Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Privacy

California Voters Expand Data Privacy Law

California voters have backed an initiative expanding a data privacy law criticized by rights watchdogs as having worrying “loopholes” for firms such as Google and Facebook.

California voters have backed an initiative expanding a data privacy law criticized by rights watchdogs as having worrying “loopholes” for firms such as Google and Facebook.

The initiative, which got 56 percent of the vote in Tuesday’s election, builds on a state law by letting people limit how businesses use data such as their location, race and religion.

It also lets regulators levy fines of up to $7,500 per violation of children’s privacy rights and creates a state agency to enforce the law.

The California Consumer Privacy Act become law at the start of this year, the toughest of its kind in the US.

Like the European Data Protection Regulation (GDPR), applied in the European Union since May 2018, the California law guarantees rights regarding control of online data.

Alastair Mactaggart, the wealthy San Francisco real estate developer behind the original law and the act refining it, called its passage historic.

“We are at the beginning of a journey that will profoundly shape the fabric of our society by redefining who is in control of our most personal information and putting consumers back in charge of their own data,” Mactaggart said.

California ACLU officials, however, opposed the initiative, contending it would undermine privacy and increase the burden on people to protect themselves from abuses of their data by big tech companies.

Advertisement. Scroll to continue reading.

The ACLU of Northern California argued that the initiative was “full of loopholes”.

Flaws in the initiative include “carve-outs written by the credit-reporting industry and new ways to keep consumers in the dark about what companies are doing with their personal information,” according to the ACLU.

The initiative limits businesses that have to comply with the law to only companies that buy or sell data of at least 100,000 households a year, the ACLU noted.

Critics point out that Facebook or Google could claim to be exempt regarding online data they don’t pay for but is used to target advertising.

The change to the law also makes it easier for businesses to charge people more if they refuse to let their data be used, according to critics.

Backers of the initiative contended that the laws will set the bar for privacy rights in the US.

“I look forward to ushering in a new era of consumer privacy rights with passage of the California Privacy Rights Act,” said Californians for Consumer Privacy board chairman Andrew Yang.

RelatedState vs. Federal Privacy Laws: The Battle for Consumer Data Protection

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Artificial Intelligence

Two of humanity’s greatest drivers, greed and curiosity, will push AI development forward. Our only hope is that we can control it.

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Privacy

Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is...

Privacy

Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...

Application Security

Open banking can be described as a perfect storm for cybersecurity. At one end, small startups with financial acumen but little or no security...

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Government

The proposed UK Online Safety Bill is the enactment of two long held government desires: the removal of harmful internet content, and visibility into...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.