Voter-approved Proposition B mandates that San Francisco create what supporters say would be the toughest data-protection policy of any U.S. city, and would go beyond California’s landmark Consumer Privacy Act. Now comes the hard part: writing the rules that will overcome legal, technical and enforcement challenges.
As city officials this spring craft a ‘privacy-first policy’ mandated by voter-approved Proposition B, supporters hope its lofty ambitions will start to become a reality this summer. Already there are signs that the city could move to the forefront of enforcing limits on data collection and reshaping our relationship with technology companies.
California Attorney General Plans Few Privacy Law Enforcement Actions, Telling Consumers to Take Violators to Court
Attorney General Xavier Becerra says his office is ill equipped to prosecute violations of the state’s landmark data-privacy law, which takes effect in January. Only a handful of the most egregious cases will be handled per year. Instead, he wants aggrieved consumers to take violators to court on their own.
Though consumers may ask companies to delete or stop collecting data about them, the First Amendment and open-records statutes may thwart their efforts to get people-search sites to delete data after the law takes effect in January. Information brokers argue that the data they post comes from government entities and is publicly available.
Even though federally regulated consumer reports were already exempted from California’s ambitious new privacy law, the companies that sell them spent much of the last year engaged in an as yet unsuccessful lobbying effort to prevent individuals from opting out of sharing their own data from the firms’ databases. That’s in part because they have diversified beyond consumer reports and credit scores and into the creation of personal profiles based on online information that is less well regulated and critics of the industry call intrusive.