State privacy overview

Maryland Data Privacy: A Plain-Language Overview

Informational summary · No comprehensive consumer privacy law (as of 2026)
General information — not legal advice. This overview is provided for general educational purposes only and may not reflect the most recent changes in the law. It is not legal advice and does not create any attorney–client relationship. Verify current requirements with the state's official resources and consult qualified counsel before acting.

No comprehensive consumer privacy law (as of 2026)

Status: No broad consumer privacy statute is in effect; businesses must comply with sector-specific laws and general consumer protection standards.

Maryland does not have a single, comprehensive law regulating the collection and sale of all personal data. Instead, the state relies on the Maryland Consumer Protection Act to prohibit deceptive trade practices, alongside specific statutes that strictly regulate Internet Service Providers (ISPs) and certain types of sensitive consumer data. Businesses operating in Maryland must navigate these targeted rules rather than a unified privacy framework.

Rights residents generally have

Who it generally applies to

General consumer protection rules apply broadly to all businesses operating in Maryland; the specific ISP data usage restrictions apply to entities providing internet access services.

What this means for B2B outreach

The general consumer protection statute typically does not apply to B2B transactions. However, strict industry-specific requirements, such as the Maryland Broker Notice of Records Search Act, may mandate disclosure of data breaches involving business or professional records.

Authoritative source: Maryland Office of the Attorney General. Always confirm current requirements there.

Marketing that respects privacy by design

We run permission-based, compliance-minded campaigns with real opt-out handling.

Talk to us

← All state privacy overviews