District of Columbia Data Privacy: A Plain-Language Overview
No comprehensive consumer privacy law (as of 2026)
Status: No standalone comprehensive privacy statute is in effect.
As of 2026, the District of Columbia has not enacted a comprehensive consumer data privacy law similar to the CDPA of Virginia. Instead, data privacy is primarily governed by the District of Columbia’s general consumer protection statutes, which prohibit unfair or deceptive trade practices, and by federal regulations.
Consumer rights
No comprehensive statutory consumer privacy rights specific to this state as of 2026; general consumer-protection rules may still apply.
Who it generally applies to
There are no specific privacy thresholds because there is no comprehensive privacy law. However, general consumer protection laws apply broadly to all businesses operating in the District.
What this means for B2B outreach
Without a comprehensive statute, business-to-business data is generally treated like other commercial data under standard consumer protection and commercial email laws.
Authoritative source: District of Columbia Office of the Attorney General. Always confirm current requirements there.
Marketing that respects privacy by design
We run permission-based, compliance-minded campaigns with real opt-out handling.
Talk to us