In the past, California has exerted something like a gravitational pull on the rest of the United States; in both legislation and civil liberties, where the Golden State goes — with its 12 percent of the U.S. population and 14 percent of the country’s GDP — the U.S. has often followed. Digital rights advocates can (and should) hope that it continues with our electronic freedoms.
On Friday, California passed a sweeping consumer privacy bill that provides the strongest protection of consumer data in the U.S. Some are even describing it as California’s own GDPR, the European data protection legislation that went into effect in the E.U. at the end of May.
But that’s not the only way that California residents are stepping up to protect their digital rights. Here are three pieces of existing and in-the-works legislation that is already making an impact.
1. California Consumer Privacy Act of 2018
Around the world, the question of who really controls your data exploded once revelations about Cambridge Analytica and its use of Facebook data came to light.
Europe took action by enacting the General Data Protection Regulations, which gives E.U. citizens the right to know exactly what data companies keep on them, the right to revoke access, and the right to delete data. Meanwhile in the U.S., Congress responded with mostly grandstanding and out-of-touch questions posed to Mark Zuckerberg in congressional hearings. And while some members of congress have floated their versions of consumer protections bills, California has taken action.
“We are thrilled that AB 375 has become law,” said Alastair Mactaggart, chairman of Californians for Consumer Privacy, in a statement. “This is a monumental achievement for consumers, with California leading the way in creating unprecedented consumer protections for the rest of the nation.”
AB 375 came about in response to a ballot initiative promoted by Californians for Consumer Privacy. It gives broadly the same rights as the GDPR, allowing internet users to deny companies’ access to their data, the right to delete data, and the right to say no to the sale of your information. California citizens will have the right to request all of the personal information stored on them, which they can ask companies for twice a year. And the attorney general has the ability to enforce any breaches of the policy.
One of the craziest parts is that the bill was passed in both houses of the state legislature and signed into law on a single day. That action has led to the broadest consumer data protection law in the U.S. Well done, California.
2. Net Neutrality
California is also on the precipice of passing what internet freedom advocate Evan Greer described as the “gold standard” of net neutrality protection.
In December 2017, the Trump administration’s FCC voted to roll back net neutrality protections enacted by the Obama administration in 2015. So it’s up to states to preserve net neutrality for their constituents.
CA State Senator Scott Wiener sponsored a bill to enact true net neutrality in California. It passed out of the State Senate, but the chair of the Communications and Conveyance committee unfortunately riddled it with loopholes in committee. Now, Wiener has agreed to let the move advance out of committee. But he said he will revoke the bill from a vote unless those loopholes are plugged. If it passes, it could set a huge precedent for protecting net neutrality despite the Trump FCC’s machinations.
3. Digital privacy and police warrants
On the federal level, an outdated law from the 1980s currently governs whether law enforcement has to get a warrant before reading your emails. But in California, cops will have to show companies like Google warrants before getting access to your emails.
Thanks to the California Electronic Communications Privacy Act, passed in 2015 and enacted in 2016, California treats emails in the same way it does, say, physical letters in a filing cabinet in your home. It came in response to revelations from companies like Google and Microsoft reporting that law enforcement requests for access to emails and personal information was skyrocketing.
In the intervening years since the CA law was passed, congresspeople at the federal level have been trying to enact a similar law — without success. Most recently, the “Email Privacy Act” has gotten new life, as members of congress included the act as an amendment to the National Defense Authorization Act (NDAA). The NDAA with the amendment has passed, and will now need to be reviewed for changes by the Senate, before President Trump can sign it into law.
Catch up, Congress!