Privacy groups, online firms gird for battle over California online data-disclosure bill
Recently-filed 'Right to Know Act' would require firms to disclose data collection and data sharing habits
Internet companies and privacy advocates appear headed for a fight over a proposal to broaden California's so-called Shine the Light Law, which requires online companies to disclose to consumers how their personal information is used.
The so-called "Right to Know Act" (AB 1291) would also require online companies to give users access to any data compiled on them.
Privacy groups say the new bill would give consumers more visibility into the data collection and sharing habits of online companies they interact with. Some industry groups, however, contend that the proposal is too broad -- and is unworkable.
The new bill, sponsored by Assemblywoman Bonnie Lowenthal (D-Long Beach), would broaden the provisions of the 10-year-old Shine the Light Law, which requires disclosure of how personal consumer information is used and how it is shared for direct marketing purposes. Lowenthal's bill also requires that online companies provide consumers who ask with specific details on how their personal information is shared with data brokers, online advertisers and application vendors.
Under the proposed law, individual consumers could ask Internet companies like Google and Facebook once a year for a complete accounting of how their data is being collected and used.
The bill gives companies a safe harbor if they take adequate measures to anonymize consumer data before storing or sharing it. In addition, if an online company cannot reasonably link a data profile to a specific person, it would not be obligated to respond to a data disclosure request.
The Right to Know Act helps bring some transparency to how online companies collect and use consumer information, said Rainey Reitman, activism director at the Electronic Frontier Foundation.
The EFF supports the proposed bill.
Most Internet users today are unaware of how much of their personal information is routinely gathered and shared by Internet companies, Reitman said. The proposed legislation would give consumers a view of that, she said.
The law imposes no restrictions on information collection, sharing or selling.
It would not require Internet companies to change current data collection, sharing, storage or security processes, Reitman said. In fact, the provisions contained in the bill are similar to data disclosure laws in Europe, laws that many American online firms must already comply with, she noted.
The bill also provides much flexibility to online firms, said Chris Conley, technology and civil liberties fellow at the American Civil Liberties Union (ACLU) of Northern California.
For instance, instead of having to respond to individual data disclosure queries, an online firm could simply provide just-in-time notices to consumers. The notices could inform consumers of what data of theirs is being collected at a specific moment, and with whom it is being shared, he said.
- U.S. commercial drone industry struggles to take off
- Snowden leaks erode trust in Internet companies, government
- NSA phone metadata collection program renewed for 90 days
- NSA isn't evil, says noted civil libertarian
- Franken presses Ford on location data collection practices
- Justices let stand appeals court decision on border searches of laptops
- California lawmakers move to bar state help to NSA
- Appeals court again nixes Google's bid to overturn Street View case
- Older Mac webcams can spy without activating warning light
- Update: Judge rules NSA spy efforts may be unconstitutional
Changing the Way Government Works: Four Technology Trends that Drive Down Costs and Increase Productivity
This paper discusses four technology-based approaches to improving processes and increasing
productivity while driving down department and agency costs.
- Path Selection Infographic Path Selection Infographic
- Hyperconvergence Infographic A wide range of observers agree that data centers are now entering an era of "hyperconvergence" that will raise network traffic levels faster...
- Preparing Your Infrastructure for the Hyperconvergence Era From cloud computing and virtualization to mobility and unified communications, an array of innovative technologies is transforming today's data centers.
- Cloud Knowledge Vault Learn how your organization can benefit from the scalability, flexibility, and performance that the cloud offers through the short videos and other resources...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users? All Gov't Legislation/Regulation White Papers | Webcasts