CA Gov. Jerry Brown signs law to give consumers broad privacy rights

Because Mark Zuckerberg lied and Facebook, Google and others lied about stealing, then sending private information on web viewers, the Confederate State of California has taken action.  No longer will it be legal for them to collect and sell your private data without permission.  The key word is “legal”.  That does not mean they will not find another method of doing so—and they will.  Then we will go through this all over again.  That is what happens in a world of monopolies, government has not control.

“The bill — AB 375, or the California Consumer Privacy Act — turns the tech world’s business model on its head by letting regular internet users ask for the data a company has collected on them and whom the data has been sold to. That alone could be eye-opening for consumers. Most people understand their online activity is being tracked for targeted advertising, but we don’t have a broad understanding of what data’s being used.

Consumers could ask for a detailed list under this bill, which is sponsored by Assembly member Ed Chou and Sen. Robert Hertzberg, both Democrats. Couple that with the ability to say, “Hey, stop that,” and we could be on the brink of a major shift in how internet companies do business. The bill will take effect at the beginning of 2020, and the bill’s sponsors say that in the meantime they’ll work with the attorney general’s office to develop a plan to enforce the law.”

The FBI and the DOJ won’t give congress the information it requests, why would you believe anything Facebook or Google gives you?  Think it will be complete and accurate?  Who will know?  Nice law, makes people feel good—worthless as policy.  Another Sacramento scam on the people of the former Golden State.

facebook

CA Gov. Jerry Brown signs law to give consumers broad privacy rights

The law gives Californians increased control over their personal data, and one less thing to vote on in November.

by Laura Hautala, CNET,  6/28/18 

 

A major privacy bill signed into law in California on Thursday is poised to reshape how Silicon Valley does business. When the law goes into effect, people living in the Golden State can tell companies to stop collecting or selling their personal data.

In two votes Thursday, the state’s Senate and Assembly both passed the bill unanimously, and Gov. Jerry Brown signed it within a matter of hours. The rush to pass the bill comes courtesy of an even stricter voter initiative that would’ve appeared on California ballots this November if lawmakers hadn’t gotten the bill through by 5 p.m. PT Thursday. Thursday is the state’s deadline for withdrawing a ballot measure for the November election.

Privacy advocates cheered the new law. Marc Rotenberg, executive director of the Electronic Privacy Information Center, said the law means privacy could become an issue that impacts the upcoming midterm elections.

“This is a milestone moment for privacy law in the United States,” Rotenberg said in a statement. “The California Privacy Act sends a powerful message that people care about privacy and that lawmakers will act.”

The Internet Association, a lobbying group representing major tech companies including Facebook, Google, Uber, Amazon and Microsoft, said in a statement there wasn’t enough public debate about the bill.

“It is critical going forward that policymakers work to correct the inevitable, negative policy and compliance ramifications this last-minute deal will create for California’s consumers and businesses alike,” the group said in a statement.

The bill — AB 375, or the California Consumer Privacy Act — turns the tech world’s business model on its head by letting regular internet users ask for the data a company has collected on them and whom the data has been sold to. That alone could be eye-opening for consumers. Most people understand their online activity is being tracked for targeted advertising, but we don’t have a broad understanding of what data’s being used.

Consumers could ask for a detailed list under this bill, which is sponsored by Assembly member Ed Chou and Sen. Robert Hertzberg, both Democrats. Couple that with the ability to say, “Hey, stop that,” and we could be on the brink of a major shift in how internet companies do business. The bill will take effect at the beginning of 2020, and the bill’s sponsors say that in the meantime they’ll work with the attorney general’s office to develop a plan to enforce the law.

Sen. Bill Dodd, a Democrat from Napa, co-authored the bill and said Thursday that he was proud of the legislature’s quick action to get it passed. He’s especially happy with a provision that requires companies to get opt-in agreements to collect data on anyone younger than 16.

The push to pass a California privacy law comes as data privacy scandals have brought the anger of lawmakers and regulators down on Silicon Valley. Facebook CEO Mark Zuckerberg faced questioning from US lawmakers as well as the European Parliament in the wake of revelations that personal information from 87 million Facebook users leaked to UK political consultancy Cambridge Analytica. Other privacy scandals, including the revelation last year that email organizing service Unroll.Me was collecting and selling user information, as well as news Wednesday of a leak of 340 million records from marketing firm Exactis, have shown just how easily user data can spread across the marketplace in ways consumers don’t expect.

Questions about how new laws and regulations could better protect consumers from these kinds of situations emerged just as the European Union rolled out new privacy regulations for its citizens. The US doesn’t have a similar law at the federal level. Not even the new California law matches the protections the EU put in place in May, but it does include some of the same rights.

Dodd said in a statement that the law puts California at the forefront of improving privacy rights in the US, adding, “My hope is other states will follow, ensuring privacy and safeguarding personal information in a way the federal government has so far been unwilling to do.

A strange path to regulation

Silicon Valley hasn’t been eager for new privacy regulations, but in a strange twist, tech companies didn’t fight this bill — and some openly supported it. That’s likely because a ballot measure, cleared for a vote in California this fall, would’ve been even harder on tech companies collecting personal information. The initiative was more detailed in what it forces companies to disclose, and it demanded higher fines for law breakers.

Tech giants Google, Microsoft, Amazon, Uber and Facebook, as well as internet service providers Comcast, Cox, Verizon and AT&T, had already started lining up against the ballot initiative. Some donated to the Committee to Protect California Jobs, an independent expenditure committee that opposes the ballot initiative.

Companies should be held to high standards in explaining what data they have and how they use it.”

Will Castleberry, VP of state and local public policy, Facebook

The campaign to get the initiative on the ballot was funded by Bay Area real estate developer Alastair MacTaggart, who donated $1.6 million to the effort. MacTaggart said at a press conference after the bill’s signing that the campaign spoke with several experts, including people from the ACLU, Electronic Frontier Foundation and UC Berkeley, in developing the ballot measure. He also said his campaign had been ready to support the ballot measure through the November election if necessary.

The Committee to Protect California Jobs declined to comment on the law passed Thursday.

Before Thursday’s votes, a Facebook official said in a statement that the company supported the bill.

“People should be in control of their information online and companies should be held to high standards in explaining what data they have and how they use it, especially when they sell data,” said Will Castleberry, Facebook’s vice president of state and local public policy, who emphasized that the company doesn’t sell user data. “In that spirit, while not perfect, we support AB375 and look forward to working with policymakers on an approach that protects consumers and promotes responsible innovation.”

Not quite the GDPR

The rights in the new law are similar to some sections of the European Union’s new privacy law, the General Data Privacy Regulation, or GDPR, minus some important provisions. For one thing, it doesn’t enact a set deadline for notifying consumers of a data breach, which the GDPR does.

What’s more, the GDPR creates the possibility of enormous fines — potentially exceeding 40 million euros ($46.26 million) — for companies found in violation, and calls for a dedicated authority to enforce the law in each EU member state. The law passed in California does neither of those things.

Damages paid to consumers top out at $750 per person in each instance where the law is violated, and the highest penalty per violation that can be levied against companies is $7,500.

The California attorney general would be in charge of deciding whether to pursue legal action against companies for violating the law. Individual consumers can still sue under the law even if the attorney general doesn’t pursue the case.

That means there could be investigations from the attorney general’s office, as well as proposed class actions filed by lawyers against tech giants, if consumers believe companies are violating the rights in the law.

At the press conference after the bill’s signing, MacTaggart said California’s new law was only the beginning. “I feel like we have made a great stride forward for the country,” he said. “If it happened here, it will happen in the rest of the country.”

About Stephen Frank

Stephen Frank is the publisher and editor of California Political News and Views. He speaks all over California and appears as a guest on several radio shows each week. He has also served as a guest host on radio talk shows. He is a fulltime political consultant.