Google: New Privacy Law in California – “Unintended Consequences”
(The AEGIS Alliance) – The California Consumer Privacy Act of 2018 is very possible to result in sweeping ramifications for tech companies when it comes into effect in 2020.
“It’s a landmark development that everyone is still absorbing,” stated David Keating, a partner at the law firm Alston and Bird which is Atlanta, Georgia-based whose main focus is on security, technology, and indeed privacy. “It remains to be seen whether the statute will work as drafted, but it’s certainly going to create some challenges and potentially impact innovation for companies.”
On Thursday, The California Consumer Privacy Act of 2018 was passed by California lawmakers, also named AB 375, a bill which was approved unanimously by both the State Senate and Assembly, then signed by Gov. Jerry Brown. It gives residents of the state additional control over data gathered by businesses on the. The bill also imposes new penalties onto businesses that do not comply.
Consumers are granted more rights, among them is the right for individual consumers to request data that businesses have been collecting on them. Also included in the bill is the right for a person to object to their data being sold, the right to receive this information in portable format, along with rights for asking businesses to remove their personal information.
Within the next 18 months, numerous tech companies, which includes Facebook, Apple, and Google — will need to be making efforts towards establishing protocols that will meet all requirements of AB 375’s, many of these laws are a first for the United States, but seemingly mirror the more expansive GDPR in some ways, known as the General Data Protection Regulation, which took effect in the European Union just this past late May. Companies known as Google and Facebook are already allowing users to download and access copies of their data. Although, a fewer amount of companies allow users “opt out rights” for having their information sold onto third-parties.
Keating is contending that because companies such as Google and Facebook have already worked towards meeting the requirements of GDPR, they may not need to start over when it comes to AB 375.
Law Imperfections
But, even advocates of privacy are contending that AB 375 is not without its own shortcomings. This bill, that was initially introduced over one week ago, had been fast-tracked through the State Senate and Assembly as sort of a Hail Mary effort to strike down another privacy-focused initiative on the ballot, and it has shown. Some of its language is still overly broad, with the law including loopholes which let companies charge consumers increased prices if they have opted out of getting their information sold, for example.
“While today’s law marks some improvements to an overly vague and broad ballot measure, it came together under extreme time pressure, and imposes sweeping novel obligations on thousands of large and small businesses around the world, across every industry,” Katherine Williams, a Google spokesperson, said in a statement. “We appreciate that California legislators recognize these issues and we look forward to improvements to address the many unintended consequences of the law.” she continued.
Facebook expressed some of the same sentiments, while also reaffirming that it does not actually sell off people’s data.
“People should be in control of their information online and companies should be held to high standards in explaining what data they have and how they use it, especially when they sell data,” Will Castleberry, Facebook VP of State and Local Public Policy stated. “We are committed to being clear with people about how our services work, including the fact that we do not sell people’s data. In that spirit, while not perfect, we support AB 375 and look forward to working with policymakers on an approach that protects consumers and promotes responsible innovation.”
This past spring the social network faced intense scrutiny, after revelations surfaced in mid-March that Cambridge Analytica, a political consultancy which is now-defunct, had harvested the data of up to 87 million Facebook users. The controversy that ensued ignited data privacy concerns by Capitol Hill, when they summoned Facebook CEO Mark Zuckerberg to testify in front of congress. That controversy may have just helped pave the way for AB 375 only three months later.
Featured Image: CC/Flickr/Stock Catalog
Kyle James Lee – The AEGIS Alliance – This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
