WeVote

Bill

Bill

SF 143

A bill for an act relating to consumer data protection, and including retroactive applicability provisions.

2025-2026 Regular Session Introduced by Kevin Alons and 4 co-sponsors

Bill SF 143 empowers consumers with rights over their data, requiring clear notifications and consent for profiling, while ensuring public health data is handled responsibly.

Subcommittee recommends passage.
0
WeVote Research Nonpartisan
Bill Summary · SF 143

Summary of Bill SF 143: Consumer Data Protection

Bill Number: SF 143
Introduced On: January 28, 2025
Current Status: Subcommittee recommends passage
Classification: Bill
Subjects: Children, Consumer Affairs, Health, Insurance, Medical Care, Medical Records, Nonprofit Entities, Privacy

Purpose and Intent

Bill SF 143 aims to enhance consumer data protection by establishing clear rights for consumers regarding their personal data. The bill focuses on the handling of consumer data, particularly in the context of public health and profiling, ensuring that consumers have more control over their information and how it is used.

Key Provisions

  1. Exemptions for Public Health Authorities:

    • Information maintained by public health authorities, as defined by HIPAA (Health Insurance Portability and Accountability Act), is exempt from certain provisions of the bill if the authority has obtained consumer authorization.
    • Data used solely for public health activities must be de-identified, aggregated, and processed in batches of at least 100 consumers to qualify for exemption.
  2. Consumer Rights:

    • Consumers have the right to request notifications regarding profiling that may lead to significant legal effects.
    • The bill defines "profiling" as automated processing of personal data to evaluate or predict factors related to an individual's economic status, health, preferences, behavior, and location.
  3. Notification Requirements:

    • Notifications to consumers must be in plain language and include:
      • Types of data subject to profiling.
      • Requirements for data recipients to delete or return the data.
      • Procedures for consumers to file complaints.
  4. Retroactive Applicability:

    • The provisions of the bill will apply retroactively to January 1, 2025, meaning that any data handling practices prior to this date will also be subject to the new regulations.

Impact

  • Consumers: The bill empowers consumers by granting them rights to be informed about and opt-out of profiling, thereby enhancing their control over personal data.
  • Public Health Authorities: These entities will need to ensure compliance with both HIPAA and the new provisions of the bill, particularly regarding consumer authorization and data handling practices.
  • Businesses and Organizations: Companies that handle consumer data will need to adjust their practices to comply with the new notification and data management requirements.

Legislative Timeline

  • January 28, 2025: Bill introduced and referred to the Technology Committee.
  • January 29, 2025: Subcommittee meeting held to discuss the bill.
  • January 30, 2025: Subcommittee recommends passage of the bill.

This summary provides an overview of Bill SF 143, highlighting its purpose, key provisions, and potential impacts on consumers and organizations handling personal data.

Compiled from official sources — confirm details with the bill’s official record.

Sign in to ask a question.