Your IP address might seem like just a string of numbers, but under a growing number of US state privacy laws, it's classified as personal information. That means companies collecting your IP address may be legally required to tell you about it, let you opt out, and even delete it on request.
As of 2025, over a dozen US states have enacted comprehensive data privacy laws, and most of them treat IP addresses as protected personal data. Here's what you need to know about your rights — and what your IP actually reveals.
Is Your IP Address "Personal Information"?
Under most US state privacy laws, yes. An IP address is considered personal information because it can be used — alone or in combination with other data — to identify a specific individual or household.
When you visit CheckWhatIsMyIP.com, you can see exactly what your IP reveals: your approximate city, state, ISP, and whether you're using a VPN. Websites and advertisers use this data to build profiles about you.
State-by-State Privacy Law Breakdown
California — CCPA / CPRA
The California Consumer Privacy Act (CCPA), as amended by CPRA, is the strongest state privacy law in the US. Under CCPA:
- IP addresses are explicitly defined as personal information
- You have the right to know what data is collected about you, including IP-derived location data
- You can request deletion of your IP data
- You can opt out of the sale or sharing of your IP address
- Businesses must disclose IP collection in their privacy policies
Who it applies to: Businesses that earn $25M+ annually, collect data on 100,000+ consumers, or earn 50%+ of revenue from selling personal data.
Virginia — VCDPA
Virginia's Consumer Data Protection Act treats IP addresses as personal data and gives you similar rights:
- Right to access and delete your data
- Right to opt out of targeted advertising based on IP geolocation
- Right to opt out of the sale of personal data
Colorado — CPA
Colorado's Privacy Act includes IP addresses under "personal data" and notably requires businesses to conduct data protection assessments for any processing that involves profiling consumers — which includes IP-based geolocation tracking.
Connecticut — CTDPA
Connecticut's privacy law mirrors Virginia's approach: IP addresses are personal data, and consumers have access, deletion, and opt-out rights.
Other States with Privacy Laws
As of 2025, these states also have comprehensive privacy laws that cover IP addresses: Utah, Iowa, Indiana, Tennessee, Montana, Texas, Oregon, Delaware, New Hampshire, New Jersey, Nebraska, Maryland, and Minnesota. More states are introducing legislation each year.
What Your IP Address Reveals — and Why It Matters
Visit our IP checker tool to see what websites can learn from your IP alone:
- Approximate location: City, state, and zip code — enough for geo-targeted advertising
- ISP name: Reveals whether you're on a home, business, or mobile connection
- Connection type: Residential vs. datacenter — used for fraud detection
- VPN/proxy use: Companies detect and sometimes block VPN users
When combined with cookies, browser fingerprints, and browsing history, your IP address becomes a key piece of a comprehensive tracking profile that advertisers use to follow you across the web.
Your Rights Under These Laws
If you're a resident of a state with a privacy law, you generally have these rights regarding your IP data:
- Right to Know: You can ask companies what IP-derived data they've collected about you
- Right to Delete: You can request companies delete your IP address data from their records
- Right to Opt Out: You can opt out of the sale of your IP data and targeted advertising
- Right to Correct: You can request corrections if your IP geolocation data is inaccurate
- Non-Discrimination: Companies cannot penalize you for exercising these rights
How to Protect Your IP Privacy
1. Use a VPN
The most effective way to protect your IP from tracking is using a VPN like NordVPN. A VPN replaces your real IP with the VPN server's IP, preventing websites from seeing your actual location and ISP.
2. Exercise Your Legal Rights
Look for "Do Not Sell My Personal Information" links on websites. Under CCPA, California businesses are required to provide this option. Submit data deletion requests to companies that have collected your browsing data.
3. Use Privacy-Focused Tools
Our free tools can help you understand your exposure: Check what your IP reveals, run our VPN Leak Test to verify your VPN is working, and use our Browser Fingerprint test to see your full digital footprint.
4. Review Privacy Policies
When visiting new websites, check their privacy policy for mentions of IP address collection, geolocation tracking, and third-party data sharing. Under state laws, businesses must disclose this information.
The Future of IP Privacy in the US
While there's no comprehensive federal privacy law yet, the patchwork of state laws is growing rapidly. Congress has proposed the American Data Privacy and Protection Act (ADPPA) multiple times, and many experts expect a federal law within the next few years.
In the meantime, understanding your state's privacy protections — and taking proactive steps to protect your IP address — is the best approach to maintaining your online privacy.