Proposed North Dakota Law Would Require Consent for User Data Sales, Authorize Private Right of Action with Steep Minimum Damages
Privacy, Cyber & AI Decoded Alert | 1 min read
Feb 3, 2021
A proposed bill in the North Dakota House of Representatives would prohibit the sale by a covered entity of a user's protected data without consent. The bill, which was sponsored by four Republican state representatives, has been referred to the Industry, Business and Labor Committee.
The bill defines "covered entity" as "a partnership, limited liability company, corporation, or other legal entity, including a social media company, that collects and sells a user's protected data and does business in the state."
A user's "protected data" is broadly defined to include:
- Location
- Screen name
- Website address
- Interests
- Hometown
- Professional history
- Friends or followers
- Shopping habits
- Test scores
- Health conditions
- Insurance
- Internet browsing history
- Purchases or purchase history
- Number of friends or followers
- Alcohol, tobacco, or drug usage
- Gambling habits
- Residence details
- Credit
- Insurance policies
- Media usage
- Relationship status
Covered entities would be prohibited from selling a user's protected data unless the user opts-in to allow the sale. The covered entity would be required to provide the user with the opportunity to affirmatively click or select approval of the sale for each type of protected data at issue. The protected data collected and sold by the covered entity must be described "clearly in plain language" to the user.
Notably, the proposed law contains a private right of action, expressly authorizing class action lawsuits. The bill provides that a "covered entity that violates this chapter is civilly liable to the user for a minimum of ten thousand dollars [emphasis added]." In the event of knowing violations, the minimum damages amount to the user would be $100,000. Recovery of attorney's fees is authorized for any violation.
Unsurprisingly, advertising trade groups are seeking revisions to the bill, raising particular concern over the opt-in consent requirement and private right of action.
Related Capabilities
Featured Insights
Insights for Employers Alert
Jun 9, 2026
A Win for Employers: Federal District Court Finds $100,000 H-1B Visa Petition Fee is Unlawful
Press Release
Jun 9, 2026
Calvin Edwards Honored With 2026 Rising Star Award by the Black Men Lawyers’ Association
Insights for Employers Alert
Jun 9, 2026
A Win for Employers: Federal District Court Finds $100,000 H-1B Visa Petition Fee is Unlawful
Press Release
Jun 9, 2026
Calvin Edwards Honored With 2026 Rising Star Award by the Black Men Lawyers’ Association
Webinar
Jun 9, 2026
John DeLascio Speaks on How Social Inflation is Reshaping Insurance Risk
Consumer Crossroads: Where Financial Services and Litigation Intersect
Jun 8, 2026
Court Distinguishes Between Clickwrap and Browsewrap Arbitration Agreements
Webinar
Jun 8, 2026
Aimee Delaney and Jason Oliveri Speak on Workplace Generative AI Usage
Insights for Insurers Alert
Jun 8, 2026
New York’s Sweeping Motor Vehicle Tort Law Reforms: More Than Meets the Eye
Privacy, Cyber & AI Decoded Alert
Jun 5, 2026
AI Governance Expectations on the Rise for Insurers Amid New Regulatory Activity
Press Release
Jun 4, 2026
Hinshaw Recognized Nationally in 2026 Chambers USA Directory
Press Release
Jun 3, 2026
