Cookie consent in United States
Consent and privacy law in United States
No federal privacy law, a growing patchwork of state laws led by California's CCPA
en
Who must comply
For-profit businesses that meet revenue or data-volume thresholds and handle California residents' data.
Penalties
Varies by state, for example up to 7,500 US dollars per intentional CCPA violation
Key obligations
- Honor Do Not Sell or Share requests
- Recognize Global Privacy Control signals
- Provide a clear opt-out mechanism
- Handle consumer rights requests
- Limit use of sensitive personal information
Local guidance
- Treat the US as a state-by-state patchwork rather than one regime
- Offer a Do Not Sell or Share My Personal Information link
- Honour Global Privacy Control browser signals
- Apply stricter handling for sensitive data and minors
How ConsentX helps
- Native Global Privacy Control support
- Do Not Sell or Share controls
- Opt-out preference signals
- 45-day DSAR SLA workflow
We value your privacy
We ask for your consent before any non-essential cookie, with the rules that apply in your region.
This page is a plain-English summary for general information and is not legal advice. Confirm your obligations with qualified local counsel.
How to comply with United States using ConsentX
- 1
Scan your website
Run a free scan to find every cookie and tracker on your site, so you know exactly what needs consent under United States.
- 2
Show a geo-aware consent banner
Add the ConsentX banner. It detects each visitor region and shows the consent experience that United States requires, automatically.
- 3
Block trackers until consent
Keep non-essential cookies and trackers blocked until the visitor agrees, so nothing fires before consent.
- 4
Record tamper-evident proof
Every choice is stored as a tamper-evident consent receipt you can produce in a United States audit.
- 5
Handle data requests on time
Use the built-in DSAR workflow with SLA timers to answer access, deletion and opt-out requests within the legal deadline.
Frequently asked questions
Is there a federal privacy law in the United States?+
No. The United States has no comprehensive federal privacy law. It has a growing patchwork of state laws led by California's CCPA, plus FTC enforcement against unfair or deceptive practices.
Do US privacy laws require opt-in or opt-out?+
Most US state laws follow an opt-out model. Businesses must offer a way to opt out of the sale or sharing of personal information and honour Global Privacy Control signals, while sensitive data and minors may require stricter handling.
Are cookie banners required in the United States?+
There is no general cookie consent requirement, but using trackers can trigger sale or sharing rules under state laws, which require a clear opt-out mechanism such as a Do Not Sell or Share link.