Communications Litigation Today was a service of Warren Communications News.
3 Bills Expected

Maine Privacy Measure Sponsor Blasts 'Lowest Common Denominator' Coordination

March 26, 2025 by Adam Bender|Top News

While states are increasingly coordinating their privacy bills, Maine Rep. Amy Kuhn (D) is unwilling to "prioritize interoperability to the point where we’re agreeing on the lowest common denominator,” the House chair of the state legislature’s Judiciary Committee told Privacy Daily this week. Instead, Kuhn wants to focus on what’s good for consumers, small businesses, and “not so much Big Tech.”

Kuhn is preparing to introduce a comprehensive privacy bill that picks up from last year’s Democratic proposal by Rep. Maggie O’Neil. The 2024 bill, notable for containing stricter data minimization standards than other states’ privacy laws, passed the House but failed in the Senate last session.

Earlier this month, Rep. Rachel Henderson (R) introduced LD-1088, a version of an alternative Republican bill sponsored last year by Sen. Lisa Keim. Henderson didn't comment. O’Neil and Keim are no longer legislators because they reached term limits at the end of 2024. In addition, Rep. Tiffany Roberts-Lovell -- with five other Democrats and three Republicans, including Henderson -- introduced a third comprehensive privacy bill (LD-1224) this week.

The Roberts-Lovell bill is “similar to but narrower" than Henderson's LD-1088, said Jordan Francis, Future of Privacy Forum policy counsel. “Both bills are modeled after Connecticut, but LD-1088 includes heightened protections for consumer health data like those added to Connecticut's law” through a 2023 amendment, he said.

For Kuhn, resuming work on Maine Democrats’ privacy bill “was a really high priority,” the legislator said. “I dug in just as soon as we adjourned and started meeting with stakeholders and trying to resolve some of the technical problems that we were left with at the end of the session.”

For example, there was a concern at the end of last session about “whether small businesses had access to digital marketing tools,” so Kuhn “met with a number of advertising folks and industry people just trying to really make sure I understand that issue,” she said. One possible reason for last year’s failure was that “the bill came out quite late in session, and so we didn't have time to have all the conversations that I think would have been helpful to make sure that we were really taking care of small business.”

While Kuhn said “interoperability is something that we should strive for,” she appeared open to including requirements not found in every state law.

For example, the chair said she hopes that Maryland’s passage last year of a privacy law with strict data minimization standards “will create a new pathway for other states." Kuhn noted that Connecticut is considering amending its privacy law to add data minimization rules and that Vermont is also considering a privacy bill with such requirements.

Maine Democrats’ failed 2024 privacy bill also included data minimization rules. “For years, we’ve seen the tech industry coalesce around one type of … consent-based privacy bill,” said the chair. However, the Democrats’ privacy bill took a “data minimization approach,” she said. “One consequence of that was … the tech industry poured a huge amount of money into Maine to defeat it. The bill became the most lobbied bill of the year.”

The Judiciary Committee chair said she couldn’t say when her new bill would be released but “at the earliest opportunity … we will put all the [privacy] bills up for a public hearing.” She said it’s “typical” for the committee to consider Democratic and Republican bills simultaneously.” Asked about support from legislative leaders, the governor or attorney general, Kuhn said, "I have been actively working with all the relevant stakeholders throughout the process."

Privacy is “an area where Maine consumers have one expectation about how they're interacting with the internet, and the reality is that they're a lot more at risk in terms of circumventing legal requirements and also in terms of being subject to breach,” said Kuhn.

“That's one really important component of data minimization,” the lawmaker continued. “The less sensitive material we have out in the internet about us … the less risk we're carrying for [a data] breach.” Data breaches “are widespread and frequent, and it is something really to be concerned about.”