Sec. 12. Prohibited acts
231 words·~1 min read·
/bill/117/s/2134/is/section-12·A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
It shall be unlawful for— any data aggregator or service provider to commit any act or omission in violation of this Act, Federal privacy law, or any rule or order issued by the Agency under this Act; any data aggregator or service provider to commit any unlawful, unfair, deceptive, abusive, or discriminatory acts or practices in connection with the collection, processing, or sharing of personal data; any data aggregator or service provider to fail or refuse as required by this Act or Federal privacy law, or any rule or order issued by the Agency thereunder— to permit access to or copying of records; to establish or maintain records; or to make reports or provide information to the Agency; any person to knowingly or recklessly provide substantial assistance to a data aggregator or service provider in violation of this Act or Federal privacy law, or any rule or order issued thereunder, and notwithstanding any provision of this Act, the provider of such substantial assistance shall be deemed to be in violation of this Act or Federal privacy law to the same extent as the person to whom substantial assistance is provided; or any person, data aggregator, or service provider to re-identify, or attempt to re-identify, an individual, household, or device from anonymized data, unless such person, data aggregator, or service provider is conducting authorized testing to prove personal data has been anonymized.