Can I collect cookie information from participants in Georgia? What are the requirements?

Collection of Cookie Information from Participants in Georgia

Under Georgia law, there are no specific requirements regarding the collection of cookie information from participants. However, businesses that collect personal information from Georgia residents are required to provide notice in the event of a data breach that results in access or likely access to unencrypted personal information ^[4.1]. Additionally, state agencies, boards, authorities, and commissions of the executive branch of state government are required to provide a written business case for every information technology project that exceeds $1 million in value, which includes an assessment of business process improvement, the need for process improvement, and corresponding change management ^[1.2].

It is important to note that businesses should also comply with applicable federal laws, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), if they collect personal information from individuals located in those jurisdictions.

In summary, while there are no specific requirements regarding the collection of cookie information from participants in Georgia, businesses should ensure compliance with applicable state and federal laws regarding the collection and protection of personal information.

^[1.2]: GACO 50-29-3 ^[4.1]: GARR Rule 80-14-1-.05

Source(s):

• [1.2] Submission of business cases for information technology programs; requirements.
• [4.1] Notice of Unauthorized Access to Personal Information

Jurisdiction

Georgia, Georgia

• Privacy