Sponsors (4)
The bill centralizes data-broker transparency and a single deletion mechanism to give consumers more control and oversight, but it increases centralization-related breach risk, compliance costs that may be passed to users, and potential preemption of stronger state privacy protections.
Individuals (consumers, unlisted persons) can submit a single deletion request to have all registered data brokers remove their personal data, reducing unwanted tracking and exposure.
Consumers and researchers gain a public, machine-readable registry of data brokers, contact information, and practices, increasing transparency and making it easier to identify who holds personal data.
Consumers benefit from greater oversight because data brokers must undergo third-party audits every three years and report results, improving accountability and compliance visibility.
Individuals face heightened risk that the centralized collection of personal identifiers by the FTC could be targeted by cyberattacks or mishandled, potentially exposing sensitive data.
Consumers and small businesses may bear higher costs because data brokers will incur compliance expenses (registration, monthly checks, audits, fees) that could be passed through to clients.
State governments and residents could face reduced protections or legal uncertainty because the bill’s preemption clause may limit stronger state privacy laws unless the FTC permits them.
Based on analysis of 2 sections of legislative text.
Requires data brokers to register with the FTC and creates a centralized system allowing one request to delete persistent identifiers and stop future data collection by registered brokers.
Introduced April 3, 2025 by Bill Cassidy · Last progress April 3, 2025
Requires companies that buy, sell, or collect personal data for resale (data brokers) to register with the Federal Trade Commission and supply identifying and operational details, and directs the FTC to build a centralized system that lets a person submit one request to have data brokers delete persistent identifiers and stop future collection. The bill also requires the FTC to publish registrant information in a downloadable, machine‑readable format unless disclosure would harm public safety, and to protect trade secrets and certain confidential information. The FTC must write the implementing rules within one year, and data brokers must register within 18 months of enactment and annually after that. The text provided is truncated near the end of a procedural provision for data brokers, so one specific regulatory detail could not be summarized here.