September 30, 2019
Californians for Consumer Privacy, which led the push for the privacy law that passed in the state, has a new plan to establish a data protection agency to make sure the law is enforced. The goal is to amend the law via a ballot initiative; it will take the valid signatures of more than 620,000 registered voters to put it on the ballot. The California Consumer Privacy Act now gives consumers the right to see what personal data has been collected, to delete it and to prevent companies from selling it.
The New York Times reports that the ballot initiative will also “give Californians the right to opt out of having sensitive details — like their race, ethnicity, precise location, health and financial data — used in advertising or marketing … [and] also require companies that use algorithms to automatically make decisions about insurance and lending to explain their system’s reasoning to consumers.”
“People are waking up to the fact that they’ve lost control of their information and are trying to take that control back,” said Californians for Consumer Privacy founder/board chair Alastair Mactaggart.
But technology companies have been working to pass a less stringent federal law, arguing it is too difficult to comply with a patchwork quilt of state laws. The Internet Association is the trade group leading the push for a federal law; its members include Amazon, Facebook, Google, Microsoft and Uber. California’s newly passed privacy law is “believed to be the most comprehensive state consumer privacy law in the United States.”
Mactaggart, a real estate developer, spearheaded the first initiative with financial industry executive Rick Arney and lawyer Mary Stone Ross, while privacy expert Ashkan Soltani worked on the bill’s technical portions. Because the law was passed through the ballot initiative process, it will be more difficult to change, says NYT.
Mactaggart and his colleagues stated that, regardless of the law’s passage, in the wake of “data-mining failures at Facebook and other tech giants … Californians need stronger rights to control the spread and use of their personal information.”
California voters amended the state constitution in 1972 to add privacy to its list of inalienable rights, and “Mactaggart said he hoped that California would also become the first state to establish an independent data privacy regulator.” In fact, California created the Office of Privacy Protection in the early 2000s. It developed “industry standards for consumer data privacy and security practices.” But the guidelines were nonbinding, and the agency is now defunct.