Mississippi State Senate Introduces Consumer Data Privacy Act

Written By Haley Metteauer

On January 17, 2022, Senator Angela Turner-Ford (D) introduced Senate Bill 2330, referred to as the Mississippi Consumer Data Privacy Act to the Mississippi State Senate. The bill has been referred to the Senate Judiciary, Division A Committee.  If passed, the bill will provide consumers with certain protections and rights regarding the use and disclosure of their personal information by businesses. 

The bill would:

  • Authorize consumers to:

    • Request that businesses collecting consumers' personal information provide consumers with:

      • the categories and specific pieces of personal information collected by the business;

      • the business or commercial purpose for collecting or selling their personal information;

      • the third parties who received disclosure of or purchased their personal information.

    • Request that businesses delete any of the consumers’ personal information that the business collected.

    • Direct a business not to sell the consumers’ personal information to third parties.

      • Businesses who receive such directions will be required to respect the consumer’s request to opt-out for at least 12 months before requesting that the consumer authorize the sale of their personal information. 

  • Prohibit the knowing sale of personal information of a consumer who is less than 16 years of age, unless the consumer between 13 and 16 years of age expressly authorizes the sales.

  • Permit a business to ignore a consumer's request to delete their personal information from its records or to direct any service providers to do so if retaining the consumer’s personal information is necessary to

    • Complete the service or transaction originally sought by the consumer;

    • Process a necessary cyber security measure by the business;

    • Exercise their right, or protect another consumer’s right, to free speech;

    • Engage in research pursuant to the public interest; and

    • Enable solely internal uses pursuant to the business’s stated purpose.

  • Provide consumers whose nonencrypted or nonredacted personal information was distributed via theft or disclosure in violation of this bill with a right to:

    • Recover damages between $100 and $750 per consumer per incident, or actual damages, whichever is greater;

    • Injunctive or declaratory relief; or

    • Assert any other relief the court deems proper.

Haley Metteauer
Previous

Kentucky State Senate Introduces Consumer Data Privacy Act
Next

New Jersey State Senate Introduces Online Transparency