The bill, titled the "Rhode Island Data Transparency and Privacy Protection Act," adds a new chapter to Title 6 of the General Laws. The purpose of this chapter is to provide customers with transparency about how their personally identifiable information is shared by businesses and to protect their privacy. The bill defines various terms and includes legislative findings that emphasize the importance of privacy rights and the need for customers to be informed about how their personally identifiable information is collected and shared by businesses.

The bill also includes provisions regarding the disclosure and processing of personal data. It defines terms related to the collection, use, storage, disclosure, analysis, deletion, or modification of personal data. It requires operators of commercial websites or online services to disclose the categories of personally identifiable information they collect and the third parties with whom they may disclose that information. It also clarifies that the collection, storage, or disclosure of information or data is not authorized if it is prohibited, restricted, or regulated by state or federal law. The bill introduces new provisions regarding the processing and protection of personal data by operators, establishes customer rights, and outlines the responsibilities of controllers and processors. The bill also includes provisions for assessments and data protection assessments for processing activities that present a heightened risk of harm to customers.