Maryland Online Data Privacy Act of 2024 (MD ODPA)
Comprehensive consumer-privacy statute built around a strict data-minimization model — one of the most protective in the US. Bans sale of sensitive personal data, bars targeted advertising to known minors under 18, and limits data collection to what is reasonably necessary to deliver the product or service.
Key Provisions
What MD ODPA requires
Data minimization: collection limited to what is reasonably necessary for the specific requested product or service
Ban on the sale of sensitive personal data (including data of known minors)
Prohibits targeted advertising to consumers known to be under 18
Bars processing children's data beyond what is necessary to provide the service
Restrictions on third-party tracking and data-broker sharing
Enforcement by the Maryland AG
Rule Categories Covered
Phosra enforcement categories for MD ODPA
Data Minimization Enforce
otherEnforces data minimization enforce rules across connected platforms.
Commercial Data Ban
otherEnforces commercial data ban rules across connected platforms.
Targeted Ad Block
advertisingBlocks behavioral advertising, ad profiling, and retargeting for minor users across connected platforms.
Third Party Tracker Block
otherEnforces third party tracker block rules across connected platforms.
Platforms Affected
Platforms covered by MD ODPA
MCP Enforcement
Enforce MD ODPA with a single API call
// Enforce MD ODPA compliance
tool: trigger_child_enforcement
input: {
child_id: "ch_emma_01",
law: "MD_ODPA",
rules: [
"data_minimization_enforce",
"commercial_data_ban",
"targeted_ad_block",
"third_party_tracker_block"]
}
→ all enforcement applied ✓
Start building MD ODPA-compliant features today
Phosra handles the complexity of multi-platform compliance so you can focus on building great products for families.