Connecticut privacy bill passes Senate

Julie Rubash, Chief Privacy Counsel
April 25, 2022

Want to receive these weekly privacy recaps in your inbox? Sign up for our privacy newsletter, A Little Privacy, Please.


Connecticut Privacy Bill Passes Senate

Connecticut SB 6, which closely resembles the Colorado Privacy Act, was unanimously passed by the Senate after an amendment making changes to the applicability threshold and the age of children’s data (from 18 to 16) and removing authentication requirements for opt-out requests.

The bill can go straight to a House floor vote, since it has already passed out of a joint committee, and has been added to the House Calendar for consideration.

The Connecticut legislative session adjourns May 4. 


If SB 6 passes, the Connecticut Act Concerning Personal Data Privacy and Online Monitoring would become effective July 1, 2023, the same day as the Colorado Privacy Act. 

Two Notable California Amendments Pass out of Committee

SB 1059 (requiring that businesses without a direct consumer relationship that “share” personal data with third parties register as data brokers) and  AB 2273 (creating an Age Appropriate Design Code for businesses offering goods, services or products likely to be accessed by children under 18) passed out of the Senate Judiciary Committee and Privacy and Consumer Protection Committee, respectively.

Both bills have been referred to the Committee on Appropriations.


Both of these bills, if enacted would be impactful to the digital advertising industry.

SB 1059 would mean that businesses that receive personal data indirectly (without a direct consumer relationship) and share the data downstream to third parties for cross context behavioral advertising purposes would have to register as data brokers, even if the data isn’t sold for monetary or other consideration.

Interestingly, businesses registered as data brokers are currently exempt from the obligation to provide a notice at collection as long as such notices are included in their data broker registration, so this amendment could reduce the number of entities with an obligation to provide a privacy notice at the point of collection.

AB 2273 would, among other obligations, require businesses offering services likely to be accessed by children under 18 to establish the age of all users and refrain from collecting or using personal data from those under 18 unless necessary to provide the service. 

BBB Publishes TeenAge Privacy Program Roadmap

The Better Business Bureau’s Center for Industry Self-Regulation launched a TeenAge Privacy Program (TAPP) Roadmap to help companies collect and manage teenage data responsibly.

Among other recommendations, the program encourages businesses providing products or services appealing to teen audiences to establish the age of users and obtain opt-in consent before engaging in behavioral advertising to known teens, along with conspicuous disclosures that targeted ads may be shown and an explanation of tracking technologies.


An impetus for the program was a study conducted by BBB National Programs finding that 82% of teen apps were ad supported compared to only 52% of general apps.

Based on a determination that identifying a “teen space” is much more complex than identifying child-directed content, the BBB determined that, rather than simply raising COPPA’s age, a more nuanced approach is necessary, including by ensuring businesses have the tools and support necessary to sustain responsible data collection.  

U.S. Chamber of Commerce Urges Scrutiny of FTC Nominee

In a letter to Senators Schumer and McConnell, the U.S. Chamber of Commerce urged obtaining clarification from FTC nominee Alvaro Bedoya regarding his positions on transparency, due process and agency authority before consideration of his nomination.

The letter expressed concern with the FTC’s “troubling conduct” under Chair Lena Kahn, including its consideration of bans on personalized advertising, among other initiatives, and stressed that, as the fifth member of the Commission, Bedoya’s vote would break potential deadlocks over changes in policy. 


Alvaro’s nomination to the Federal Trade Commission has experienced several delays since President Biden initially announced the nomination in September 2021.

The FTC has functioned with only four commissioners since Rohit Chopra was confirmed as the Director of the Consumer Financial Protection Bureau in 2021, and attempts to continue without a tie-breaking vote have been strictly partisan. 

Cloture was filed earlier this month, though, to end debate and force a vote on the Senate floor.  

U.S. and 6 Other Economies Create Global Cross-Border Privacy Rules Forum

The United States, with Canada, Japan, the Republic of Korea, the Philippines, Singapore and Chinese Taipei, issued a declaration establishing a Global Cross Border Privacy Rules Forum to facilitate data protection and free flow of data, disseminate best practices for data protection, privacy and interoperability, and pursue interoperability with other data protection and privacy frameworks.

The Global CBPR Forum will meet at least biannually.


The APEC Cross-Border Privacy Rules (CBPR) System is a government-backed data privacy certification that imposes and enforces certain personal data protections and practices on certified data controllers, and the Privacy Recognition for Processors (PRP) system is a similar system designed for organizations that process data on behalf of data controllers. According to the Forum FAQ, the Forum intends to establish an international certification system based on the APEC CBPR  and PRP systems, but the system will be independently administered and separate from the APEC Systems. 

Want more of the privacy highlights that matter to adtech and martech? Sign up for our privacy newsletter, A Little Privacy, Please.

A Little Privacy, Please weekly recaps are provided for general, informational purposes only, do not constitute legal advice, and should not be relied upon for legal decision-making. Please consult an attorney to determine how legal updates may impact you or your business.

Latest Blog Posts

Revised Version of APRA Advances Out of U.S. House Subcommittee

May 28, 2024

New Version of the American Privacy Rights Act of...

Exciting New Diagnose Features: New Filters and More Vendor Details

May 21, 2024

New features to help you with your vendor governance,...

Minnesota Sends Comprehensive Privacy Law to Governor

May 20, 2024

Minnesota Sends Privacy Law to Governor. One day before the...

Latest White Papers

Benchmark Report: US Privacy Compliance

August 19, 2022

The current state of publisher compliance with CCPA, and...

Ebook: A Publisher’s Guide to Vendor List Curation

December 16, 2021

How to review your vendor list to mitigate compliance...

Keep in touch

Sign up for our newsletter to keep up with privacy news for adtech and martech,
plus occasional company news.

Let's explore what we can do together.

We'll be in touch within 48 hours

[contact-form-7 id="593" title="Schedule a Demo"]