Proposed North Dakota Law Would Require Consent for User Data Sales, Authorize Private Right of Action with Steep Minimum Damages
Privacy, Cyber & AI Decoded Alert | 1 min read
Feb 3, 2021
A proposed bill in the North Dakota House of Representatives would prohibit the sale by a covered entity of a user's protected data without consent. The bill, which was sponsored by four Republican state representatives, has been referred to the Industry, Business and Labor Committee.
The bill defines "covered entity" as "a partnership, limited liability company, corporation, or other legal entity, including a social media company, that collects and sells a user's protected data and does business in the state."
A user's "protected data" is broadly defined to include:
- Location
- Screen name
- Website address
- Interests
- Hometown
- Professional history
- Friends or followers
- Shopping habits
- Test scores
- Health conditions
- Insurance
- Internet browsing history
- Purchases or purchase history
- Number of friends or followers
- Alcohol, tobacco, or drug usage
- Gambling habits
- Residence details
- Credit
- Insurance policies
- Media usage
- Relationship status
Covered entities would be prohibited from selling a user's protected data unless the user opts-in to allow the sale. The covered entity would be required to provide the user with the opportunity to affirmatively click or select approval of the sale for each type of protected data at issue. The protected data collected and sold by the covered entity must be described "clearly in plain language" to the user.
Notably, the proposed law contains a private right of action, expressly authorizing class action lawsuits. The bill provides that a "covered entity that violates this chapter is civilly liable to the user for a minimum of ten thousand dollars [emphasis added]." In the event of knowing violations, the minimum damages amount to the user would be $100,000. Recovery of attorney's fees is authorized for any violation.
Unsurprisingly, advertising trade groups are seeking revisions to the bill, raising particular concern over the opt-in consent requirement and private right of action.
Related Capabilities
Featured Insights
Press Release
May 20, 2026
Hinshaw Releases America 250 Book Exploring Insurance's Role in Building the United States
Consumer Crossroads: Where Financial Services and Litigation Intersect
May 19, 2026
OCC's Final Escrow-Interest Preemption Rules Bolster the Second Circuit’s Cantero Decision
Webinar
May 19, 2026
Scott Seaman Speaks on Making Decisions in Difficult Risk Environments
Press Release
May 20, 2026
Hinshaw Releases America 250 Book Exploring Insurance's Role in Building the United States
Consumer Crossroads: Where Financial Services and Litigation Intersect
May 19, 2026
OCC's Final Escrow-Interest Preemption Rules Bolster the Second Circuit’s Cantero Decision
Webinar
May 19, 2026
Scott Seaman Speaks on Making Decisions in Difficult Risk Environments
Consumer Crossroads: Where Financial Services and Litigation Intersect
May 14, 2026
Key Takeaways from the 2026 MBA Legal Issues and Regulatory Compliance Conference
Consumer Crossroads: Where Financial Services and Litigation Intersect
May 14, 2026
SCOTUS Confirms: Federal Courts Retain Power to Affirm or Vacate an Arbitration Decision
Event
May 14-15, 2026
In The News
May 13, 2026
Hinshaw Contributes Chapters to “Wrongful-Death and Survival Actions” IICLE Handbook
In The News
May 12, 2026
Hinshaw GC Steve Puiszis Discusses Protecting Attorney-Client Privilege in an AI Age
Event
May 12-13, 2026
Mitchel Chargo Speaks on the Rapidly Evolving Cannabis Industry
Consumer Crossroads: Where Financial Services and Litigation Intersect
May 11, 2026
Tennessee Reaches Settlement with Mariner in Multistate UDAAP Enforcement Action
Press Release
May 11, 2026
Ali Degan Elected to the Fellows of the American Bar Foundation
Press Release
May 11, 2026
John Weedon Re-Elected to the Jacksonville Bar Association’s Board of Governors in 2026
