The Massachusetts Data Privacy Act, proposed by Senator Michael O. Moore, aims to strengthen personal data protection for residents by introducing Chapter 93M to the General Laws. This chapter includes comprehensive definitions related to data privacy, such as "covered data," "covered entity," and "sensitive covered data," and establishes guidelines for the collection, processing, and transfer of personal information. A key aspect of the bill is the requirement for explicit consent from individuals before their data can be processed, along with the responsibilities of entities handling personal data to inform individuals about the purposes of data collection. The bill also delineates criteria for "covered entities," excluding certain small businesses and government agencies, and sets conditions for handling sensitive data.

Additionally, the bill introduces Chapter 93N, which focuses on privacy protections for location information derived from electronic devices. It mandates that covered entities can only collect or process location information with explicit consent and outlines permissible purposes for such data collection. The legislation emphasizes the importance of transparency, requiring accessible privacy policies and clear consent requests. It also empowers the Attorney General to enforce compliance and allows individuals to bring civil actions against entities for violations. Overall, the Massachusetts Data Privacy Act seeks to create a more transparent and secure environment for data privacy, enhancing consumer rights and protections in the Commonwealth.