+

Download APPI checklist

Consentmo is dedicated to protecting and respecting your privacy. We will only use your personal information to respond to inquiries, provide requested materials, or share updates and services that we believe may interest you.

You can manage your privacy preferences or opt-out at any time. For more details on how to unsubscribe, our privacy practices, and our commitment to safeguarding your privacy, please refer to the Consentmo Privacy Policy.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

What is FDBR?

Effective July 1st, 2024, The Florida Digital Bill of Rights (FDBR) is a data privacy law enacted to protect the privacy rights of Florida residents. It aligns with the broader trend of state-level privacy regulations in the United States, focusing on providing users more control over their personal data, as well as imposing obligations on businesses that collect, process, and share such data.

Where does the FDBR apply?

Specifically, it targets for-profit organizations that conduct business in Florida or produce products or services targeted to Florida residents. These businesses must either have a gross annual revenue exceeding a specified amount, process personal data of a set number of Florida residents annually, or derive a significant portion of their revenue from selling or sharing personal data:
- Global gross annual revenues exceeding $1 billion, and,
- Revenue from Online Advertising: Derive 50% or more of their global gross annual revenues from the sale of online advertisements
- Smart Speaker Operations: Operate a consumer smart speaker and voice command component service with an integrated virtual assistant
- App Store Platforms: Operate an app store or digital distribution platform that offers at least 250,000 different software applications
These specific thresholds are designed to target large technology companies, ensuring that the FDBR primarily applies to major players in the tech industry.

The law also applies to businesses that process sensitive data, such as biometric information, health data, or precise geolocation.

graphic of a white magnifying glass against a blue background

What are possible reasons for a penalty under FDBR?

Some common reasons for a penalty include:
- Failure to Respond to Consumer Rights Requests: Ignoring or not fulfilling requests from consumers to access, delete, or correct their personal data, or to opt out of data sharing or targeted advertising within the required timeframe.
- Improper Handling of Sensitive Data: Collecting or processing sensitive personal information (e.g., biometric data, health data, or geolocation) without proper consent or protection.
- Lack of Transparency: Failing to provide a clear privacy policy or misrepresenting data collection and usage practices.
- Non-Compliance with Children’s Data Protections: Violating stricter rules around data collection for individuals under 18.

Who is liable for FDBR penalties?

Businesses that meet the law’s applicability criteria, such as large for-profit entities collecting or processing Florida residents' data. Senior executives or designated officers may also bear responsibility if their decisions or negligence lead to non-compliance. Penalties are enforced by the Florida Attorney General, targeting organizations rather than individual employees, except in cases of willful misconduct.

graphic of a building in white against a blue background
white sheet of paper graphic against a blue background with shield in front of it

What are the penalties?

Penalties can include:
- Financial penalties, often calculated per violation or per affected consumer.
- Injunctions: The Attorney General can issue court-ordered injunctions to stop ongoing violations and mandate compliance with the law.
- Damages: Businesses may be required to compensate affected individuals
- Reputational damage.

Get the APPI checklist for Free

Improve the effectiveness of your compliance strategy now.

Download checklist
graphic of a white notepad page against a black background

Frequently Asked Questions

How do I obtain consent from individuals under the FDBR?

Obtaining consent under the Florida Digital Bill of Rights (FDBR) involves providing a clear consent process to users, particularly those under 18.
- Use clear language about data collection, use, and sharing.
- Active Opt-In: Use affirmative actions, such as a checkbox or a clear “I agree” button, to record consent.
- Parental consent for minors: For individuals under the age of 18, obtain verifiable parental or guardian consent before collecting or processing their data.
- Allow easy withdrawal for individuals at any time and communicate this right clearly.

Who is the regulatory authority enforcing the Florida Digital Bill of Rights (FDBR)?

The regulatory authority enforcing the Florida Digital Bill of Rights (FDBR) is the Florida Attorney General's Office. This office is responsible for investigating violations, ensuring compliance, and imposing penalties for non-compliance. Businesses found in breach of the FDBR may face fines, injunctions, or other corrective measures as determined by the Attorney General.

How to make my business compliant with the FDBR?

To make your business compliant with the Florida Digital Bill of Rights (FDBR), start by determining whether your operations fall under its scope, such as meeting revenue thresholds or processing the personal data of Florida residents. Develop a clear and accessible privacy policy that outlines the types of data collected, the purposes for collection, how it’s used, and with whom it’s shared.

Shopify merchants can simplify compliance by using Consentmo, which provides tools to manage cookie consent, display privacy notices, and automate data subject requests.

Subscribe to get our monthly newsletter
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Get Started
FeaturesPricing
Regulations
GDPR (EU)CCPA (California)PIPEDA (Canada)LGPD (Brazil)APPI (Japan)PDPA (Thailand)POPIA (South Africa)APA (Australia)NZPA (New Zealand)
Resources
BlogeBooksKnowledge baseCookie ScannerAdaptive Mobile Experience
Comparison
Consentmo vs.
Shopify Consentmo vs. PandectesConsentmo vs.
Avada
Compliance
GoogleIAB TCFGlobal Privacy ControlShopify Customer Privacy
Company
About us
FAQs
Contact
Legal
Terms of ServicePrivacy PolicySupport Policy
UET consent mode microsoft logo
Shopify app storeShopify app store
Facebook social iconTwitter social iconLinkedIn social iconInstagram social iconYouTube social iconTikTok social icon
© 2025 Consentmo. All Rights Reserved.

The information on the Consentmo website, platform, or services, as well as any part thereof, does not constitute actual legal or regulatory advice, opinion, or recommendation. Consentmo is committed to providing tools to aid in compliance but is not a law firm. For legal advice, users should consult with a qualified attorney.
Subscribe to get our monthly newsletter
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Get Started
FeaturesPricingBlack Friday Offer⚡
Regulations
GDPR (EU)CCPA (California)LGPD (Brazil)PIPEDA (Canada)APPI (Japan)PDPA (Thailand)POPIA (South Africa)APA (Australia)NZPA (New Zealand)
Resources
BlogeBooksKnowledge baseCookie ScannerAdaptive Mobile Experience
Comparison
Consentmo vs. Shopify Consentmo vs. PandectesConsentmo vs. Avada
Company
About us
FAQs
Contact
Legal
Terms of ServicePrivacy PolicySupport Policy
Shopify app storeShopify app storeShopify partners
Shopify app storeShopify app store
Facebook social iconTwitter social iconLinkedIn social iconInstagram social iconYouTube social iconTikTok social icon
© 2025 Consentmo. All Rights Reserved.

The information on the Consentmo website, platform, or services, as well as any part thereof, does not constitute actual legal or regulatory advice, opinion, or recommendation. Consentmo is committed to providing tools to aid in compliance but is not a law firm. For legal advice, users should consult with a qualified attorney.