The Massachusetts Legislature Hits the Pause Button on Comprehensive Consumer Data Privacy
Friday, February 7, 2020
Massachusetts state seal pin
Print Mail Download i

Massachusetts consumers and businesses now know that the Commonwealth will likely not be the next jurisdiction to adopt sweeping consumer data privacy legislation. Earlier this week, the Joint Committee on Consumer Protection and Professional Licensure took action to table a comprehensive consumer data privacy bill until a future legislative session.

Massachusetts Consumer Data Privacy Introduced and Debated in 2019

Last year, Massachusetts state senators introduced a consumer data privacy bill with a broad private right of action. The proposed law, An Act Relative to Consumer Data Privacy (S.120), would have permitted any consumer to bring a lawsuit against any violating business or service provider, regardless of actual losses. S.120 was referred to the Joint Committee on Consumer Protection and Professional Licensure, which held a hearing in October 2019. During that hearing, speakers from a variety of industries urged caution, asking lawmakers to slow down and consider the bill’s potential pitfalls and unintended consequences. Among these concerns was the possibility that S.120 would bring a wave of new class action litigation. Speakers asked legislators to exercise restraint and give the bill due consideration in light of the immense risks of hastily-crafted language. While some commenters proposed amendments, none spoke in favor of passing the bill as currently drafted, and others strenuously argued that the bill should not pass.

The Joint Committee Tables Consumer Data Privacy

Following public hearing, the Joint Committee was faced with the responsibility of reporting out S.120 to the full legislative body with a Favorable (Ought to Pass) or Unfavorable (Ought Not to Pass) Report. However, on February 5, 2020, the Joint Committee took a third path, issuing a Study Order on S.120.

A study order authorizes the Joint Committee to sit during recess and study S.120 and, if appropriate, file a report of findings. However, for the vast majority of bills sent to a study order, no further committee activity takes place. For this reason, many observers view a study order as a procedural mechanism to table a bill until a future legislative session.

The Future of Consumer Data Privacy in Massachusetts

The future of comprehensive consumer data privacy in Massachusetts is now more uncertain. One thing is clear: a new data privacy law will almost certainly not be coming to Massachusetts in the current legislative term. However, a comprehensive consumer data privacy law may be introduced and passed in the next legislative term, and before the U.S. Congress passes any federal legislation on the issue. The current legislative term comes to an end at the close of this year, and sponsors may introduce new legislation at the start of the new term in January 2021.

Massachusetts state legislators can be expected to monitor the progress and implementation of other consumer privacy legislation across the country and try to incorporate those lessons into any future version of S.120 that may be introduced in the 2021-2022 term. One of the main criticisms of S.120 was that it was modeled on an early version of the California Consumer Privacy Act (CCPA) and did not reflect amendments and regulations that were ultimately adopted in California to remedy the ambiguities and overbreadth of that early draft language. A new version of S.120 introduced in a future legislative term would be expected to reflect revisions implemented in California and public comments on S.120, among other developments in consumer data privacy law between January 2019, when S.120 was first introduced, and January 2021.

Despite yesterday’s action by the Joint Committee on Consumer Protection and Professional Licensure to issue a Study Order on S.120, Massachusetts businesses should be careful not to assume that consumer data privacy laws do not yet apply to their operations. Consumer data privacy laws from jurisdictions other than Massachusetts, like CCPA that became effective in January of this year, can extend to organizations deemed to be “doing business” within the applicable jurisdiction. Massachusetts businesses should regularly consult with legal counsel and privacy professionals to evaluate their legal obligations and compliance programs.

©2024 Pierce Atwood LLP. All rights reserved.

Current Legal Analysis

More from Pierce Atwood LLP

DOL Final Rule Significantly Increases Salary Threshold for Overtime Exemption
by: Peter A. Hale , Suzanne King
FTC Votes to Ban Non-Competition Agreements
by: James R. Erwin , Suzanne King
Weekly Bankruptcy Alert April 23, 2024 (For the week ending April 21, 2024)
by: Bankruptcy & Creditors' Rights
PFAS in Maine: Legislature Amends the PFAS in Products Law
by: Georgia M. Bolduc , Lisa A. Gilbreath
EPA Designates Two PFAS as Hazardous Substances
by: Michelle N. O'Brien , Lisa A. Gilbreath
Weekly Bankruptcy Alert April 15, 2024 (For the week ending April 14, 2024)
by: Bankruptcy & Creditors' Rights
EPA Finalizes Stringent Drinking Water Standards for Five PFAS Chemicals
by: Georgia M. Bolduc , Lisa A. Gilbreath
Massachusetts Commission Recommends Expediting Siting Processes for Clean Energy Projects
by: James M. Avery , Andrew O. Kaplan
Weekly Bankruptcy Alert April 8, 2024 (For the week ending April 7, 2024)
by: Bankruptcy & Creditors' Rights
Weekly Bankruptcy Alert April 2, 2024 (For the week ending March 31, 2024)
by: Bankruptcy & Creditors' Rights

Upcoming Legal Education Events

 

NLR Logo

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up to receive our free e-Newsbulletins

 

Sign Up for e-NewsBulletins