Although slightly different, state privacy laws share key principles, making it easier for privacy professionals to develop a framework for building a program designed to adapt to the changing privacy landscape. New comprehensive state privacy laws are creating compliance obligations for entities that have traditionally fallen outside the purview of privacy regulation. Such laws include the CCPA and CPRA, the CPA, the CTDPA, the YCPA, and the VCDPA. Businesses should consider the goals of privacy programs to determine the first step toward compliance.