Arkansas
💡 Last Updated October 2025. Written with contributions from both human authors and LLMs. If you find incorrect or outdated information let us know at support@optery.com.
Data brokers are selling your personal information. Optery finds it and removes it for you.
Privacy law in Arkansas
Arkansas has passed Senate Bill 258, the Arkansas Digital Responsibility, Safety, and Trust Act (ADRSTA), but the law does not take effect until July 1, 2026. As of April 2026, the law has been enacted but is not yet in force. Once effective, it will give Arkansas residents meaningful privacy rights over their personal data. In the meantime, limited federal protections apply, and you can still take steps to remove your data from brokers using services like Optery.
About Arkansas’s narrow privacy law
Arkansas Senate Bill 258 — the Arkansas Digital Responsibility, Safety, and Trust Act — was passed and signed into law, but its effective date is July 1, 2026. The law covers businesses (other than small businesses as defined by the SBA) that conduct business in Arkansas or produce products/services consumed by Arkansas residents and that process or sell personal data. Nonprofit organizations are only covered if their annual receipts exceeded $15,000,000 in any of the preceding five years. Numerous entities are exempt, including state agencies, financial institutions subject to Gramm-Leach-Bliley, HIPAA-covered entities and business associates, institutions of higher education, electric utilities, and others.
For consumers trying to remove their personal information from data brokers, this narrow law generally does not apply — typical data brokers fall outside its scope. Federal protections and Optery’s automated removals still work for you regardless.
What protections do exist in Arkansas
Arkansas Personal Information Protection Act
Arkansas requires businesses and government agencies that own or license computerized data containing personal information to notify Arkansas residents when their unencrypted personal information may have been acquired by an unauthorized person as a result of a security breach. (Ark. Code Ann. § 4-110-101 et seq.)
Arkansas Social Security Number Protection Law
Arkansas law restricts businesses from publicly posting, displaying, or requiring transmission of Social Security numbers in certain contexts, and prohibits printing SSNs on cards or documents sent by mail. (Ark. Code Ann. § 4-86-107)
Arkansas Children and Coercion Online Protection Act
Arkansas enacted the Social Media Safety Act (Act 689 of 2023), which requires social media companies to verify the ages of Arkansas users and obtain parental consent before allowing minors under 18 to create accounts. (Note: subject to ongoing litigation.) (Ark. Code Ann. § 4-88-1301 et seq.)
Federal protections that apply to Arkansas residents
Even without a state comprehensive privacy law currently in effect, federal laws provide some protections. The FTC can take action against businesses that engage in unfair or deceptive data practices under Section 5 of the FTC Act. HIPAA protects your medical information. COPPA protects children under 13 online. The Gramm-Leach-Bliley Act protects financial data held by financial institutions.
What’s happening in the Arkansas legislature
Several privacy bills have been introduced in Arkansas. None has passed into law yet, but they signal where consumer privacy legislation in the state may be heading.
SB 258 — Arkansas Digital Responsibility, Safety, and Trust Act
SB 258 creates the Arkansas Digital Responsibility, Safety, and Trust Act (ADRSTA), a comprehensive consumer privacy law that gives Arkansas residents rights to access, correct, delete, and port their personal data, and to opt out of targeted advertising, data sales, and certain automated profiling. The law covers non-small-business entities that process personal data of Arkansas residents, with enforcement by the Attorney General. The law takes effect July 1, 2026. Status: engrossed.
How Optery helps Arkansas residents
Data brokers collect and sell personal information about almost every American adult — home addresses, phone numbers, family relationships, employment history. They do this regardless of whether your state has a comprehensive privacy law. Optery scans over 200 data brokers to find where your information is exposed, then submits removal requests on your behalf and tracks compliance. Our service works for every US resident, not just those in states with strong privacy statutes.