State privacy overview

District of Columbia Data Privacy: A Plain-Language Overview

Informational summary · No comprehensive consumer privacy law (as of 2026)
General information — not legal advice. This overview is provided for general educational purposes only and may not reflect the most recent changes in the law. It is not legal advice and does not create any attorney–client relationship. Verify current requirements with the state's official resources and consult qualified counsel before acting.

No comprehensive consumer privacy law (as of 2026)

Status: No standalone comprehensive privacy statute is in effect.

As of 2026, the District of Columbia has not enacted a comprehensive consumer data privacy law similar to the CDPA of Virginia. Instead, data privacy is primarily governed by the District of Columbia’s general consumer protection statutes, which prohibit unfair or deceptive trade practices, and by federal regulations.

Consumer rights

No comprehensive statutory consumer privacy rights specific to this state as of 2026; general consumer-protection rules may still apply.

Who it generally applies to

There are no specific privacy thresholds because there is no comprehensive privacy law. However, general consumer protection laws apply broadly to all businesses operating in the District.

What this means for B2B outreach

Without a comprehensive statute, business-to-business data is generally treated like other commercial data under standard consumer protection and commercial email laws.

Authoritative source: District of Columbia Office of the Attorney General. Always confirm current requirements there.

Marketing that respects privacy by design

We run permission-based, compliance-minded campaigns with real opt-out handling.

Talk to us

← All state privacy overviews