Illinois Data Privacy: A Plain-Language Overview
No comprehensive consumer privacy law (as of 2026)
Status: Illinois has not passed a comprehensive data privacy law. Enforcement relies on general consumer protection and sector-specific laws like BIPA (effective 2008).
As of 2026, Illinois regulates data privacy through targeted statutes and general consumer protection rules rather than a single comprehensive framework. Key sectoral laws include the Biometric Information Privacy Act (BIPA), which strictly governs the collection of biometric data, and the Personal Information Protection Act regarding data breach notifications.
Rights residents generally have
- right to notification in the event of a data breach
- right to consent and written release before biometric data is collected
Who it generally applies to
Generally applies to businesses handling the personal data of Illinois residents, with specific thresholds for breach notification (e.g., possessing more than 1,000 records) and strict requirements for any entity collecting biometric identifiers.
What this means for B2B outreach
General business contact info (e.g., business email, title) is typically not treated as regulated personal data under Illinois law, provided it does not include biometric identifiers or trigger breach notification thresholds.
Authoritative source: Illinois Attorney General. Always confirm current requirements there.
Marketing that respects privacy by design
We run permission-based, compliance-minded campaigns with real opt-out handling.
Talk to us