A new privacy law signed last month is a reminder that data protection and privacy are not just issues for companies who must comply with the EU’s General Data Protection Regulation (GDPR). In the United States, regulators at the state level are turning their attention to companies who collect and use personal information – and they are putting in place their own rules about how it should be protected and managed responsibly. A newly signed Oregon law is an example of how states are moving towards interpreting unfair competition laws to cover statements make in a privacy policy. This trend has been seen in many states. California, Connecticut,…