Skip Links

Businesses, privacy activists wrestle over California privacy bill

By Antone Gonsalves, CSO
April 03, 2013 08:51 PM ET

CSO - Businesses and privacy advocates are squaring off over a proposed law that would make California the first state in the nation to give people the right to see all the information companies have on them and to find out who the data is shared with.

Groups such as the Electronic Frontier Foundation and the American Civil Liberties Union say California Assembly bill AB 1291 would help consumers decide whether they wanted to continue doing business with a company, based on the way it handled their personal information.

[ALSO: 4 Internet privacy laws you should know about]

To opponents such as the California Chamber of Commerce and TechAmerica, the bill is too broad in defining the information covered and would open businesses up to frivolous lawsuits.

On Monday, lawmakers amended the bill, introduced in February by Democratic Assemblywoman Bonnie Lowenthal, to increase its chances of getting through the Legislature. To opponents, the changes were not enough.

"TechAmerica has some obvious high-level concerns with the bill," said Robert Callahan, director of state government affairs for the industry trade group. "In addition to several of its provisions being unworkable from a compliance standpoint for tech companies, the new language specifically states that any violation of the law will constitute injury to consumer, opening the door wide open for abusive lawsuits."

California has been a leader among states in toughening online privacy laws. In 2004, the state passed the Online Privacy Protection Act that required Web sites to post their privacy policies where it can be easily seen and accessed. Last year, state Attorney General Kamala Harris formed a special unit to prosecute companies that break California's strict privacy laws.

The latest bill, called the Right To Know Act of 2013, deals only with giving people access to personal information. It does not set any limits on the amount of data a company can collect, nor does it say how the data should be secured or whom it can be shared with.

For privacy advocates, the bill is a "foundational step," said Rainey Reitman, activism director for the Electronic Frontier Foundation. Transparency is what the consumer needs to see how their personal data is being used and to decide whether to continue a relationship with a company or website.

"It's important for consumer trust on the Internet," Reitman said.

Nevertheless, from the standpoint of the Chamber of Commerce, the bill goes too far in expanding the definition of personal information to cover not only data that identifies an individual, but also the IP address of personal computers and the device identifiers of smartphones. Such devices are often used in contacting a business or website just to get information.

[Also see: Facing FTC pressure, Apple bolsters privacy, security]

"While we understand that the bill is sponsored by several consumer organizations, it is unworkable, rests on mistaken assumptions about how the Internet works, and would impose costly and unrealistic mandates on California's technology sector with minimal benefit to state residents," the chamber said in a letter to bill sponsor Lowenthal. The letter was signed by more than a dozen other organizations, including insurance, tech and banking groups.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News