Mass. Comprehensive Privacy Bill Cuts Private Right of Action
Massachusetts legislators removed a private right of action from a leading comprehensive privacy bill on Thursday.
Sign up for a free preview to unlock the rest of this article
Privacy Daily provides accurate coverage of newsworthy developments in data protection legislation, regulation, litigation, and enforcement for privacy professionals responsible for ensuring effective organizational data privacy compliance.
The Senate Ways and Means Committee recommended a new draft (S-2608) of the previously numbered S-2516. The committee also released a summary memo. The proposed Massachusetts Data Privacy Act has seen more movement than alternative comprehensive privacy bills in the state this year (see 2505130041).
“The major change is that private right of action was eliminated from the bill,” a spokesperson for co-sponsor Sen. Michael Moore (D) emailed us Thursday. “Beyond that, the data broker registry, data broker accessible delete mechanism, and data broker credentialing sections were also dropped.” The spokesperson added that Senate floor debate on this bill is scheduled for Sept. 25.
The new bill says: “A violation of this chapter shall constitute an unfair or deceptive trade practice” and “the attorney general shall have exclusive authority to bring a civil action against a controller or processor that violates this chapter or a regulation adopted under this chapter.”