The proposed bill, H. 3401, aims to enhance technology transparency and consumer rights regarding personal data in South Carolina by adding Chapter 31 to Title 37 of the South Carolina Code of Laws. It establishes definitions for key terms related to data processing, such as "controller," "processor," "personal data," and "sensitive data." The bill prohibits governmental entities from requesting the removal of content or accounts from social media platforms, except in specific situations like routine account management or criminal investigations. It also outlines consumer rights, including access to and control over personal data, and declares contracts that waive these rights as void. Additionally, the bill mandates that controllers implement processes for consumers to submit data requests and provide clear privacy notices.

The legislation sets forth comprehensive regulations for the processing and sale of personal data, detailing the rights of consumers to access, correct, delete, and opt out of certain data processing activities. It specifies exemptions for certain entities and types of data, such as protected health information. The bill requires controllers to comply with consumer requests within designated timeframes and to document data protection assessments, particularly for sensitive data. It introduces penalties for violations, including potential tripling of civil penalties in cases involving children's data, and empowers the Attorney General to enforce these provisions. The bill also clarifies the responsibilities of the Office of Attorney General in implementing standards for consumer data privacy and allows for collaboration with other enforcement authorities, ensuring that consumer data rights are robustly protected in South Carolina.