Maryland Online Data Privacy Act
Maryland Online Data Privacy Act, effective 1 Oct 2025 (processing activities + AG enforcement from 1 Apr 2026) — strictest US data-minimisation. Divergences from the Virginia template: (1) collection limited to what is reasonably necessary and proportionate to provide or maintain the specific product/service requested (narrower than VA ‘reasonably necessary'); (2) strict-necessity for sensitive data; (3) outright ban on sale of sensitive data (no opt-in alternative); (4) outright ban on minor data sale and targeted advertising to minors; (5) 1,750ft geofence prohibition near mental-health and reproductive/sexual-health facilities; (6) lowest threshold (35K consumers or 10K with 20%+ revenue from sale); (7) covers most non-profits. AG-only via Maryland Consumer Protection Act ($10K/violation); cure sunsets 1 Apr 2027.
Composition
16 controls currently indexed; participates in 12 cross-framework synthesis clusters.
Participates in synthesis
Each cluster listed below combines this framework's controls with operationally equivalent controls from other frameworks, resolving the overlap into a single audit-defensible specification.
- Automated Decision-Making Technology — pre-use notice, opt-out, access rights
- Children's privacy across US states — heightened protections
- Cloud data privacy lifecycle — CSA CCM v4 DSP control family
- Consent management — capture, modify, withdraw across jurisdictions
- Cross-jurisdiction consumer / Data Principal rights — operational fabric
- Data Protection Impact Assessment / risk assessment for high-risk processing
- GDPR Article 35 DPIA + cross-jurisdiction high-risk assessment
- GDPR data subject rights — Articles 12-22 operational implementation
- PII principal rights — comprehensive ISO 27701-anchored programme
- Processor / service provider contract requirements across jurisdictions
- Sensitive personal information — heightened protection across jurisdictions
- Universal Opt-Out Mechanism (UOOM) / Global Privacy Control honour across US states