Last week, California’s Secretary of State announced that the California Privacy Rights Act (CPRA) that will be on November 2020 ballot. The Californian’s for Consumer Privacy which brought forth the groundbreaking California Consumer Privacy Act (CCPA) that is now the law of the land, wants to push protections farther.
The group tells Californians that the CPRA “will give you the power to take back control over your personal information, expand consumer rights, create more transparency and establish an enforcement arm to protect these rights.” With ACLU polls showing 90% of California voters want more privacy protections, the state is once again poised to lead the nation in privacy law advances.
The CA Secretary of State summarizes the proposed CPRA as follows:
“AMENDS CONSUMER PRIVACY LAWS. INITIATIVE STATUTE
- (1) prevent businesses from sharing personal information; (2) correct inaccurate personal information; and (3) limit businesses’ use of “sensitive personal information”—such as precise geolocation; race; ethnicity; religion; genetic data; union membership; private communications; and certain sexual orientation, health, and biometric information.
- Changes criteria for which businesses must comply with these laws.
- Prohibits businesses’ retention of personal information for longer than reasonably necessary.
- Triples maximum penalties for violations concerning consumers under age 16.
- Establishes California Privacy Protection Agency to enforce and implement consumer privacy laws, and impose administrative fines.
- Requires adoption of substantive regulations.”
The Legislative Analyst and Director of Finance assessment indicates:
- “Increased annual state costs of roughly $10 million for a new state agency to monitor compliance and enforcement of consumer privacy laws.
- Increased state costs, potentially reaching the low millions of dollars annually, from increased workload to DOJ and the state courts, some or all of which would be offset by penalty revenues.
- Unknown impact on state and local tax revenues due to economic effects resulting from new requirements on businesses to protect consumer information. (19-0021A1.)”
(bullets added for readability)
My recent overview of the CCPA — before any changes from a successful ballot measure — can be found here.