After Minneapolis: Why Digital Privacy Matters More Than Ever in Minnesota

Minneapolis changed the conversation about surveillance in America.

When ICE agents killed Renee Macklin Good during an enforcement operation in early 2025, it wasn’t an abstract policy debate anymore. It was a person, in a neighborhood, dead. The shock rippled through the Twin Cities and beyond, forcing millions of Minnesotans to confront a question they’d never had to ask before: how much does the government know about where I am, where I go, and who I talk to?

The answer, for most people, is far more than they realize.

Minnesota’s New Privacy Law

The Minnesota Consumer Data Privacy Act (MCDPA) went into effect on July 31, 2025. It gives residents the right to access, correct, delete, and opt out of the sale of their personal data.

That’s significant. Before the MCDPA, Minnesota residents had no comprehensive legal mechanism to demand companies stop selling their information. Now they do.

Your rights under the MCDPA include the right to know whether a company is processing your data, the right to access it, the right to correct inaccuracies, the right to delete it, the right to data portability, and the right to opt out of targeted advertising, data sales, and profiling.

These rights apply to companies that do business in Minnesota and meet certain data processing thresholds. The Minnesota Attorney General enforces the law.

The Surveillance Landscape

Minnesota’s privacy law addresses commercial data collection. But the surveillance infrastructure that made Minneapolis a flashpoint goes well beyond what any state privacy law covers.

License plate readers. Automated cameras log the plate, time, location, and direction of travel for every vehicle that passes. This data can be searched by law enforcement — and as reporting has shown nationwide, local police have searched these databases on behalf of ICE, despite policies prohibiting it.

Facial recognition. Minneapolis PD has used facial recognition technology in investigations. There are no statewide restrictions on government use of facial recognition in Minnesota, and growing advocacy for change.

Commercial data brokers. Your name, address, phone number, email, employment history, property records, and more are available on hundreds of data broker websites. Anyone — including government agencies — can purchase this data without a warrant.

Phone location data. Your phone broadcasts your location constantly. Government agencies have purchased commercial location databases compiled from app data, effectively tracking people’s movements without obtaining a warrant.

Social media monitoring. Law enforcement agencies monitor public social media posts. In the aftermath of the George Floyd protests in 2020, Minneapolis became a focal point for questions about how social media surveillance is used.

Why This Matters for Everyone

You don’t need to be undocumented to be affected by surveillance infrastructure. These systems collect data on everyone.

If you drive past a license plate reader, your movements are logged. If your face appears in any online photo, it may be indexed in a facial recognition database. If you’ve ever signed up for a service using your real name and address, data brokers have your information.

The question isn’t whether you have “something to hide.” The question is whether you want a detailed record of your daily life available to anyone willing to pay for it or search for it.

What Minnesota Residents Should Do

Step 1: Exercise your MCDPA rights. Submit deletion requests to data brokers. Cite the Minnesota Consumer Data Privacy Act by name. Start with the biggest brokers: Spokeo, BeenVerified, WhitePages, Radaris, TruePeopleSearch, FastPeopleSearch.

Step 2: Run a facial recognition audit. Search yourself on PimEyes, FaceCheck.ID, Google Lens, Yandex, and TinEye. See where your face appears online. If it’s indexed, submit opt-out requests to each database.

Step 3: Check your vehicle exposure. Use DeFlock.me to map license plate readers in your area. Check plate lookup sites and opt out. If you drive a connected car, review data sharing settings in your vehicle’s app.

Step 4: Disable ad tracking on your phone. On iPhone: Settings > Privacy & Security > Tracking > toggle off. On Android: Settings > Privacy > Ads > Delete advertising ID. This stops your phone from broadcasting a unique identifier that can be used to track your movements.

Step 5: Harden your social media. Set profiles to private. Disable facial recognition and tagging features. Remove tagged photos you didn’t consent to. Disconnect linked accounts. Strip EXIF metadata from photos before posting.

Step 6: Use encrypted communications. Signal for messaging. ProtonMail for email. A VPN on public WiFi. These aren’t extreme measures — they’re basic digital hygiene in 2026.

Step 7: Monitor for re-listing. Data brokers re-acquire information continuously. A one-time cleanup isn’t permanent. Check quarterly or set up ongoing monitoring.

The Bigger Picture

Minneapolis didn’t create the surveillance infrastructure. It revealed it. The cameras, the databases, the data brokers, the facial recognition systems — they were already there, quietly collecting data on millions of people.

What changed is that people started asking who has access to that data and what they’re doing with it. The MCDPA is a step toward answering that question. But the law only covers commercial data collection. The surveillance tools that made Minneapolis a flashpoint — license plate readers, facial recognition, location tracking — operate largely outside its scope.

Protecting your privacy means addressing all of these vectors, not just the ones the law covers.