The subtext to this call to action is the California privacy regulations that are set to take effect by the end of this year.
As we noted when the bill was passed last year there are a few key components of the California legislation, including the following requirements:
Businesses must disclose what information they collect, what business purpose they do so for and any third parties they share that data with.
Businesses would be required to comply with official consumer requests to delete that data.
Consumers can opt out of their data being sold, and businesses can’t retaliate by changing the price or level of service.
Businesses can, however, offer “financial incentives” for being allowed to collect data.
California authorities are empowered to fine companies for violations.
There’s a reason why companies would push for federal regulation to supersede any initiatives from the states. It is more of a challenge for companies to adhere to a patchwork of different regulatory regimes at the state level. But it’s also true that companies, following the lead of automakers in California, could just adhere to the most stringent requirements, which would clarify any confusion.Indeed, many of these companies are already complying with strict privacy regulations thanks to the passage of the GDPR in Europe.
Most significantly, tech companies themselves have been lobbying Congress to pass national legislation that would override an emerging patchwork of state privacy laws – particularly new rules set to take effect in California next year that would give the state’s attorney-general broad powers to police Silicon Valley.
WTF is GDPR?