United States of America: Privacy Protection Act (A6309) was introduced to General Assembly

On 2 January 2026, the Privacy Protection Act (A6309) was introduced to the General Assembly to prohibit the collection and sharing of specific personal information by government entities and health care facilities. The Bill would restrict government entities and healthcare providers from collecting personal data such as immigration status or social security numbers unless required for assessing eligibility for public benefits or professional qualifications. It would establish that records collected for these purposes are not public records and may not be disclosed unless required to administer benefits, services, programs, or professional qualifications and licensure, required by subpoena, court order, or judicial warrant. Further, government entities would be prohibited from selling or sharing automated license plate recognition information except to other government bodies as permitted by law or under a judicial warrant.