The New Jersey Data Privacy Act (NJDPA) is now in effect, placing New Jersey on the growing list of states with their own data privacy regulations. The NJDPA has a few characteristics that set it apart from similar regulations. For example, NJDPA has a more stringent policy regarding the processing and definition of financial data, specific protections for children up to age 17, and it also requires that a user give consent to a company before that company can process “sensitive data” sensitive data is defined in the regulation. Although somewhat similar to its contemporaries, this new regulation adds another layer of complexity to the U.S. data privacy landscape. This is just one more reason for federal lawmakers to establish a federal data privacy regulation.