In June, privacy advocates celebrated the passage of a historic bill[1] in California that gave residents of that state unprecedented control over how companies use their data. Two months later, the party's over.
Lobbying groups and trade associations, including several representing the tech industry, immediately started pushing for a litany of deep changes that they say would make the law easier to implement before it goes into effect in January 2020. But privacy advocates worry that pressure from powerful businesses could end up gutting the law completely.
"This is their job: to try to make this thing absolutely meaningless. Our job is to say no," says Alastair MacTaggart, chair of the group Californians for Consumer Privacy, which sponsored a ballot initiative that would have circumvented the legislature and put the California Consumer Privacy Act to a vote in November. Big Tech and other industries lobbied fiercely against the initiative. In June, MacTaggart withdrew it once the bill, known as AB 375, passed.
At the most basic level, the law allows California residents to see what data companies collect on them, request that it be deleted, know what companies their data has been sold to, and direct businesses to stop selling that information to third parties. But the task of shaping the specifics is now in the hands of lawmakers—and the special interests they cater to.
“The new sheriffs showed up and drew a gun. Then they put it down and walked away,” Kevin Baker, legislative director of the American Civil Liberties Union in California, says, referring to MacTaggart’s initiative. “Now that they’ve done that, and the initiative threat has gone away, we’re back to politics as usual.”
The Clean-Up
With just three days left in the legislative session, California lawmakers are scrambling to vote on a