Matthew U. Scherer (Center Democracy & Technology) has posted “Legislative Poison Pills, Information Monopolies, and the False Dawn of State Tech Regulation” (44 Quinnipiac L. Rev (forthcoming 2026)) on SSRN. Here is the abstract:
State legislatures have responded to mounting concerns over data privacy and algorithmic decision systems (ADSs) with a flurry of new laws since 2021, but these efforts have largely failed to deliver meaningful oversight. This article argues that these failures stem from a combination of (1) pervasive information asymmetries, sometimes amounting to information monopolies, that define the data economy and (2) four categories of legislative “poison pills” (weak definitions, inadequate disclosure obligations, overbroad exemptions, and insufficient enforcement) that allow corporations to leverage their strong information advantages to avoid accountability.
These legislative poison pills do not arise by accident. Instead, as this article describes, they ultimately stem from bills and amendments drafted by the tech industry and its lobbyists. The true objective of these industry interest groups—to stop states from regulating emerging technologies altogether—was laid bare in the summer of 2025 when technology companies and venture capitalists unsuccessfully pressed Congress to completely ban states from regulating ADSs, AI systems, and AI models.
The combination of information monopolies and legislative poison pills has resulted in a façade of reform that, instead of reining in harmful data economy practices, has allowed them to proliferate. Such toothless legislation is not merely ineffective; it is counterproductive. It enables corporations to further consolidate their information advantages, makes later efforts at regulation more disruptive and difficult, and undermines public confidence in the ability of democratic institutions to serve as effective checks on powerful companies and industries.
The article contends that legislators must purge tech legislation of these poison pills and require disclosures targeting the underlying information asymmetries, which otherwise prevent not only the detection of harm but the ability to determine the risks that data-driven technologies and practices pose to consumers and workers. It further proposes affirmative measures such as whistleblower protections, mandatory reporting, and fiduciary duties to pry open corporate black boxes and address hidden harms from data-driven technologies and practices. Genuine progress will require lawmakers to recognize the scale of corporations’ information advantages and reject the poison pills by seeing them for what they are: an effort by the tech industry to obtain by sleight-of-hand the regulatory free pass that it has so far failed to obtain from Congress.
This article solely represents the views of the author, and not those of the Center for Democracy & Technology.