Bill No. 546, introduced by Senator Howard and Representative West, aims to enhance consumer rights regarding data privacy in Oklahoma by establishing a comprehensive framework for data processing. The bill defines key terms such as "affiliate," "biometric data," and "sensitive data," and grants consumers rights to access, correct, delete, and obtain copies of their personal data. It also allows consumers to opt out of targeted advertising and profiling, while requiring data controllers to respond to consumer requests within 45 days. Notably, any contractual provisions that waive or limit consumer rights under this act are deemed void and unenforceable, reinforcing consumer protections.

Additionally, the bill outlines specific responsibilities for data controllers, including the need to create secure methods for consumers to exercise their rights and to limit data collection to what is necessary. It mandates data protection assessments for certain processing activities and grants the Attorney General exclusive enforcement authority, with civil penalties for violations. The bill also clarifies that compliance with the Children's Online Privacy Protection Act (COPPA) satisfies parental consent requirements under this act and specifies exemptions for certain data processing activities. The provisions of the act will take effect on July 1, 2026, and apply primarily to businesses operating in Oklahoma that process significant amounts of personal data, with certain entities exempt from its requirements.