Maine Passes ISP Privacy Bill; More CCPA Tweaks Clear California Assembly

to reconsider the body’s first-round vote to advance the bill. It must still be signed by Gov. Janet Mills (D). "The residents of Maine are one step closer to being able to decide if and when to hand over their most sensitive personal information to their broadband providers,” emailed Georgetown Law Institute for Technology Law & Policy's Gigi Sohn. Members of both parties voted for the bill that revives the previous FCC's broadband privacy rules for Maine, she noted. “Governor Mills should sign it without delay.” The Maine legislature did what Congress "has thus far failed to do and voted to put consumer privacy before corporate profits,” said American Civil Liberties Union Maine Advocacy Director Oamshri Amarasingham in a statement. The bill shows "the crucial role states play in protecting consumer privacy, and the need for Congress to safeguard this role from industry efforts to preempt state privacy laws with federal privacy legislation," added ACLU Senior Legislative Counsel Neema Singh Guliani. The governor has 10 days not including Sunday to veto or sign the bill, or it will become law without her signature. Consolidated Communications said it protects customers’ private information. The ILEC's "privacy policy prohibits the sale of customer information without permission," said Vice President-Regulatory Michael Shultz in a statement. The FCC declined comment. Wednesday in California, the Assembly passed more privacy bills following up on last year’s California Consumer Privacy Act. Members voted 77-0 for AB-25 to edit CCPA’s definition of “consumer” to carve out personal data that businesses collect from job applicants, employers, contractors and agents; 46-19 to pass AB-1130 to add biometric and other data to the definition of “personal information” in California’s data-breach notification law; and 47-17 for AB-1416 to clarify CCPA doesn't restrict business' ability to comply with rules or regulations and, specifically, to collect, use, retain, sell, authenticate or disclose personal information for uses including legal claims, fraud prevention and security. The Assembly passed four other privacy bills Tuesday (see 1905290016). Meanwhile, federal privacy legislation that “preempts stronger state laws would only benefit” the tech industry “at the expense of the public,” nine consumer groups told Congress Thursday. They are Berkeley Media Studies Group, Campaign for a Commercial-Free Childhood, Center for Digital Democracy, Color of Change, Consumer Action, Consumer Federation of America, Fight for the Future, Public Citizen and U.S. Public Interest Research Group. Pre-emption puts at risk online privacy and security laws in throughout the U.S., they said.