Massachusetts Privacy Proposals Would Hurt Small Businesses
Massachusetts lawmakers are considering several new data privacy bills that could harm small businesses across the state. Small businesses support consumer privacy protections, but these proposals would impose some of the most extreme data restrictions in the country — limiting how small businesses can use digital tools to grow, compete, and serve their customers. Massachusetts needs a different, more balanced approach.
Extreme Data Restrictions Would Hurt Small Businesses
Though well-intentioned, some Massachusetts proposals — such as S2516 — would severely restrict how businesses can collect and use data, allowing them to collect only the data necessary to deliver a product or service the customer explicitly requests — and nothing more.
That might sound like a win for privacy — but in practice, it would lead to:
- Significant New Costs to Gain Customers: Data restrictions would make it harder for Massachusetts small businesses to reach the right customers, likely forcing them to spend more on ads that reach fewer interested buyers.
- More Guesswork in Marketing: Without access to performance insights, small businesses won’t know which ads, emails, or web content actually work, making it difficult to optimize marketing strategy.
- Barriers to Customer Follow-Ups: Small businesses may no longer be able to use past purchase data to send reminders, promotions, or loyalty offers — which would hurt repeat sales.
- Limited Business Growth: Basic, non-sensitive data — like aggregated location or search trends — could be restricted, making it harder to decide where to expand, what products to launch, or how to compete.
In short, the Massachusetts proposals would restrict small businesses’ access to the affordable, data-powered tools they depend on to connect with customers and grow.
“Exemptions” Won’t Save Small Firms
While some of the proposals attempt to exempt small businesses that handle data from fewer than 200,000 individuals annually, small businesses of all sizes would still be harmed. The bill authors fail to realize that many digitally-empowered small businesses easily surpass the 200,000 threshold. And even companies below that threshold would be hurt because their digital partners — like Google, Shopify, or Amazon — would be bound by the new rules. That means the effectiveness of key digital tools — from advertising to analytics to e-commerce support — would decline across the board.
Small Businesses Could Face Frivolous Lawsuits
On top of strict data limits, some of the Massachusetts proposals include a private right of action, allowing consumers to sue businesses directly over alleged compliance violations. In the past, similar provisions have opened the door to frivolous lawsuits from opportunistic lawyers who pressure small businesses into costly settlements. Large companies may have the financial and legal resources to fight back — but for small businesses, even a single lawsuit can be financially devastating.
Other States Have Rejected This Approach — Massachusetts Should Too
States like Maine and Vermont recently rejected similar bills primarily because of their impact on small businesses. Not even California or Europe — known for their stringent privacy standards — have such radical restrictions on data.
Massachusetts lawmakers must reject these overly restrictive data proposals and realize it’s possible to protect privacy without undermining the digital tools small businesses depend on. Lawmakers are already considering H.80, a balanced alternative that gives Massachusetts residents the same privacy rights Europeans have, and doesn’t cripple small businesses.
What Comes Next
The debate over Massachusetts’ privacy laws is still unfolding. If you’re a small business owner with questions about these proposals — or want to speak out — we’re here to help. Now is the time to raise your voice. Lawmakers need to hear from you before it’s too late. Sign up here to receive updates as this develops.
