Difference between revisions of "California Consumer Privacy Act of 2018"
(→Context) |
(→Context) |
||
Line 3: | Line 3: | ||
==Context== | ==Context== | ||
− | A [https://oag.ca.gov/system/files/initiatives/pdfs/17-0039%20%28Consumer%20Privacy%20V2%29.pdf | + | A [https://oag.ca.gov/system/files/initiatives/pdfs/17-0039%20%28Consumer%20Privacy%20V2%29.pdf citizen initiative hadbeen filed with the secretary of state in California] to [https://www.nytimes.com/2018/05/13/business/california-data-privacy-ballot-measure.html limit the sale of user data]. |
Prior to the initiative the State legislature enacted [https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180AB375 the California Consumer Privacy Act of 2018]. | Prior to the initiative the State legislature enacted [https://leginfo.legislature.ca.gov/faces/billTextClient.xhtml?bill_id=201720180AB375 the California Consumer Privacy Act of 2018]. |
Revision as of 14:16, 13 November 2019
Full Title or Meme
California Consumer Privacy Act of 2018 (AB 375)
Context
A citizen initiative hadbeen filed with the secretary of state in California to limit the sale of user data.
Prior to the initiative the State legislature enacted the California Consumer Privacy Act of 2018.
This seems like a much better solution than the GPDR. It will effectively shut down the bottom feeders around data sales, like Spokeo and the like, and the apps that sell them data to support themselves, the big 6 won't be affected by this so far as it can be foreseen. Because ultimately if the big 6 get sued, the court will ask for proof that the 6 sell data to entities outside each of their companies, and it seems either they don't now or wont in the future to avoid liability. They are still opposed to the adoption of this measure and some are fighting it, but others have decided this might be the best option they will get. In any case it will give citizen the right to ask a site where they got that data they have on you and ask for it to be removed. It does not seem that the GDPR provides even that much support for individuals.
There will likely be lots of case law generated as a result of the expected passage of this initiative. Here are two possible cases that might arise.
- Case one: An assistant prof a Pepperdine U, I. M. Clueless, creates some research app that manages (almost by accident) to collect a lot of user information. A partisan committee in Irvine hires a lawyer, from Dewy Cheatem and Howe to help fund professor Clueless provided that they can "examine" the detailed results of the app, which wind up influencing the election results in a swing district. Did either the professor or the lawyer break the law? (Some of you will relate this to the Cambridge Analytica case removed to California jurisdiction.)
- Case two: A supplement company in Oakland, Nature's Detritus, sells Mary a bottle of Folic Acid. Mary was savvy enough to modify her name so that when ads for Pampers start to flood Mary Detritus' mail box from some unrelated company, can Mary take action against Nature's Detritus if she does not have direct evidence that they received cash from the mailer? (Some of you will see the connection to a real world case at Target a few years back.)
Some legal advice already received indicate that the first case would depend on details not knowable now. My guess is that the problem is relating the quid to the pro quo. In other words can the money payment be directly related to the release of information. The second could be winable if Mary could definitively link the release to the seller.
Problems
Solutions
References
- ↑ https://www.wired.com/story/california-unanimously-passes-historic-privacy-bill/
- ↑ https://www.caprivacy.org/post/ab-375-signed-californians-for-consumer-privacy-applauds-successful-passage-of-groundbreaking-legislation
Other material: