Privacy advocates love California's new personal data law; internet companies, not a data bit.
No sooner had Gov. Jerry Brown signed the California Consumer Privacy Act than Silicon Valley began to erupt in protest. Consumer groups, on the other hand, saw it as a sign of good things to come.
"This is a milestone moment for privacy law in the United States," said Marc Rotenberg, executive director of the Electronic Privacy Information Center. It may also be an epic harbinger of privacy lawsuits.
The law gives consumers the right to know what personal information is being collected about them and whether it is being sold and to whom. It also empowers them to delete the collected information and to stop the sale of their information.
"Consumers would have the right to request all the data collected about them from a business up to twice a year, and businesses would be required to disclose the information free of charge," Ars Technica reported.
The Internet Association, a lobbying group for tech companies like Google, Facebook, and Amazon are not happy about it. They said policymakers need to "correct the inevitable, negative policy and compliance ramifications this last-minute deal will create for California's consumers and businesses alike."
The governor signed the law just under the deadline for a ballot initiative that would have put a more expansive version before voters in November.
Internet Upside Down
CNET said the new law "turns the tech world's business model on its head." That's because many internet companies bank on selling user's personal information.
The bill also allows consumers to sue companies up to $750 for unauthorized data breaches of their non-encrypted personal information. If it had been the law last year when Yahoo disclosed three billion accounts were breached, that could have been $2 trillion, two-hundred fifty billion -- give or take a billion.
For any lawyers who are counting, the law goes into effect in 2020.