[{"_1":2,"_88":-5,"_89":-5},"loaderData",{"_3":4,"_26":27},"root",{"_5":6,"_17":10,"_18":19,"_20":21,"_22":10,"_23":-5,"_24":-5,"_25":10},"user",{"_7":8,"_9":10,"_11":10,"_12":-5,"_13":-5,"_14":15,"_16":-5},"roles",[],"isAuthenticated",false,"isPremium","planName","subscriptionStatus","featureFlags",{},"insightsBudget","isDevelopmentHost","userPreferences",{},"recaptchaSiteKey","6LcvOJcUAAAAAHsB-gPGfGktcRlKpH7OTIU_dMTD","isImpersonating","impersonation","affiliateStatus","isFreedomPortal","routes/v2/article/layout",{"_28":29,"_30":31},"notFound",true,"relatedArticles",[32,76],{"_33":34,"_35":36,"_37":38,"_39":40,"_41":42,"_43":44,"_45":46,"_47":48,"_49":50,"_51":52,"_53":54,"_55":56,"_57":58,"_59":60,"_61":62,"_63":64,"_65":66,"_67":68,"_69":70,"_71":72,"_73":74,"_75":74},"mediaId",6122640,"mediaKeyId","2694487-a03eeda76ce5eab5d9c183f97cdb3697","parentId",2694487,"title","Committee hears wide-ranging proposals to tighten Oregon Consumer Privacy Act; debate centers on geolocation bans, youth protections and implementation timeline","audioSeconds",2310,"startMs",1013000,"endMs",3323000,"viewUrl","/Search/View?dp=1&key=2694487-a03eeda76ce5eab5d9c183f97cdb3697&start=1013&end=3323","thumbnailUrl","https://assets.pipeline.soar.com/2694487-a03eeda76ce5eab5d9c183f97cdb3697/thumbnail_1013000.jpg","articleUrl","/articles/6122640/Oregon/Committee-hears-wide-ranging-proposals-to-tighten-Oregon-Consumer-Privacy-Act-debate-centers-on-geolocation-bans-youth-protections-and-implementation-timeline","mediaUrl","https://secure.pipeline.soar.com/6122640-ae4ac4258d9196772e16d191d3ad3d89/orig.mp4?Expires=1770500885&Signature=n9kHSvz2iFqvn6qqcfBNVNsktKUMB7kM2qmoyeuX-yypFwgvl1-dOe492~VjaqXea~WDE-nop2-mLQA1qUGUAtBuc4aX6ZSlIAAtf8cPPdJk8kx~8RYWA8lIKJnqXCdhU0CtLMOaI8rG6PTNnS4ONtsYYxr4nmYANOWLO83hNrQn3szIS9BSapeGnYYgieryw2o8Y3xVZ~0R1-5zlCFUsyhovoWwp64MaraHpXTXgi9CWPgY1oUt1xPZt00pJqn9HDV7-44EZ1zXAJvm1gRrpSRzvzD~J5SV-1wliRFBD6hke9CbOqntr7EElTMZRdxuQqV1TQEnME4w7LYjox4kng__&Key-Pair-Id=KUT5TJCACFTXG","author","Oregon State Legislature","date","2025-03-18T00:00:00Z","article","The House Committee on Commerce and Consumer Protection held a public hearing March 18 on House Bill 3,899, a bill that would amend the Oregon Consumer Privacy Act (OCPA) to reduce thresholds that trigger regulation, prohibit sale of sensitive data including precise geolocation, and strengthen data-minimization requirements.

Representative Willie Choetzen, a sponsor of HB 3,899, told the committee the measure has three main goals: ban the private sale of precise geolocation data, prohibit the private sale of personal data for children 15 and younger, and tighten data-minimization rules so companies only retain data necessary to provide requested services. Choetzen said the bill’s forthcoming dash-1 amendment language has been shared with advocates and opponents and that the measure aims to close known gaps in the 2023 law.

Supporters, including Oregon Consumer Justice, Consumer Reports, the Electronic Privacy Information Center (EPIC), and PIRG, argued the marketplace for sensitive consumer information is causing tangible harms. Chris Coughlin and Hannah Osman of Oregon Consumer Justice testified that vehicles and apps collect and sometimes sell highly personal data with limited consumer transparency. Matt Schwartz of Consumer Reports cited a General Motors case reported in the press in which precise driving data was shared and used by insurers. Katrina Fitzgerald of EPIC and Ellen Hengensbach of PIRG emphasized that precise geolocation can be re-identified and that preventing its sale would limit risks such as stalking, price discrimination and post-sale abuse.

Choetzen said the bill lowers the state-coverage threshold (the measure discussed reducing the threshold from 100,000 to 35,000 consumers in Oregon when certain provisions apply) to capture more businesses and that it would prohibit controllers from selling sensitive data or processing it for targeting or profiling that produces significant legal effects. He framed the change as urgent, saying inaction would let the status quo—companies selling location and youth data—continue and argued other states have moved to strengthen protections.

Opponents including the Oregon Business and Industry association, the Technology Association of Oregon (TAO), TechNet and the State Privacy and Security Coalition raised process and technical concerns. Witnesses said Senate Bill 619 (the 2023 OCPA) resulted from a multi-year, multi-stakeholder process and only recently took effect in July 2024; they urged more stakeholder negotiation before reopening foundational elements. Industry witnesses warned the dash-1 amendment’s proposed definitions (including a broad “transfer” concept and a novel data-minimization standard) could be legally and technically unclear, impose heavy compliance costs—particularly on small businesses—and conflict with parts of OCPA that have not yet come online (such as the universal opt-out mechanism).

Representatives of Daimler Truck and other trade associations also emphasized implementation burdens and urged carve-outs for commercial vehicle telematics and for services that rely on location data for public-health, emergency-notification or other legitimate public-interest uses. Industry witnesses said they are willing to participate in work groups but asked for more time for outreach and technical design.

Committee members asked about stakeholder outreach and whether a ban on the private sale of geolocation data would block legitimate public-interest uses. Supporters said the bill bans private sale but would not bar collection or lawful uses such as emergency alerts; opponents said definitions and carve-outs matter and urged a deliberative process to avoid unintended consequences.

The hearing included testimony from out-of-state legislators: Montana State Senator Daniel Zolnicoff described Montana’s recent consumer data law and urged Oregon to consider stronger protections. After several panels of proponents and opponents, the committee closed public testimony without a vote. The sponsor and multiple witnesses signaled willingness to continue negotiations on dash-1 amendment language; no committee action was taken at the hearing.","mediaType","Video","parentTitle","House Committee On Commerce and Consumer Protection 03/18/2025 1:00 PM","oneSentenceSummary","The House Committee on Commerce and Consumer Protection held a public hearing March 18 on House Bill 3,899, which would lower applicability thresholds for the Oregon Consumer Privacy Act, ban private sale of precise geolocation data, and strengthen data-minimization and youth-data protections.","taxTitle","Consumer Protection, House of Representatives, Committees, Legislative, Oregon","taxId",78404,"location","Oregon","headline","","shortSummary",{"_33":77,"_35":36,"_37":38,"_39":78,"_41":79,"_43":80,"_45":81,"_47":82,"_49":83,"_51":84,"_53":85,"_55":56,"_57":58,"_59":86,"_61":62,"_63":64,"_65":87,"_67":68,"_69":70,"_71":72,"_73":74,"_75":74},6122645,"Oregon bill would extend Consumer Privacy Act to motor-vehicle makers; exempts commercial trucks in amendment",270,48000,318000,"/Search/View?dp=1&key=2694487-a03eeda76ce5eab5d9c183f97cdb3697&start=48&end=318","https://assets.pipeline.soar.com/2694487-a03eeda76ce5eab5d9c183f97cdb3697/thumbnail_48000.jpg","/articles/6122645/Oregon/Oregon-bill-would-extend-Consumer-Privacy-Act-to-motor-vehicle-makers-exempts-commercial-trucks-in-amendment","https://secure.pipeline.soar.com/6122645-f3be36e0ac7764d135ba7e9fc12d27a5/orig.mp4?Expires=1770500885&Signature=BqVvXLNkaU5ygRj9WAoeR6yC-HXbbydJ1DUL~iMmE-JQTx~ThPaVNIl8Be~B8FKJRXBcChfZipXa8za4zfud5a-txoVm69hzAqV3~M-MG~3OcmrLrvRmkJ1iWEvRlVq15LXH10LCw9377dFi-mNZ1L7MqEU8j~ybH6fnx8tiOi8Zdv-RsaPhPhqRA9--9cs2kbp1wiVq9geOIAi-SvawlrjDNj3plnaMeDURMqisJJdxcYymmWFV4l1R5L2pA~WZCzC7y2A0Fa-sWN92LRB1yzEPzwk2Zhv---5gzxZt9wgiocLNvZOyW19CgAv9zb9bMhJjGztJ2Wf3~mFHXW1GUg__&Key-Pair-Id=KUT5TJCACFTXG","House Committee on Commerce and Consumer Protection members opened a work session March 18 on House Bill 3,875, a proposal to clarify that the Oregon Consumer Privacy Act (OCPA) applies to motor vehicle manufacturers and their affiliates that control or process personal data from the use of a motor vehicle.

The bill’s sponsor, Representative David Gomberg, said the change would give “every Oregonian that buys a car” the ability to opt out of car-collected personal and sensitive data under the OCPA. He told the committee that “cars are a privacy nightmare” and quoted a Mozilla research project alleging popular brands collect deeply personal data via sensors, cameras, microphones and telematics.

The measure matters because current OCPA coverage depends on statutory thresholds tied to data-sales revenue and the number of Oregonians whose data a business controls. Gomberg said the thresholds—either that a business derives 25% of annual gross revenue from sale of personal data and collects the personal data of at least 25,000 Oregonians, or collects data on at least 100,000 Oregonians—create gaps that could let smaller or niche vehicle manufacturers avoid the law. His dash-1 amendment, he said, would exempt “commercial vehicles” such as trucks from the bill.

Committee staff member Mr. Henry read the bill summary to the committee, describing that HB 3,875 “establishes that the Oregon Consumer Privacy Act applies to motor vehicle manufacturers and any affiliates that control or process personal data from the use of motor vehicle or any component of a motor vehicle.” The summary also noted the bill’s effective date would be “the 91st day following adjournment/signing day.”

Supporters who testified said they want clearer consumer protections when buying a car. Chris Coughlin of Oregon Consumer Justice said modern vehicles “function as computers on wheels, continuously collecting and transmitting personal data often to third parties with little transparency or consumer control,” and that clarifying coverage will let consumers opt out more easily.

Representing an industry perspective, JL Wilson of Daimler Truck told the committee that Daimler’s trucks “come from the factory equipped with a telematics system that captures a significant volume of information” used for service and diagnostics. Wilson said customers opt into Daimler’s paid portal service (Detroit Connect) and that excluding commercial vehicles from the bill is important because those products are sold to businesses rather than individual consumers.

Committee members asked clarifying questions about the scope of the commercial-vehicle exemption and whether the bill would change existing OCPA thresholds; the sponsor and staff said the bill’s primary purpose is to make clear that vehicle manufacturers fall within OCPA when they meet its criteria so consumers know whether they can exercise existing OCPA rights. Committee staff and witnesses indicated the dash-1 amendment is intended to carve out commercial truck manufacturers from the bill’s coverage.

The committee closed public testimony on HB 3,875 after the three witnesses and did not take a vote during the hearing. No formal legislative action or recorded vote occurred in the work session; the item remained at the public-hearing/work-session stage.

Looking ahead, the committee will receive the sponsor’s dash-1 amendment language and industry advocates said they are working with the sponsor on the commercial-vehicle language. The bill, as presented at the hearing, does not change OCPA’s thresholds; it clarifies that vehicle manufacturers are subject to the act when they otherwise meet the law’s criteria.","House Committee on Commerce and Consumer Protection members opened a work session March 18 on House Bill 3,875, a proposal to clarify that the Oregon Consumer Privacy Act applies to motor vehicle manufacturers and their affiliates that control or process personal data from the use of a motor vehicle.","actionData","errors"]

Article not found

Committee hears wide-ranging proposals to tighten Oregon Consumer Privacy Act; debate centers on geolocation bans, youth protections and implementation timeline

Oregon bill would extend Consumer Privacy Act to motor-vehicle makers; exempts commercial trucks in amendment