange of covered information for monetary consideration by the operator to a person for the person to license or sell the covered information to additional persons,” whereas CCPA’s definition extends to the sharing of personal information for non-monetary consideration (“other valuable consideration”).

The Nevada law also differs from CCPA by employing a narrower definition of personal information than under CCPA.

The Nevada law also includes a number of exemptions from its definition of covered “operators” who: (1) own or operate a website or online service for commercial purposes; (2) collect and maintain Nevada residents’ personally identifiable information; and (3) purposefully direct their activities toward Nevada.   The exemptions include financial institutions subject to the provisions of the Gramm-Leach-Bliley Act, health care providers (and related entities) subject to HIPAA, manufacturers and servicers of motor vehicles, and third-party service providers supporting the business of an “operator.” Penalties include injunctive relief or up to $5,000 per violation, enforceable by the State Attorney General’s Office.

©2020 Greenberg Traurig, LLP. All rights reserved. National Law Review, Volume IX, Number 156


About this Author

Gretchen A. Ramos, Lawyer, Greenberg Traurig, Data, Privacy & Cybersecurity,The Cloud,Artificial Intelligence, Big Data

Gretchen A. Ramos is Co-Chair of the Data, Privacy & Cybersecurity Practice and focuses her practice on privacy, cybersecurity, and information management. A creative problem-solver with a long track record of success in commercial disputes, she never loses sight of the simple fact that she works in a service industry. Clients appreciate not only her legal skills, but also her direct, no-nonsense approach to client service, including her bullet-pointed emails, snapshot executive summaries, and creativity in finding ways to streamline communications for in-house counsel with dozens of...

Ed Chansky, Greenberg Traurig Law Firm, Las Vegas, Intellectual Property Law Attorney

Ed Chansky focuses his practice in the areas of intellectual property (particularly development, selection, protection and licensing of trademarks worldwide) and advertising, sales promotion, and trade-regulation law, including charitable promotions, cause-related marketing, sweepstakes, contests, gift cards, eCommerce, substantiation of advertising claims, social gaming, social media, and all aspects of unfair or deceptive trade practices in a wide variety of industries.

A trusted advisor to many national companies, Ed is a frequent speaker at seminars and conferences on advertising and promotion law topics, including sweepstakes, premium production, coupon and rebate offers, charitable promotions, social gaming, and social media, and has helped shape state legislation affecting sales promotion matters. He also works with clients on a wide range of contract and licensing matters, including agency-client agreements in the advertising and sales promotion industries, software and website development, privacy policies and terms of use, and other matters affecting intellectual property, marketing and electronic commerce. For many years, he worked as a part-time musician (trombone) playing everything from grand opera to rhythm and blues.


Cathy Shyong’s practice focuses on privacy, cybersecurity, and information management. She represents technology clients in a wide range of fields, including health care and life sciences, consumer products, SaaS, fintech, non-profit, and academic research. Cathy works closely with clients to advise them on privacy policies, internal privacy procedures, regulatory compliance, commercial agreements, advertising, and product development. Her advice is informed by her broad experience litigating technology disputes.


  • EU GDPR compliance

  • ...