STATE SENATOR
James Maroney
DEPUTY MAJORITY LEADER
AN INDEPENDENT VOICE
- Representing
- Milford,
- Orange,
- West Haven,
- Woodbridge
Today, State Senator James Maroney (D-Milford), Senate Chair of the General Law Committee, lead State Senate passage of a Senate Democratic Caucus priority bill concerning data privacy. This bill focuses on protecting consumers health data online.
Senate Bill 3, ‘An Act Concerning Online Privacy, Data And Safety Protections,’ passed the State Senate with a unanimous vote and now heads to the House of Representatives.
“Over 95% of children have access to social media sites including YouTube and today we took a small step in making sure children are safe online,” said Sen. Maroney. “Creating these boundaries with privacy legislation reduces the risk of minors being taken advantage of online. In addition, people who seek reproductive medical care and those who face tough decisions should be able to do so on their own. They should not have targeted ads on their mobile phones just because they are in a specific location.”
Senate Bill 3 will help maintain a person’s privacy when seeking care at a medical office or abortion clinic and will protect a person’s privacy when using online apps. This bill will create privacy rights for consumer health data that are not provided under HIPPA or other laws.
Menstrual apps, smart watches, online stores, search engines, and other services using technology collect personal information that is used to make determinations about people’s health conditions that is then sold for marketing or other purposes. The bill prohibits businesses from collecting, sharing, or selling consumer health data without the person’s consent and ensures the consent is well informed and not buried in standard terms and conditions.
SB3 will also prohibit geofencing mental health facility, a reproductive health care facility, or a sexual health facility such as an abortion clinic. Geofencing is the practice of constructing consumer health data based upon the location of a person’s phone.
In the United States, if you tell a psychologist that you are depressed or suffer from a mental illness, your health privacy is protected under existing law. But if you download an app to manage your depression, your personal and health information can be bought, shared, and used for marketing or any other purpose. It is not only mental health apps that share our personal information, but also menstrual apps that assist with pregnancy, smart watches that count steps, and even purchases made online. Personal data is sold unrestricted, to anyone, in unregulated markets. Using geofencing, our information can be connected to locations we visit at specific times. Ad agencies have targeted people who have not only visited abortion clinics but have also run anti-choice advertisements on the phones of people in the waiting rooms.
If a service is offered to minors online, a data protection assessment must be given. The assessment addresses the purpose of the service being offered, categories of the personal data that is being collected, and purposes for which the controller processes the data collected.
According to a February report by the CDC, 57% of high school girls in 2021 reported feeling “persistently sad or hopeless” over the previous year, up from 36% in 2011. Thirty percent of high school girls seriously considered attempting suicide in 2021, up from 19% in 2011. Teen boys have also experienced an increase in feeling persistently sad or hopeless, increasing from 21% in 2011 to 29% in 2021.
One explanation for the rapid deterioration of our children’s wellbeing is social media. Facebook, Instagram, and TikTok have become standard for our youth. Social media can foster friends hips and expand connections, but it also has been determined to be the cause of loneliness. Tech companies push out content that is not age appropriate to tweens, and yet 38 percent of those 8 to 12 years old report using social media daily, an increase from 31 percent in 2019. Tech companies use personal data of minors to target them with advertisements, to lure them into scrolling longer, and bait them to watch just one more video.
SB3 will expand on previous data privacy legislation passed last year – “An Act Concerning Personal Data Privacy and Online Monitoring.” Under this bill, it will protect the privacy of minors and prohibit the use of their personal data from being used in ways that causes them harm. It follows the UK’s Age-Appropriate Design Code, after which Google made SafeSearch the default for minors, YouTube turned off autoplay and set bedtime reminders for minors, and TikTok disabled messaging between minors and unknown adults. While tech companies are adopting these and other protections for minors, not all are applied in the US.
Websites and apps that process personal data will need to take reasonable care to avoid certain “heightened risks” to minors, which includes unfair or deceptive treatment, financial, physical or reputational injury, or invasion of privacy. These apps must refrain from selling personal data of minors or using it for targeted advertising and may not use personal data to lure minors or extend their screen time, and geolocation data collected on a minor must only be used for providing the specific service sought out by the minor.
Senate Bill 3 now requires that parents can delete social media accounts if a child is under 16.
Under this section of the bill, dating apps must offer an online safety center which will provide resources concerning safe dating the safety center will provide: explanation of mechanism for reporting harmful or unwanted behavior; safety advice to use when communicating online and meeting in person; a link to resources concerning domestic violence and sexual harassment; educational information concerning romance scams.