:

MARYLAND BANS SURVEILLANCE PRICING IN GROCERY STORES

SECURITY DESK1 MIN READ
FRI, MAY 22, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

Maryland has become the first U.S. state to prohibit surveillance pricing—the practice of using personal data to charge different prices to different customers. The law restricts retailers from employing facial recognition, purchase history, and other tracking methods to set individualized prices.

The legislation targets dynamic pricing based on consumer surveillance, a growing practice in retail where companies use AI and data analytics to optimize prices for individual shoppers. Grocers have increasingly adopted such systems to maximize revenue, sometimes charging loyal customers higher prices based on their shopping patterns. Mariland's ban applies specifically to grocery stores and requires retailers to offer uniform pricing across customer segments. The law includes exceptions for loyalty programs and promotional discounts offered broadly to shoppers. Proponents argue the measure protects consumers from unfair pricing practices, while retailers have raised concerns about operational impacts. The legislation reflects broader regulatory scrutiny of surveillance capitalism and algorithmic pricing in consumer markets. Other states are monitoring Maryland's approach as privacy advocates push for similar restrictions nationally. Implementation details and enforcement mechanisms remain under development as the law moves toward full effect.

■ SOURCES

Hacker News

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.

4H AGOIndustry Desk

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.

4H AGOSecurity Desk

Tailscale disclosed a critical vulnerability in its SSH implementation that allowed attackers to gain root access through insecure argument handling. The flaw has been patched in recent versions.

7H AGOAI Desk

A new study found that social media platforms referred over 5.7 million visits to nonconsensual deepfake pornography sites between December 2025 and March 2026, with YouTube and X accounting for the majority of traffic.

9H AGOIndustry Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.