What is Maine’s LD946? New Privacy Regulations

What is Maine’s LD946? New Privacy Regulations

Maine’s LD946, a recently passed internet privacy law, seeks to give residents of Maine more control over the personal information they share online. Under LD946, internet service providers are prohibited from selling, sharing, or granting third party access to the personal data of their customers, unless given permission and approval by those customers. What’s more, LD946 also prohibits internet service providers from refusing to serve a customer based upon their refusal to consent to a website’s or online internet service’s data usage terms.

As opposed to Nevada’s SB-220 and the California Privacy Rights and Enforcement act of 2020, which allows consumers in these states to opt-out of having their personal information shared online, LD946 instead prohibits internet service providers from sharing the personal information of their customers unless they first opt-in. The law only regulates 80 broadband internet service providers within the state of Maine, and only applies to service providers serving customers who are both physically located and billed for services within the state.

What is considered personal information under LD946?

LD946 defines personal information broadly to include:

How do Maine internet service providers comply with LD946?

LD946 contains 3 primary compliance requirements. These requirements include:

In order to be in compliance with these 3 requirements, a business must adhere to the following steps:

Alternatively, there are also a variety of exceptions and exemptions to these 3 requirements. These exceptions and exemptions include:

The goal of Maine’s LD-946 is to provide some level of protection against the illegal online dissemination of the personal information of Maine consumers. As of this writing, LD-946 does not outline specific fines or penalties in regards to the violation of the bill, or what governing body would enact such punishments. This in combination with the limited scope of internet service providers who must adhere to the bill has led to some public criticism of LD-946. To give an example of this, major social media platforms such as Twitter and Facebook are not included in the 80 broadband internet service providers who must follow LD-946, as these websites obviously conduct operations well outside of the state of Maine. Nevertheless, residents who reside within the state of Maine are one step closer to having their personal information protected when using websites and internet services.

Related Reads