119-HR-8652 Journalist Public Summary
119 · HR 8652 YODA
A new House bill, the You Own the Data Act (H.R. 8652), would give people clearer rights to see, move, correct, and delete their online data; require opt-in for tracking cookies; and limit how big platforms and data brokers collect and keep information, with FTC, state, and private enforcement. It’s early in the process—introduced May 4, 2026 and sent to the House Energy and Commerce Committee—and supporters and critics are already eyeing a key trade-off: strong user rights vs. a clause that still lets services require data sharing as a condition of use.
Headline Summary
A privacy bill to give you ownership-style control over your online data—letting you access, fix, delete, and port it—while limiting how big tech and data brokers collect, track, and monetize it.
What It Does
The You Own the Data Act (YODA) says users keep ownership of their personal data and sets nationwide rules for large online services and data brokers. It requires clear privacy notices, easy opt-outs (including a visible icon), opt-in for tracking cookies, faster access to what companies hold, the ability to correct, delete, or download your information, and short retention for browsing and biometric data. It empowers the Federal Trade Commission, state attorneys general, and (for larger firms) individuals to enforce the rules. A notable carve‑out allows a service to require consent to data transfers as a condition of using the service, which critics say could blunt some protections.
- Bans asking you to upload or share your contacts unless both you and those contacts consent in writing.
- Limits collection, use, sharing, and retention to what’s reasonably necessary for the service or for fraud/security—explicitly saying monetization alone isn’t “necessary.”
- Requires opt-in for tracking cookies and guarantees equal service for users who refuse cookie tracking.
- Sets stronger protections for minors by requiring parental consent (where technically feasible) for users under 18.
- Mandates timely breach notices plus remedies like credit monitoring.
Who’s For It
- Sponsor: Rep. Michael Cloud (R–TX).
- Likely privacy and consumer‑protection advocates who want clearer rights to access, delete, and port data, limits on tracking cookies, and shorter data retention.
- Some parents’ and youth‑safety voices, given parental‑consent requirements up to age 18 and limits on biometric and browsing‑history retention.
- State enforcers who gain parallel authority alongside the FTC.
Who’s Against It
- Digital advertising and data‑broker industries, who may argue the bill restricts data flows, adds compliance burdens, and invites litigation via a private right of action with statutory damages.
- Large platforms and app developers concerned that opt‑in cookies, a prominent opt‑out icon, and tight deletion timelines could reduce ad revenue and increase costs—even though the bill still allows “consent‑as‑a‑condition” in some cases.
- Some civil‑liberties and digital‑rights advocates may have mixed views: they support stronger rights but could warn the consent‑as‑a‑condition clause undermines meaningful choice.
- Smaller firms that rely on third‑party tools may worry about pass‑through compliance, although core thresholds target very large operators and data brokers.
What’s Next
As of May 5, 2026, H.R. 8652 was introduced on May 4, 2026 and referred to the House Energy and Commerce Committee. Next steps could include committee hearings, amendments, and a committee vote before any potential House floor action.
Discussion