Keypoint: Last week, the Maryland legislature passed consumer data privacy and Age-Appropriate Design Code Act bills, the Kentucky Governor signed HB 15 into law, three bills advanced out of a California Assembly Committee, and there was movement with bills in Minnesota, Vermont, Louisiana, Illinois and Colorado.
Below is the eleventh weekly update on the status of proposed state privacy legislation in 2024.
Table of Contents
- What’s New
- Bill Tracker Charts
- Bill Tracker Maps
1. What’s New?
The big news this week is that the Maryland legislature passed the Maryland Online Data Privacy Act of 2024 (MODPA) (SB 541). A companion House bill (HB 567) also appears likely to pass before the legislature closes on April 8. As we have pointed out in prior posts, the Maryland bills utilize the Washington Privacy Act model but inject new concepts, including around data minimization, sensitive data, and minor’s data. You can find an overview and analysis of MODPA here.
The Maryland legislature also passed companion Age-Appropriate Design Code Act (AADC) bills (HB 603 / SB 571). Those bills are similar in vein to the California Age-Appropriate Design Code Act but have been heavily revised presumably take into account constitutional issues raised with respect to the California law.
In other news, Kentucky Governor Andy Beshear signed HB 15 into law on April 4, making Kentucky the fifteenth state to pass consumer data privacy legislation. You can read our analysis of the bill here.
In Minnesota, Representative Steve Elkins reports that HF 2309 will be incorporated into the Commerce Committee’s omnibus finance & policy bill in both chambers rather than being passed as a standalone bill.
In Vermont, Senate committee meetings were held on H.121 on April 3 and 4.
We also had one new bill introduced this week in Louisiana (HB 947). The bill is a Washington Privacy Act variant.
Finally, in California, AB 3048 (opt-out preference signals), AB 1824 (right to opt-out), and AB 1949 (minor’s data) passed out of the Assembly Committee on Privacy and Consumer Protection on April 2. The bills were referred to the Appropriations Committee. Meanwhile AB 3080 (kid’s safety), SB 1233 (neural data), and AB 3204 (data digesters) are set for April 16 committee hearings.
In health data privacy bill news, the Illinois Health Data Privacy Act (HB 4093) passed out of a House committee and was placed on the second reading calendar.
In other children’s privacy bill news, Colorado’s SB 41 is now set for an April 16 Senate committee hearing. The bill seeks to amend the Colorado Privacy Act to add additional protections for minor’s data. In Vermont, committee meetings were held on S.289 (an Age-Appropriate Design Code Act variant) on April 3, 4, and 5.
In data broker bill developments, Illinois HB 4447 was amended on April 2 and is now a data broker bill. It has been placed on the House second reading calendar.
2. Bill Tracker Charts
For more information on all of the bills introduced to date, including links to the bills, bill status, last action, hearing dates, and bill sponsor information, please see the following charts:
- Consumer Data Privacy Bills
- Biometric Privacy Bills
- Children’s Privacy Bills
- Consumer Health Data Privacy Bills
- Data Broker Bills
Husch privacy clients can access unredacted copies of the charts through Byte Back+.
3. Bill Tracker Maps
To access our tracker maps, click the following links: