Privacy In California: Ballot Measure Qualifies, Bill Advances
By Levi Sumagaysay, SILICON BEAT - MERCURY NEWS
June 26, 2018
The day after the California Consumer Privacy Act qualified for the November ballot, a newly introduced bill with similar goals — and a strict deadline — passed a state committee.
The ballot measure, which aims to address privacy issues brought up by high-profile instances such as Facebook’s Cambridge Analytica scandal and numerous data breaches, would allow consumers to see what information companies are collecting about them and ask the companies to stop selling that data. It would also hold companies accountable for data breaches.
The principal backer of the ballot measure, San Francisco real estate developer Alistair Mactaggart, announced last week that he would withdraw it if state lawmakers passed the California Data Privacy Protection Act, and if it is signed into law by this Thursday, which is the deadline for withdrawing initiatives. The proposed legislation was introduced Friday by state Sen. Robert Hertzberg, D-Van Nuys, and Assemblymember Ed Chau, D-Monterey Park.
Tuesday in Sacramento, Mactaggart answered some lawmakers’ questions about his measure at the Senate Judiciary Committee hearing, as Hertzberg and Chau responded to questions about their bill.
A couple of lawmakers thanked Mactaggart for his initiative, which compelled them to take legislative action.
Sen. Henry Stern, D-Canoga Park, put it another way: “This initiative put us in a spot.”
In an interview with this publication after the hearing, Mactaggart said he feels “certain that we wouldn’t have had this conversation (on privacy) without the initiative.”
The California Data Privacy Protection Act is an amended version of AB 375, which was first introduced last year but reintroduced last week to address the issues the ballot measure raises. It has some provisions the measure doesn’t have, including requiring parental consent to sell the data of children under 16. It also would establish a process for privacy-breach lawsuits and limit liability: The state attorney general would first fine a company over a breach, then consumers would be able to sue. And it would allow consumers to ask companies to delete their data.
If it doesn’t become law by Thursday, Mactaggart said his measure, which is supported by groups such as Consumer Watchdog and other advocacy groups, “is polling really well.”
Google, Comcast, Verizon, AT&T and Facebook each contributed $200,000 to the effort to oppose Mactaggart’s measure, although Facebook and Verizon later withdrew their opposition. The tech and telecommunications industry and others worry that the efforts to protect consumer privacy go too far.
At least one legislator wondered if that’s the case.
“The internet relies on the free flow of information,” Stern said at the hearing. “How do we engage in commerce if that information can’t flow?”
The bill passed with a 5-0 vote and was re-referred to the Senate Appropriations Committee.
Levi Sumagaysay is a writer and editor for the Bay Area News Group. She's in charge of the SiliconBeat technology blog and Good Morning Silicon Valley newsletter.