The Record: State privacy laws have been crippled by big tech, new report says 

February 1, 2024

The tech industry has shaped a series of weak privacy laws nationwide, according to a new report, with half of the 14 states to have passed such laws receiving failing grades and none receiving an “A” on the report’s scorecard. 

The Electronic Privacy Information Center and U.S. PIRG Education Fund assessed the 14 bills across several metrics, including whether they have provisions for strong enforcement; how much transparency they offer into data risk assessments; whether they include strong individual data rights such as opt-out signals; if they bar manipulative design; and whether they strongly define what constitutes personal data and covered entities. 

The report argues that the lack of a federal privacy law to govern a multibillion-dollar industry’s data practices has opened the door to states enacting lax privacy laws nearly across the board. 

“Weak, industry-friendly laws allow companies to continue collecting data about consumers without meaningful limits,” the report states. “Consumers are granted rights that are difficult to exercise, and they cannot hold companies that violate their rights accountable in court.” 

Read more here.

Support Our Work

EPIC's work is funded by the support of individuals like you, who allow us to continue to protect privacy, open government, and democratic values in the information age.