Select Page

Massachusetts Senator Cynthia Stone Creem has introduced draft bill SD 341which would bring Massachusetts in closer to alignment with California’s CCPA and is yet another example of a State moving forward with consumer data privacy. There has certainly been a trend for individual States to begin drafting their own consumer data privacy and protection laws with a fair amount of overlap in each. Below are some of the similarities between the draft of SD 341 and California CCPA.

SD 341 is similar to CCPA in the following areas:

  • Right to request deletion of collected personal information
  • Right to request a copy of collected personal information
  • Right of notice at or before the point of collection of personal information that is collected and disclosure of purposes
  • Right to opt-out of personal information transfer
  • Ability to obtain reports of personal information up to twice per year
  • Inability of covered businesses to deny goods or services or charge different prices or rates to consumers exercising their opt-out right

AG Enforcement (Draft Bill SD 341 Section 10 (a)

Whenever the attorney general has reason to believe that any business, service provider, or other person is in violation of this chapter, and that proceedings would be in the public interest, the attorney general may bring an action in the name of the commonwealth against such person to restrain such violation by temporary restraining order or preliminary or permanent injunction. In addition, the attorney general, in an action in the name of the commonwealth, may seek a civil penalty of not more than $2,500 for each violation or $7,500 for each intentional violation

Similar to the Biometric Information Privacy Act (BIPA) of Illinois, consumers in Massachusetts may not be required to demonstrate or suffered monetary or property losses to seek damages for an alleged violation.

If enacted, SD 341 would take effect in January 2023.

Heureka Recommendations

As more States begin drafting bills and policies surrounding consumer data privacy, Heureka recommends that companies draft privacy policies that obviously cover current laws with an eye toward aligning with the direction of State laws such as California or Colorado and drafts such as Massachusetts. There are many opinions on where the laws will end up between states  and the federal level, however one thing is for certain, now is not the time to wait it out before taking action. Heureka provides a flexible platform which is helping companies around the globe search, locate, report and remediate on unstructured data. There are three specific areas where Heureka provides value according to existing and drafted state law:

  1. Heureka helps identify consumer data in unstructured data, regardless of where it is stored
  2. Heureka provides reports on location and type of stored or collected data
  3. Heureka provides a single tool to remediate files (request to delete) on desktops, laptops or file shares.



Let us show you how easy it is to manage your data privacy