Law: Please note this State does not have a general privacy law in effect, you can visit USA State Law Tracker to monitor the progress of US State bills.

Regulator: The South Dakota Attorney General ('AG')

Summary: South Dakota does not have a general privacy law in effect but does recognize the common law tort of invasion of privacy and has provisions criminalizing this offense. However, South Dakota lacks significant privacy laws affecting the private sector, with many of the privacy provisions in the State's law directed to the public sector. Examples of public-sector privacy laws include South Dakota's statute on the Interception of Wire, Electronic, or Oral Communications under D Codified Laws 23A-35A-20 (D Codified Laws 23A-35A-20), which makes the interception of private communications without consent a Class 5 felony, and South Dakota's Student Privacy Law, SDCL § 13-3-51 (SDCL § 13-3-51), which only applies to the Department of Education (Department of Education).

Moreover, South Dakota was the second last State to enact its data breach notification law, §22-40-1 et seq. of Chapter 40 of Title 22 of the South Dakota Codified Laws (§22-40-1 et seq. of Chapter 40 of Title 22) which gives information holders a 60-day window from the date of discovery or notification of the breach to notify individuals of a security breach, unless law enforcement determines that the notification should be delayed.

You can follow legislative developments in the US through the USA State Law Tracker.