Attorney General Ellison strongly opposes federal SECURE Data bill

SECURE Data Act would preempt Minnesota’s stronger data privacy protections contained in the Minnesota Consumer Data Privacy Act

Minnesotans can visit privacymn.com to learn how to use their rights under the Consumer Data Privacy Act

June 3, 2026 (SAINT PAUL) — Minnesota Attorney General Keith Ellison yesterday joined a coalition of 18 Attorneys General and agencies to oppose the Securing and Establishing Consumer Uniform Rights and Enforcement over Data Act (SECURE Data Act), a proposed federal data privacy bill. The SECURE Data Act would jeopardize the protections provided by the state’s 2025 Minnesota Consumer Data Privacy Act, and largely replace Minnesotans’ privacy rights with weaker protections. The coalition sent a letter to Congressional leaders calling on them to reject the SECURE Data Act, and respect privacy protections that Minnesota has already granted to their residents.  

“Minnesotans deserve strong, meaningful protections over their personal data, which is why our lawmakers passed strong data privacy legislation at the state level,” said Attorney General Ellison. “The SECURE Data Act would strip away those important privacy protections, replace them with far weaker ones, and limit Minnesota’s ability to hold bad actors accountable. The proposed federal law would be a step backward at a time when Minnesotans are rightfully concerned about their privacy and security online.”

The Minnesota Consumer Data Privacy Act, and other states with similar laws, has set minimum data privacy standards, including heightened protections for minors and sensitive consumer data, limits on how data may be used and retained, and the ability for consumers to easily stop the sale of their data via universal opt-out preference signals. The SECURE Data Act would wipe out many of these meaningful protections, making it harder for consumers to exercise their rights, give businesses more discretion on how to use and retain consumer data, and significantly limit enforcement remedies.

Minnesotans can visit privacymn.com to learn more about what their data privacy rights are, how to enforce those rights, and how to report any violation of those rights.

In sending the letter, Minnesota joined the Attorneys General of California, Connecticut, Delaware, Illinois, Maine, Maryland, Massachusetts, Nevada, New Hampshire, New Jersey, New York, Oregon, Vermont, Virginia, and Washington, the California Privacy Protection Agency, and the Hawai’i Department of Commerce and Consumer Affairs.