- within Compliance topic(s)
California has set what may be an emerging trend with AB 45, restricting collection and use of personal information collected near family planning facilities. The law was signed recently by h Governor Newsom and is set to go into effect January 1, 2027. It provides for penalties of $25,000 fine per violation.
Under the law, personal information collected at these locations can be used only for purposes necessary to provide a requested service. For example, checking someone in for their appointment. All other uses are specifically prohibited. This includes not only advertising uses, but also tracking foot traffic. Similarly prohibited is geofencing and selling location data. The law will also prohibit releasing reproductive health records ("research records") to law enforcement or out-of-state entities seeking to enforce laws in other jurisdictions (like abortion bans).
Putting it into Practice: While designed to protect those who are seeking reproductive health services, the law underscores a broader trend. State lawmakers are modifying or adopting laws to address evolving technologies. Especially if they think there is "a high risk to the rights and freedoms of natural persons," to borrow an EU term. This will grow the US patchwork, something multinational companies should keep in mind as they design their compliance programs.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
