Thanks to poor federal regulations, it’s up to each individual state to protect their residents’ data. Recently, Maine’s State Senate passed a landmark bill that will look out for people’s internet privacy.

Your internet service providers (ISPs) have a lot more information on you than you might think. Your internet history (including the sites you visit, how often, location data, etc.) can tell a lot about you as an individual.

Maine’s new bill — LD 946  —now requires that ISPs get people’s consent before selling or offering access to their private data.

In a blog post, the American Civil Liberties Union (ACLU) Maine noted:

“The personal information ISPs collect and sell is increasingly being used by advertisers to discriminate against certain communities. Advertisers and data brokers are increasingly using data to decide what prices to advertise to someone, the content they should steer them to, and even the types of loans to offer them.”

Although this bill is important, it’s not necessarily new. Essentially, it’s restoring protections enacted by the Federal Communications Commission (FCC), which Congress overturned in 2016.

“Today, the Maine legislature did what the United States Congress has thus far failed to do and voted to put consumer privacy before corporate profits. Nobody should have to choose between using the Internet and protecting their own data,” Oamshri Amarasingham, advocacy director at the ACLU of Maine said. “Lest we forget, internet providers work for us. We pay them – a lot – for their services, and it is outrageous that they would turn around and sell our most private information without our consent.”

The bill still has to be approved by Maine’s governor — Janet Mills — but this is an important start for protecting people’s privacy that could influence other states across the nation.