Vermont's comprehensive consumer data privacy legislation was vetoed by Gov. Phil Scott due to the "unnecessary and avoidable level of risk" to small and medium-sized businesses brought upon by its private right to action and "kids code" provisions, according to StateScoop.
Businesses and nonprofits across Vermont may be further discouraged to operate as a result of private right to action, which would empower the filing of civil lawsuits against organizations with data privacy violations, while the "kids code" provision, which would impose age restrictions and other limits on online services that could be accessed by minors, could have costly ramifications, said Scott, who recommended lawmakers to pattern the state's data privacy bill after the one used by Connecticut, which was given a "D" rating by the Electronic Privacy Information Center and the U.S. PIRG Education Fund.
Such an objection was opposed by Consumer Reports.
"We remain hopeful that the legislature will override this veto with the support of the overwhelming majority of lawmakers that originally passed it," said Consumer Reports Policy Analyst Matt Schwartz.
