Over the weekend, California Governor Gavin Newsom signed a bill amending the California Consumer Privacy Act, expanding privacy protections to include "neural data."
This type of data would be considered sensitive personal information, similar to geolocation, genetics, and biometric data, which puts neural data on the list of personal data that needs to be strictly protected.
Sean Pauzauskie, chief medical officer at the Neurorights Foundation, hailed the new law as “a huge win” for patients with mental health disorders, as well as consumers who want to use technology to improve their lives.
The NGO has teamed up with a state senator to push for the bill’s passage. Pauzauskie said these privacy protections would help increase trust in advanced neurotechnologies, much of which are coming from California.
California becomes the second US state, after Colorado, to adopt brain data protections similar to what has been done with biometric data like fingerprints.
California’s new law also sends a strong message to the rapidly growing neurotech industry that people’s mental privacy needs to be protected. Jared Genser, legal counsel at the NeuroRights Foundation, called for a nationwide brain data protection law.
The new California law includes important protections, allowing users to understand how their brain data is being collected, limit disclosure, and even request deletion of data. Devices that record or alter neural activity, whether implanted or wearable, will be subject to the law.
Experts have warned about the potential for these devices to tap into people’s thoughts and emotions, raising concerns that they could be used to manipulate thinking or emotions. The NeuroRights Foundation predicts that in the coming years, the sensitivity of neural data will increase along with increased investment in neurotechnology.
Meanwhile, generative AI will increasingly be able to accurately decode this data. Elon Musk, with his Neuralink project, is one of the pioneers in the effort to connect the brain to computers.
