This bill introduces Chapter 507-I to existing law, which establishes comprehensive protections for personal information, defining key terms such as "personal information," "government entity," and "third-party providers of information and services." It emphasizes individuals' reasonable expectation of privacy regarding their non-public personal information and prohibits third-party providers from disclosing such information without explicit consent, except in specific situations like emergencies or legal obligations. The bill also amends RSA 359-N:2, I(c) to stipulate that the collection, retention, or provision of biometric data must comply with the new chapter or existing law.

Furthermore, the bill outlines penalties for violations, including civil actions by the attorney general, while clarifying that no private right of action is created under this chapter. The act is set to take effect on January 1, 2026, and is anticipated to have indeterminable fiscal impacts on state and local governments, particularly regarding judicial and correctional expenditures. The fiscal note indicates no expected revenue from the bill, with potential costs related to prosecution, incarceration, probation, and parole. Various agencies, including the Judicial Branch and the Department of Justice, have reviewed the bill to evaluate its implications on the legal framework and public resources.

Statutes affected:
Introduced: 359-N:2
As Amended by the House: 359-N:2