Facebook Linkedin X-twitter Instagram Youtube
Main Menu

Chamber in the News

Back to Chamber News

Find value in these articles?

Join the Michigan Chamber and get them sent directly to you.
Join the MI Chamber Today!

Problematic data privacy, breach proposals advance in the Michigan Senate

Advocacy News – June 12, 2025 

What’s new: The Senate Committee on Finance, Insurance and Consumer Protection advanced legislation Wednesday putting sweeping new mandates on Michigan businesses related to data privacy and breaches.

Why it matters: These data privacy (SB 359) and data breach (SBs 360-64) proposals threaten to burden small businesses with prescriptive and complicated compliance provisions, confuse consumers and limit the ability of businesses to control and process consumer data.

Data privacy:

  • The cost to small businesses: From local retailers to family-run service providers, companies would face a mountain of new compliance obligations, including new disclosures, consumer data requests, new restrictions on customer loyalty programs, and more. For businesses already grappling with inflation, labor shortages and rising operating costs, this unfunded mandate is simply one more thing they can’t afford.
  • A patchwork of regulations: Rather than following the lead of states who’ve found a workable solution — such as states like Texas, Colorado, Indiana, and Virginia and their “Consensus Privacy Approach” — the Senate data privacy bill cherry-picks provisions from other state laws, proposals and even the European Union. For companies that do business across state lines, the result is confusion and legal risk. Michigan should be urging Congress to enact a uniform federal privacy standard, not adding to the chaos.
  • Consumers deserve clarity, not confusion: Most consumers want simple, meaningful protections — not a maze of privacy notices, opt-in boxes, and jargon-filled forms. SB 359 bill creates rights that sound good on paper but are difficult to use in practice.

Data breach:

  • Under Michigan’s current data breach law, businesses must notify consumers if their unencrypted personal data is accessed by unauthorized actors. While that’s a reasonable expectation, the proposed legislative changes would dramatically broaden the scope — expanding the types of data covered, tightening timelines for reporting and requiring blanket notification — even in cases where no harm has or is likely to occur.

What’s next: The bills are now sitting on the Senate floor and we are working to gather intel on whether/when the full Senate will vote on them.

Go deeper: Read the MI Chamber’s memos of opposition to data privacy and data breach.

For questions or more information, contact Wendy Block.