Chapter 325M — Minnesota Consumer Data Privacy Act

325M.01 Definitions Defines key terms for the Internet privacy chapter, including consumer, Internet service provider, ordinary course of … 325M.02 When Disclosure of Personal Information Prohibited Prohibits Internet service providers from disclosing personally identifiable information without consumer consent, with … 325M.03 When Disclosure of Personal Information Required Requires ISPs to provide clear notice about data collection and disclosure practices to consumers. 325M.04 When Disclosure of Personal Information Permitted; Authorization Establishes consumer rights to access and correct personally identifiable information held by ISPs. 325M.05 Security of Information Provides remedies for consumers whose Internet privacy rights have been violated, including actual damages and attorney … 325M.06 Exclusion From Evidence Establishes exceptions allowing ISP disclosure of personal information for law enforcement and legal proceedings. 325M.07 Enforcement; Civil Liability; Defense Addresses interaction between the Internet privacy law and other state and federal privacy statutes. 325M.08 Other Law Provides that Internet privacy protections cannot be waived by contract. 325M.09 Application Grants the attorney general enforcement authority for Internet privacy violations. 325M.10 Citation Addresses data security requirements for ISPs holding consumer information. 325M.11 Definitions Establishes data retention limitations for ISPs. 325M.12 Scope; Exclusions Addresses ISP obligations regarding data breach notifications. 325M.13 Responsibility According to Role Provides protections for consumer data when an ISP ceases operations or transfers its business. 325M.14 Consumer Personal Data Rights Contains provisions for ISP compliance with government data requests. 325M.15 Processing Deidentified Data or Pseudonymous Data Addresses use of consumer data for marketing purposes by ISPs. 325M.16 Responsibilities of Controllers Establishes parental consent requirements before collecting data from minors. 325M.17 Requirements for Small Businesses Provides for periodic review and update of Internet privacy standards. 325M.18 Data Privacy Policies; Data Privacy and Protection Assessments Addresses cross-border data transfer issues for Minnesota consumer information. 325M.19 Limitations and Applicability Contains provisions regarding ISP transparency reports on data disclosures. 325M.20 Attorney General Enforcement Establishes safe harbor provisions for ISPs following approved privacy practices. 325M.21 Preemption of Local Law; Severability Addresses the relationship between Internet privacy and electronic surveillance laws. 325M.30 Citation Establishes the short title of sections 325M.30 to 325M.34 as the Prohibiting Social Media Manipulation Act, enacted in … 325M.31 Definitions Defines key terms for the social media manipulation law, including social media platform, user, algorithmic ranking … 325M.32 Scope; Exclusions Sets the scope of the social media manipulation law, applying it to platforms doing business in Minnesota with more than … 325M.33 Transparency Requirements for Social Media Platforms Requires social media platforms to publicly disclose information about account interaction limits, algorithmic ranking … 325M.335 Mental Health Warning Label Requires social media platforms to display a conspicuous mental health warning label each time a Minnesota user accesses … 325M.34 Enforcement Authority Grants the attorney general authority to investigate and enforce violations of the social media transparency and mental …