Back to Utah

HB0357 • 2026

Amendments to Motor Vehicle Data Privacy

Amendments to Motor Vehicle Data Privacy

Privacy
Enacted

This bill passed the Legislature and reached final enactment based on the latest official action.

Sponsor
Rep. Chevrier, Kristen
Last action
2026-03-19
Official status
Governor Signed
Effective date
Not listed

Plain English Breakdown

Using official source text because the generated explanation was unavailable or could not be confirmed against the official bill text.

Amendments to Motor Vehicle Data Privacy

This bill modifies the Utah Consumer Privacy Act relating to motor vehicle data privacy.

What This Bill Does

  • This bill modifies the Utah Consumer Privacy Act relating to motor vehicle data privacy.

Limits and Unknowns

  • This entry is temporarily using official source text because the generated explanation could not be confirmed against the official bill text during the last sync.

Bill History

  1. 2026-03-19 Lieutenant Governor's office for filing

    Governor Signed

  2. 2026-03-16 Clerk of the House

    House/ received enrolled bill from Printing

  3. 2026-03-16 Executive Branch - Governor

    House/ to Governor

  4. 2026-03-12 Clerk of the House

    Enrolled Bill Returned to House or Senate

  5. 2026-03-12 Clerk of the House

    House/ enrolled bill to Printing

  6. 2026-03-11 Legislative Research and General Counsel / Enrolling

    Bill Received from House for Enrolling

  7. 2026-03-11 Legislative Research and General Counsel / Enrolling

    Draft of Enrolled Bill Prepared

  8. 2026-03-11 House Speaker

    House/ received from Senate

  9. 2026-03-11 Legislative Research and General Counsel / Enrolling

    House/ signed by Speaker/ sent for enrolling

  10. 2026-03-10 Senate President

    Senate/ received from House

  11. 2026-03-10 House Speaker

    Senate/ signed by President/ returned to House

  12. 2026-03-10 House Speaker

    Senate/ to House

  13. 2026-03-06 Senate President

    House/ concurs with Senate amendment

  14. 2026-03-06 House Concurrence Calendar

    House/ placed on Concurrence Calendar

  15. 2026-03-06 Clerk of the House

    House/ received from Senate

  16. 2026-03-06 Senate President

    House/ to Senate

  17. 2026-03-06 Senate 2nd Reading Calendar

    Senate/ 2nd & 3rd readings/ suspension

  18. 2026-03-06 Senate 2nd Reading Calendar

    Senate/ Rules to 2nd Reading Calendar

  19. 2026-03-06 Clerk of the House

    Senate/ passed 2nd & 3rd readings/ suspension

  20. 2026-03-06 Clerk of the House

    Senate/ to House with amendments

  21. 2026-03-04 Senate Rules Committee

    Senate/ 2nd Reading Calendar to Rules

  22. 2026-03-03 Released

    LFA/ fiscal note publicly available for HB0357S01

  23. 2026-03-03 Version Sponsor

    LFA/ fiscal note sent to sponsor for HB0357S01

  24. 2026-02-26 Senate Transportation, Public Utilities, Energy, and Technology Committee

    Senate Comm - Amendment Recommendation

  25. 2026-02-26 Senate Transportation, Public Utilities, Energy, and Technology Committee

    Senate Comm - Favorable Recommendation

  26. 2026-02-26 Senate Transportation, Public Utilities, Energy, and Technology Committee

    Senate/ comm rpt/ amended

  27. 2026-02-26 Senate 2nd Reading Calendar

    Senate/ placed on 2nd Reading Calendar

  28. 2026-02-24 Senate Transportation, Public Utilities, Energy, and Technology Committee

    Senate/ to standing committee

  29. 2026-02-23 Senate Rules Committee

    Senate/ 1st reading (Introduced)

  30. 2026-02-20 Senate Secretary

    House/ to Senate

  31. 2026-02-20 Waiting for Introduction in the Senate

    Senate/ received from House

  32. 2026-02-19 House 3rd Reading Calendar for House bills

    House/ 3rd reading

  33. 2026-02-19 House Docket Clerk

    House/ held

  34. 2026-02-19 Senate Secretary

    House/ passed 3rd reading

  35. 2026-02-13 Released

    LFA/ fiscal note publicly available for HB0357S01

  36. 2026-02-12 House 3rd Reading Calendar for House bills

    House/ 2nd reading

  37. 2026-02-12 House Transportation Committee

    House/ comm rpt/ substituted

  38. 2026-02-11 House Transportation Committee

    House Comm - Favorable Recommendation

  39. 2026-02-11 House Transportation Committee

    House Comm - Substitute Recommendation

  40. 2026-02-11 Version Sponsor

    LFA/ fiscal note sent to sponsor for HB0357S01

  41. 2026-02-06 Legislative Fiscal Analyst

    LFA/ bill assigned to staff for fiscal analysis for HB0357S01

  42. 2026-02-06 Legislative Fiscal Agency

    LFA/ bill sent to agencies for fiscal input for HB0357S01

  43. 2026-02-04 House Transportation Committee

    House/ to standing committee

  44. 2026-02-02 Released

    LFA/ fiscal note publicly available for HB0357

  45. 2026-01-28 Version Sponsor

    LFA/ fiscal note sent to sponsor for HB0357

  46. 2026-01-26 House Rules Committee

    House/ 1st reading (Introduced)

  47. 2026-01-26 Clerk of the House

    House/ received bill from Legislative Research

  48. 2026-01-23 Legislative Research and General Counsel

    Bill Numbered but not Distributed

  49. 2026-01-23 Legislative Fiscal Analyst

    LFA/ bill assigned to staff for fiscal analysis for HB0357

  50. 2026-01-23 Legislative Fiscal Agency

    LFA/ bill sent to agencies for fiscal input for HB0357

  51. 2026-01-23 Legislative Research and General Counsel

    Numbered Bill Publicly Distributed

Official Summary Text

This bill modifies the Utah Consumer Privacy Act relating to motor vehicle data privacy.

Current Bill Text

Read the full stored bill text
22
13-61-101
13-61-102
13-61-501
13-61-502
13-61-503
13-61-504
13-61-101
13-61-102
13-61-501
13-61-502
13-61-503
13-61-504
0
Amendments to Motor Vehicle Data Privacy
2026 GENERAL SESSION
STATE OF UTAH
Chief Sponsor: Kristen Chevrier
Senate Sponsor: Wayne A. Harper
LONG TITLE
General Description:
This bill modifies the Utah Consumer Privacy Act relating to motor vehicle data privacy.
Highlighted Provisions:
This bill:
defines terms;
applies the Utah Consumer Privacy Act to motor vehicle manufacturers;
requires in-vehicle privacy controls for certain motor vehicles;
exempts certain safety and operational data from consent requirements; and
requires the Motor Vehicle Division to provide information to consumers regarding motor
vehicle data privacy rights.
Money Appropriated in this Bill:
None
Other Special Clauses:
This bill provides a special effective date.
Utah Code Sections Affected:
AMENDS:
13-61-101
, as last amended by Laws of Utah 2024, Chapter 186
13-61-102
, as last amended by Laws of Utah 2024, Chapter 381
ENACTS:
13-61-501
, Utah Code Annotated 1953
13-61-502
, Utah Code Annotated 1953
13-61-503
, Utah Code Annotated 1953
13-61-504
, Utah Code Annotated 1953
Be it enacted by the Legislature of the state of Utah:
Section 1. Section
13-61-101
is amended to read:
13-61-101
. Definitions.
As used in this chapter:
(1)
"Account" means the Consumer Privacy Restricted Account established in Section
13-61-403
.
(2)
"Affiliate" means an entity that:
(a)
controls, is controlled by, or is under common control with another entity; or
(b)
shares common branding with another entity.
(3)
"Aggregated data" means information that relates to a group or category of consumers:
(a)
from which individual consumer identities have been removed; and
(b)
that is not linked or reasonably linkable to any consumer.
(4)
"Air carrier" means the same as that term is defined in 49 U.S.C. Sec. 40102.
(5)
"Authenticate" means to use reasonable means to determine that a consumer's request to
exercise the rights described in Section
13-61-201
is made by the consumer who is
entitled to exercise those rights.
(6)
(a)
"Biometric data" means data generated by automatic measurements of an
individual's unique biological characteristics.
(b)
"Biometric data" includes data described in Subsection
(6)(a)
that are generated by
automatic measurements of an individual's fingerprint, voiceprint, eye retinas, irises,
or any other unique biological pattern or characteristic that is used to identify a
specific individual.
(c)
"Biometric data" does not include:
(i)
a physical or digital photograph;
(ii)
a video or audio recording;
(iii)
data generated from an item described in Subsection
(6)(c)(i)
or
(ii)
;
(iv)
information captured from a patient in a health care setting; or
(v)
information collected, used, or stored for treatment, payment, or health care
operations as those terms are defined in 45 C.F.R. Parts 160, 162, and 164.
(7)
"Business associate" means the same as that term is defined in 45 C.F.R. Sec. 160.103.
(8)
"Child" means an individual younger than 13 years old.
(9)
"Consent" means an affirmative act by a consumer that unambiguously indicates the
consumer's voluntary and informed agreement to allow a person to process personal data
related to the consumer.
(10)
(a)
"Consumer" means an individual who is a resident of the state acting in an
individual or household context.
(b)
"Consumer" does not include an individual acting in an employment or commercial
context.
(11)
"Control" or "controlled" as used in Subsection
(2)
means:
(a)
ownership of, or the power to vote, more than 50% of the outstanding shares of any
class of voting securities of an entity;
(b)
control in any manner over the election of a majority of the directors or of the
individuals exercising similar functions; or
(c)
the power to exercise controlling influence of the management of an entity.
(12)
"Controller" means a person doing business in the state who determines the purposes
for which and the means by which personal data are processed, regardless of whether the
person makes the determination alone or with others.
(13)
"Covered entity" means the same as that term is defined in 45 C.F.R. Sec. 160.103.
(14)
(a)
"Deidentified data" means data that:
(i)
cannot reasonably be linked to an identified individual or an identifiable
individual; and
(ii)
are possessed by a controller who:
(A)
takes reasonable measures to ensure that a person cannot associate the data
with an individual;
(B)
publicly commits to maintain and use the data only in deidentified form and
not attempt to reidentify the data; and
(C)
contractually obligates any recipients of the data to comply with the
requirements described in
Subsections (14)(b)(i) and (ii).
this Subsection
(14)(a)
.
(b)
"Deidentified data" includes synthetic data.
(15)
"Director" means the director of the Division of Consumer Protection.
(16)
"Division" means the Division of Consumer Protection created in Section
13-2-1
.
(17)
"Governmental entity" means the same as that term is defined in Section
63G-2-103
.
(18)
"Health care facility" means the same as that term is defined in Section
26B-2-201
.
(19)
"Health care provider" means the same as that term is defined in Section
78B-3-403
.
(20)
"Identifiable individual" means an individual who can be readily identified, directly or
indirectly.
(21)
"Institution of higher education" means a public or private institution of higher
education.
(22)
"Local political subdivision" means the same as that term is defined in Section
11-14-102
.
(23)
"Motor vehicle" means the same as that term is defined in Section
41-1a-102
.
(24)
"Motor vehicle manufacturer" means a person who manufactures or assembles motor
vehicles for sale or lease.
(25)
"Nonprofit corporation" means:
(a)
the same as that term is defined in Section
16-6a-102
; or
(b)
a foreign nonprofit corporation as defined in Section
16-6a-102
.
(24)
(26)
(a)
"Personal data" means information that is linked or reasonably linkable to
an identified individual or an identifiable individual.
(b)
"Personal data" does not include deidentified data, aggregated data, or publicly
available information.
(25)
(27)
"Process" means an operation or set of operations performed on personal data,
including collection, use, storage, disclosure, analysis, deletion, or modification of
personal data.
(26)
(28)
"Processor" means a person who processes personal data on behalf of a
controller.
(27)
(29)
"Protected health information" means the same as that term is defined in 45
C.F.R. Sec. 160.103.
(28)
(30)
"Pseudonymous data" means personal data that cannot be attributed to a specific
individual without the use of additional information, if the additional information is:
(a)
kept separate from the consumer's personal data; and
(b)
subject to appropriate technical and organizational measures to ensure that the
personal data are not attributable to an identified individual or an identifiable
individual.
(29)
(31)
"Publicly available information" means information that a person:
(a)
lawfully obtains from a record of a governmental entity;
(b)
reasonably believes a consumer or widely distributed media has lawfully made
available to the general public; or
(c)
if the consumer has not restricted the information to a specific audience, obtains from
a person to whom the consumer disclosed the information.
(30)
(32)
"Right" means a consumer right described in Section
13-61-201
.
(31)
(33)
(a)
"Sale," "sell," or "sold" means the exchange of personal data for monetary
consideration by a controller to a third party.
(b)
"Sale," "sell," or "sold" does not include:
(i)
a controller's disclosure of personal data to a processor who processes the personal
data on behalf of the controller;
(ii)
a controller's disclosure of personal data to an affiliate of the controller;
(iii)
considering the context in which the consumer provided the personal data to the
controller, a controller's disclosure of personal data to a third party if the purpose
is consistent with a consumer's reasonable expectations;
(iv)
the disclosure or transfer of personal data when a consumer directs a controller to:
(A)
disclose the personal data; or
(B)
interact with one or more third parties;
(v)
a consumer's disclosure of personal data to a third party for the purpose of
providing a product or service requested by the consumer or a parent or legal
guardian of a child;
(vi)
the disclosure of information that the consumer:
(A)
intentionally makes available to the general public via a channel of mass
media; and
(B)
does not restrict to a specific audience; or
(vii)
a controller's transfer of personal data to a third party as an asset that is part of a
proposed or actual merger, an acquisition, or a bankruptcy in which the third party
assumes control of all or part of the controller's assets.
(32)
(34)
(a)
"Sensitive data" means:
(i)
personal data that reveals:
(A)
an individual's racial or ethnic origin;
(B)
an individual's religious beliefs;
(C)
an individual's sexual orientation;
(D)
an individual's citizenship or immigration status; or
(E)
information regarding an individual's medical history, mental or physical
health condition, or medical treatment or diagnosis by a health care
professional;
(ii)
the processing of genetic personal data or biometric data, if the processing is for
the purpose of identifying a specific individual; or
(iii)
specific geolocation data.
(b)
"Sensitive data" does not include personal data that reveals an individual's:
(i)
racial or ethnic origin, if the personal data are processed by a video
communication service; or
(ii)
if the personal data are processed by a person licensed to provide health care
under Title 26B, Chapter 2, Part 2, Health Care Facility Licensing and Inspection,
or Title 58, Occupations and Professions, information regarding an individual's
medical history, mental or physical health condition, or medical treatment or
diagnosis by a health care professional.
(33)
(35)
(a)
"Specific geolocation data" means information derived from technology,
including global position system level latitude and longitude coordinates, that directly
identifies an individual's specific location, accurate within a radius of 1,750 feet or
less.
(b)
"Specific geolocation data" does not include:
(i)
the content of a communication; or
(ii)
any data generated by or connected to advanced utility metering infrastructure
systems or equipment for use by a utility.
(34)
(36)
"Synthetic data" means data that has been generated by computer algorithms or
statistical models and does not contain personal data.
(35)
(37)
(a)
"Targeted advertising" means displaying an advertisement to a consumer
where the advertisement is selected based on personal data obtained from the
consumer's activities over time and across nonaffiliated websites or online
applications to predict the consumer's preferences or interests.
(b)
"Targeted advertising" does not include advertising:
(i)
based on a consumer's activities within a controller's website or online application
or any affiliated website or online application;
(ii)
based on the context of a consumer's current search query or visit to a website or
online application;
(iii)
directed to a consumer in response to the consumer's request for information,
product, a service, or feedback; or
(iv)
processing personal data solely to measure or report advertising:
(A)
performance;
(B)
reach; or
(C)
frequency.
(36)
(38)
"Third party" means a person other than:
(a)
the consumer, controller, or processor; or
(b)
an affiliate or contractor of the controller or the processor.
(37)
(39)
"Trade secret" means information, including a formula, pattern, compilation,
program, device, method, technique, or process, that:
(a)
derives independent economic value, actual or potential, from not being generally
known to, and not being readily ascertainable by proper means by, other persons who
can obtain economic value from the information's disclosure or use; and
(b)
is the subject of efforts that are reasonable under the circumstances to maintain the
information's secrecy.
(40)
"Vehicle data collection system" means a technology system or device installed in or
on a motor vehicle that collects, transmits, or stores a consumer or occupant's personal
data.
Section 2. Section
13-61-102
is amended to read:
13-61-102
. Applicability.
(1)
This chapter applies to
:
(a)

any controller or processor who:
(a)
(i)
(i)
(A)
conducts business in the state; or
(ii)
(B)
produces a product or service that is targeted to consumers who are
residents of the state;
(b)
(ii)
has annual revenue of $25,000,000 or more; and
(c)
(iii)
satisfies one or more of the following thresholds:
(i)
(A)
during a calendar year, controls or processes personal data of 100,000 or
more consumers; or
(ii)
(B)
derives over 50% of the entity's gross revenue from the sale of personal
data and controls or processes personal data of 25,000 or more consumers
.
; or
(b)
a motor vehicle manufacturer who:
(i)
manufactures motor vehicles that are sold or leased in the state; and
(ii)
collects, transmits, or stores personal data through a vehicle data collection
system.
(2)
This chapter does not apply to:
(a)
a governmental entity or a third party under contract with a governmental entity
when the third party is acting on behalf of the governmental entity;
(b)
a tribe;
(c)
an institution of higher education;
(d)
a nonprofit corporation;
(e)
a covered entity;
(f)
a business associate;
(g)
information that meets the definition of:
(i)
protected health information for purposes of the federal Health Insurance
Portability and Accountability Act of 1996, 42 U.S.C. Sec. 1320d et seq., and
related regulations;
(ii)
patient identifying information for purposes of 42 C.F.R. Part 2;
(iii)
identifiable private information for purposes of the Federal Policy for the
Protection of Human Subjects, 45 C.F.R. Part 46;
(iv)
identifiable private information or personal data collected as part of human
subjects research pursuant to or under the same standards as:
(A)
the good clinical practice guidelines issued by the International Council for
Harmonisation; or
(B)
the Protection of Human Subjects under 21 C.F.R. Part 50 and Institutional
Review Boards under 21 C.F.R. Part 56;
(v)
personal data used or shared in research conducted in accordance with one or
more of the requirements described in Subsection
(2)(g)(iv)
;
(vi)
information and documents created specifically for, and collected and maintained
by, a committee but not a board or council listed in Section
26B-1-204
;
(vii)
information and documents created for purposes of the federal Health Care
Quality Improvement Act of 1986, 42 U.S.C. Sec. 11101 et seq., and related
regulations;
(viii)
patient safety work product for purposes of 42 C.F.R. Part 3; or
(ix)
information that is:
(A)
deidentified in accordance with the requirements for deidentification set forth
in 45 C.F.R. Part 164; and
(B)
derived from any of the health care-related information listed in this
Subsection
(2)(g)
;
(h)
information originating from, and intermingled to be indistinguishable with,
information under Subsection
(2)(g)
that is maintained by:
(i)
a health care facility or health care provider; or
(ii)
a program or a qualified service organization as defined in 42 C.F.R. Sec. 2.11;
(i)
information used only for public health activities and purposes as described in 45
C.F.R. Sec. 164.512;
(j)
(i)
an activity by:
(A)
a consumer reporting agency, as defined in 15 U.S.C. Sec. 1681a;
(B)
a furnisher of information, as set forth in 15 U.S.C. Sec. 1681s-2, who
provides information for use in a consumer report, as defined in 15 U.S.C. Sec.
1681a; or
(C)
a user of a consumer report, as set forth in 15 U.S.C. Sec. 1681b;
(ii)
subject to regulation under the federal Fair Credit Reporting Act, 15 U.S.C. Sec.
1681 et seq.; and
(iii)
involving the collection, maintenance, disclosure, sale, communication, or use of
any personal data bearing on a consumer's:
(A)
credit worthiness;
(B)
credit standing;
(C)
credit capacity;
(D)
character;
(E)
general reputation;
(F)
personal characteristics; or
(G)
mode of living;
(k)
a financial institution or an affiliate of a financial institution governed by, or personal
data collected, processed, sold, or disclosed in accordance with, Title V of the
Gramm-Leach-Bliley Act, 15 U.S.C. Sec. 6801 et seq., and related regulations;
(l)
personal data collected, processed, sold, or disclosed in accordance with the federal
Driver's Privacy Protection Act of 1994, 18 U.S.C. Sec. 2721 et seq.;
(m)
personal data regulated by the federal Family Education Rights and Privacy Act, 20
U.S.C. Sec. 1232g, and related regulations;
(n)
personal data collected, processed, sold, or disclosed in accordance with the federal
Farm Credit Act of 1971, 12 U.S.C. Sec. 2001 et seq.;
(o)
data that are processed or maintained:
(i)
in the course of an individual applying to, being employed by, or acting as an
agent or independent contractor of a controller, processor, or third party, to the
extent the collection and use of the data are related to the individual's role;
(ii)
as the emergency contact information of an individual described in Subsection
(2)(o)(i)
and used for emergency contact purposes; or
(iii)
to administer benefits for another individual relating to an individual described in
Subsection
(2)(o)(i)
and used for the purpose of administering the benefits;
(p)
an individual's processing of personal data for purely personal or household
purposes; or
(q)
an air carrier.
(3)
A controller is in compliance with any obligation to obtain parental consent under this
chapter if the controller complies with the verifiable parental consent mechanisms under
the Children's Online Privacy Protection Act, 15 U.S.C. Sec. 6501 et seq., and the act's
implementing regulations and exemptions.
(4)
This chapter does not require a person to take any action in conflict with the federal
Health Insurance Portability and Accountability Act of 1996, 42 U.S.C. Sec. 1320d et
seq., or related regulations.
Section 3. Section
13-61-501
is enacted to read:
5. Motor Vehicle Data Privacy
13-61-501
. Definitions.
As used in this part:
(1)
"Connected device" means a consumer's mobile phone, tablet, or similar personal
electronic device that connects to a motor vehicle through the in-vehicle interface for
purposes of accessing the device's applications, contacts, or other data through the
vehicle's display.
(2)
"In-vehicle interface" means a display screen, control panel, or other interactive system
in a motor vehicle through which an individual may access or control motor vehicle
functions or settings.
(3)
"Readily accessible data" means personal data that:
(a)
a consumer directly inputs into or provides to the motor vehicle from a connected
device through a motor vehicle's in-vehicle interface; and
(b)
is stored locally on the motor vehicle and accessible through the in-vehicle interface.
Section 4. Section
13-61-502
is enacted to read:
13-61-502
. Motor vehicle manufacturer requirements.
(1)
Except as provided in Subsection
(2)
, a motor vehicle manufacturer shall, for a motor
vehicle with a model year 2030 or later, provide in-vehicle privacy controls that allow a
consumer to:
(a)
view the categories of personal data the vehicle data collection system collects;
(b)
view the categories of third parties with whom the motor vehicle manufacturer
shares personal data;
(c)
opt out of the sale of personal data or processing for targeted advertising; and
(d)
delete readily accessible data.
(2)
A motor vehicle manufacturer is not required to comply with Subsection
(1)
for a
specific motor vehicle model if the manufacturer demonstrates that the model is not
technologically capable of providing the privacy controls described in Subsection
(1)
.
(3)
A motor vehicle manufacturer shall make the in-vehicle privacy controls described in
Subsection
(1)
:
(a)
accessible through the motor vehicle's in-vehicle interface;
(b)
accessible to any individual operating the motor vehicle; and
(c)
clearly labeled and easy to locate within the in-vehicle interface.
(4)
The settings selected by a consumer using the in-vehicle privacy controls shall remain
in effect until the consumer changes the settings.
(5)
A motor vehicle manufacturer may provide the consumer with access to privacy
controls through a website or mobile application in addition to the in-vehicle privacy
controls required by this section, but may not require the consumer to use a website or
mobile application to exercise the rights described in this section.
(6)
If a motor vehicle manufacturer receives a court order requiring deletion or a request
that includes a copy of a legally issued protective order, the motor vehicle manufacturer
shall delete all personal data within five business days after the day on which the motor
vehicle manufacturer receives the court order or request.
Section 5. Section
13-61-503
is enacted to read:
13-61-503
. Exemptions for motor vehicle manufacturers.
(1)
A motor vehicle manufacturer may collect personal data for the purpose of improving
the motor vehicle manufacturer's product if the motor vehicle manufacturer:
(a)
collects only the minimum personal data necessary to accomplish the purpose; and
(b)
uses the personal data only for internal product improvement purposes.
(2)
Personal data collected in accordance with Subsection
(1)
is not subject to the consent
requirements of Section
13-61-302
.
(3)
Section
13-61-302
does not apply to personal data that a vehicle data collection system:
(a)
collects solely for the purpose of:
(i)
vehicle safety, including airbag deployment, operational safety, passenger safety,
collision avoidance, or other safety features required by federal law;
(ii)
vehicle operation, including engine control, battery level, transmission operation,
or other mechanical functions necessary to operate the motor vehicle; or
(iii)
compliance with a federal or state law, rule, or regulation; or
(b)
processes temporarily and does not transmit outside the motor vehicle or store for
longer than necessary.
Section 6. Section
13-61-504
is enacted to read:
13-61-504
. Motor Vehicle Division notification requirements.
The Motor Vehicle Division, created in Section
41-1a-106
, shall provide information on
the division's website regarding the data privacy rights of motor vehicle owners under this part.
Section 7.
Effective Date.
This bill takes effect on
January 1, 2027
.
3-12-26 11:22 AM