Bill > HB2969

Introduced Session

An Act relating to privacy of computer data; enacting the Oklahoma Computer Data Privacy Act; defining terms; providing that this act applies to certain businesses that collect consumers' personal information; providing exemptions; prescribing compliance with other laws and legal proceedings; requiring this act to be liberally construed to align its effects with other laws relating to privacy and protection of personal information; providing that when in conflict federal law controls; providing that when in conflict with state law the law providing the greatest privacy or protection to consumers controls; providing for preemption of local law; providing consumers the right to request disclosure of certain information; providing consumers the right to request the deletion of their information; providing consumers the right to request and receive a disclosure of personal information sold or disclosed; providing consumers the right to opt in and out of the sale of their personal information; finding that individuals in Oklahoma have a right to prohibit retention, use or disclosure of their own personal data; finding that Oklahomans have been exploited for monetary gain and manipulation by private ventures in utilization of private data; finding that the protection of individuals' data is a core governmental function in order to protect the health, safety and welfare of individuals in Oklahoma; finding that this act is the least restrictive alternative necessary to protect individuals and their rights; finding that the use of a strictly "opt-out" method for data privacy is ineffectual and poses an immediate risk to health, safety and welfare of Oklahomans; providing that contracts or other agreements purporting to waive or limit a right, remedy or means of enforcement are contrary to public policy and are void; requiring that businesses collecting consumer data information must inform the consumer of each category of personal information collected and for which purpose the information will be used, and obtain the consumer's explicit consent; requiring businesses that collect, sell, or for a business purpose disclose consumers' personal information to provide an online privacy policy or a notice of the business's policies; requiring businesses to designate and make available methods for submitting a verifiable consumer request for information that is required to be disclosed or deleted; requiring businesses receiving consumer requests to promptly take steps to reasonably verify the identity of the requesting consumers; requiring businesses that receive a verifiable consumer request within a certain timeframe disclose the required information; requiring businesses that use de- identified information to not re-identify or attempt to re-identify a consumer who is the subject of de- identified information without obtaining permission; providing that businesses may not discriminate against consumers for exercising their rights; providing that businesses may offer a financial incentive to consumers for the collection, sale or disclosure of their personal information; providing that businesses may not divide a single transaction into more than one transaction with the intent to avoid the requirements of this act; requiring businesses to ensure employees handling consumer inquiries about privacy practices are informed of certain rights, requirements and information; providing civil penalties; authorizing the Oklahoma Attorney General to take certain actions against violating businesses; authorizing the Attorney General to recover reasonable expenses incurred in obtaining injunctive relief or civil penalties; directing the Attorney General to deposit collected penalties in a dedicated account in the General Revenue Fund; providing certain immunities; providing protections to service providers; providing for codification; and providing an effective date.

AI Summary

Committee Categories

Jacob Merrick (R)*,  Collin Walke (D)*,  Kevin McDugle (R),  Lonnie Sims (R),  Josh West (R), 

Second Reading referred to Judiciary Committee then to Appropriations Committee (on 03/29/2022)

Official Document