Tech lobby can’t win changes in CA online privacy law

by Chris Reed | August 27, 2019 2:34 pm

Tech companies have lobbied at the state Capitol for big changes in a far-reaching law that takes effect Jan. 1, 2020, with almost no success.

With the California Legislature in the final three weeks of its session, big tech companies and business lobbies have so far had little success in getting changes to the California Consumer Privacy Act[1]. The landmark online privacy law – enacted in summer 2018 – takes effect Jan. 1, 2020.

The law parallels a sweeping measure[2] adopted by the European Union that took effect in May 2018. It gives consumers the right to know who is collecting what data on them from their online browsing and provides them the choice of opting out from collection.

Defenders of the state law say the reason it has been targeted so vigorously is because tech firms know that California often influences what other states or even Congress does. These companies prefer the present anything-goes data accumulation landscape allowed under federal law. The Golden State law did appear to inspire 24 states to consider online privacy laws this year, according to Pew’s Stateline[3] research site, though few have been enacted so far.

Critics: Flaws will hurt bottom lines, customers

But critics say they are going after the law because it is poorly crafted and could both drive companies out of business and reduce the ways that online information gathering actually helps consumers by connecting them to goods and services they are likely to want. Among the criticisms offered by the California Chamber of Commerce and the state chapter of the National Federation of Independent Business:

The limits put on what “personal information” can be gathered are so broadly written that they apply to broad swaths of information that can’t be linked to individuals but that can help businesses develop marketing strategies.

The provision banning businesses from the sale of information gathered online is so broad it will make it difficult for businesses to use information that it has gathered directly and legitimately from use of their websites to determine what customized content to provide customers.

Legislation that would address these concerns has not advanced.

Local agencies fear effect on public health, tax collection

The Bay Area News Group also reported[4] on the failure of a bill that would have allowed government agencies to have access to consumer information for a variety of priorities, including helping government officials “to collect child support, find people exposed to infectious diseases, locate foster children’s family members, determine social service eligibility, and collect delinquent taxes and judgments.”

One measure – Assembly Bill 25[5] by Assemblyman Ed Chau, D-Monterey Park – has made progress. It would make clear that the law doesn’t cover employees acting within the scope of their basic job duties. As a co-sponsor of the original law, Chau had more credibility than some of the lawmakers’ who appeared to be proposing changes at the tech industry’s behest.

AB25 passed the Assembly on a 77-0 vote[6] in May and an amended version was approved by the Senate Judiciary Committee on an 8-0 vote last month. But it has not been considered by the Senate Appropriations Committee since its referral.

Dramatic late-session moves could resurrect some of the more controversial bills seeking to narrow the Consumer Privacy Act. But an official with the Electronic Frontier Foundation told the Bay Area News Group that come Jan. 1, the foundation expected that “the same bill [adopted last year] goes into effect.”

Why focus is likely to shift from Sacramento to Albany

The tech companies and lobbying groups could soon shift their attention from California, the richest state in terms of GDP, to New York, the third richest.

In 2020, lawmakers there are expected to consider perhaps the most far-reaching[7] online privacy law in the world. One likely provision would make it a “fiduciary duty” for companies to use the data they accumulate in ways that advance the customer’s best interests. Depending on how this is interpreted, this could mean the end of the present model of micro-targeting of consumers through information gained from their online searches and activity – at least in New York state.

Endnotes:

California Consumer Privacy Act: https://oag.ca.gov/privacy/ccpa
measure: https://en.wikipedia.org/wiki/General_Data_Protection_Regulation
Stateline: https://www.pewtrusts.org/en/research-and-analysis/blogs/stateline/2019/07/31/states-battle-big-tech-over-data-privacy-laws
reported: https://www.mercurynews.com/2019/07/29/heres-how-tech-companies-want-to-change-californias-landmark-consumer-privacy-act/
Assembly Bill 25: https://leginfo.legislature.ca.gov/faces/billVotesClient.xhtml?bill_id=201920200AB25
77-0 vote: https://leginfo.legislature.ca.gov/faces/billVotesClient.xhtml?bill_id=201920200AB25
most far-reaching: https://www.wired.com/story/new-york-privacy-act-bolder/

Source URL: https://calwatchdog.com/2019/08/27/tech-lobby-cant-win-changes-in-ca-online-privacy-law/