The Massachusetts State House is on the precipice of enacting meaningful data privacy protections into law. Earlier this month the House of Representatives unanimously passed the Massachusetts Consumer Data Privacy Act. The Senate had unanimously passed its version of this bill (S.2619) last September.
Now, a joint committee is hashing out the bill's final contents before it proceeds to a floor vote. It is a critical moment for this bill, and powerful Big Tech lobbyists are working hard behind the scenes to weaken its provisions.
Your state legislator needs to hear from you NOW to fight against these lobbying efforts.
If you are short on time, look up your legislators' contact info here (or here) and follow the script below. Read on if you want to learn about what's in this data privacy bill, what the heck a private right of action means, and why we must urgently pass this bill.
Sample Letter/Call Script
Thank you for voting for the data privacy bill when it came up for a vote in your chamber. I am writing/calling to ask that the final version of this bill include the House's private right of action for large data holders.
Please contact the members of the Data Privacy Conference Committee and State House leadership to advocate the inclusion of this private right of action in the final version of the bill.
Allowing individuals to seek redress directly is what makes consumer protection laws meaningful. That is why other state laws, like the Massachusetts consumer protection law (Chapter 93A), include a strong private right of action.
If the bill's enforcement is left entirely to the Attorney General's Office, Big Tech companies will view any fines or settlements they have to pay as mere slaps on the wrist and the cost of doing business. So long as these companies stand to make far more money from violating the privacy law, they have no incentive to follow it. Please do everything you can to protect my private data from being sold by large data holders. Thank you.
What Is In This Privacy Bill?
This bill will create strong limits on the collection and use of our personal and location data. Instead of having to opt-out to prevent the sale of this data, companies will have to seek our explicit consent before doing so.
Whether the law will include a private right of action (PRA) is still under debate. Only the House version of the bill had this key provision that would allow individuals to sue any companies that violate this law. Big Tech has sunk a lot of money into trying to weaken (or even remove) the PRA component of this bill. Here's why we must not let that happen.
Why a Private Right of Action Is Critical
Attorney General's Office Has Limited Resources
Big Tech companies like Meta have large legal armies at their disposal. In comparison, the Privacy & Responsible Technology Division of the Attorney General's office is comprised of a handful of attorneys. This disparity will embolden Big Tech companies to ignore a law that can only be enforced by an AGO with limited resources.
Fines Are a Slap on the Wrist
If the bill's enforcement is left entirely to the Attorney General's Office, Big Tech companies will view any fines or settlements they have to pay as mere slaps on the wrist and the cost of doing business. So long as these companies stand to make far more money from violating the privacy law, they have no incentive to follow it.
That is why other state laws, like the Massachusetts consumer protection law (Chapter 93A), include a strong private right of action. Allowing individuals to seek redress directly is what makes consumer protection laws meaningful. Without this ability, consumers are left with protections that exist only on paper, which is exactly what Big Tech wants.
Why We Urgently Need Privacy Protections
Cell phone applications and web browsers record your physical location as well as everything you do online. Data brokers purchase this data from app and web browser companies. They aggregate and analyze this data to develop shockingly detailed profiles for online users that include their purchasing habits, personal interests, religion, political views, close contacts, and other sensitive information. These data brokers then sell these analytics to corporations, political campaigns and non-profit organizations for targeted advertisements and other marketing purposes.
That alone is disturbing, but these brokers also sell this personal data to the federal government. US intelligence and law enforcement agencies routinely use this data for both foreign and domestic surveillance.
The Trump Administration has been on a buying spree for our personal data, including bulk cell phone location data. In January, Immigrations and Customs Enforcement (ICE) published a Request for Information seeking input from Big Data and Ad Tech providers to turbocharge this warrantless collection of data.
The War on Terror Is Coming For You
During his March appearance before the Senate Intelligence Committee, FBI Director Kash Patel confirmed that his agency has been purchasing location data on US citizens. This admission by Patel is particularly disturbing in light of executive orders and reports issued by the White House over the last year.
Last September, President Trump designated "antifa" a domestic terrorist organization and instructed federal agencies to "investigate, prosecute, and disrupt" organizations and people engaging in activities deemed "anti-American", "anti-capitalist" and hostile "towards those who hold traditional American views on family, religion and morality." Then in May the White House issued a CounterTerrorism Strategy report that listed as one of its priorities the “neutralization of violent secular political groups whose ideology is anti-American, radically pro-transgender, and anarchist.”
These executive orders and reports incentivize federal law enforcement to investigate individuals and groups that oppose Trump Administration polices, especially those advocating for immigrant and transgender rights. The Massachusetts State House cannot pass this privacy bill soon enough.
Additional Background
Lindsey Wilkinson
Caroline Haskins
Joseph Cox
9211
Lindsey Wilkinson
