The "Community Privacy and Safety Act" introduces new regulations for online service providers in New Mexico, focusing on the protection of consumer data. The bill requires covered entities to set default privacy settings that prioritize consumer privacy, provide clear privacy information, and implement strong data security measures. It includes specific protections for minors, such as disabling contact from unknown users and limiting notifications during certain hours. Additionally, the act prohibits practices like default consumer profiling and the processing of sensitive personal data without explicit necessity.

The legislation enhances consumer rights by allowing individuals to opt-out of excessive data processing and prohibits deceptive design practices that manipulate consumers into sharing more personal data than necessary. It grants consumers the right to access, correct, and delete their personal data, with covered entities required to comply within thirty days. The bill also establishes responsibilities for service providers processing data on behalf of covered entities, mandates written agreements for compliance, and prohibits retaliation against consumers exercising their rights. Penalties for violations include civil fines, and the act allows for the establishment of rules by the state department of justice to ensure effective implementation.