Rhode Island’s Genetic Information Privacy Act, passed by the Senate on May 6, 2026, aims to give consumers greater control over their genetic data amidst rising concerns about data security. The Senate approved the bill with a unanimous vote of 37-0, following a similarly unanimous passage in the House on April 28, where it received a vote of 68-0.
This legislation responds to the unregulated nature of the direct-to-consumer genetic testing market, which has raised alarms regarding personal data risks. The act mandates that genetic testing companies provide clear privacy policies in plain language, ensuring that consumers fully understand how their information may be used or shared.
Key provisions of the legislation include:
- Explicit consumer consent is required for the collection and use of genetic data.
- The use of ‘dark patterns’—deceptive design practices intended to manipulate users—by genetic testing firms is prohibited.
- Civil penalties for negligent violations can reach up to $1,000, while willful violations may incur fines between $1,000 and $10,000, plus court costs.
According to Sam Zurier, one of the bill’s sponsors, “It protects our genetic information when we send it off to these companies so that they can’t sell it to other people.” Furthermore, Edith Ajello emphasized that “Rhode Islanders deserve to know if their data might be shared or sold, and they should be able to opt out or request that their information be deleted.” This sentiment reflects broader civil rights concerns surrounding personal data management.
Interestingly, this legislative framework draws inspiration from a similar law enacted in California in 2021. As Rhode Island moves forward with this initiative, the implications for both consumers and genetic testing companies remain significant. However, uncertainties linger regarding how effectively these regulations will be enforced and whether they will adequately protect consumer interests.
