PRIVACY BEAT: Some CCPA changes appear positioned for Senate passage

1. Some CCPA changes appear positioned for Calif. Senate passage — then Assembly talks in September

It looks as if the final language of the California Consumer Privacy Act, effective Jan. 1, is going to end up subject to last-minute lobbying in a legislative conference committee between now and Sept. 13.  That’s according to an Aug. 14 blog account by attorney Cynthia J. Larose, of the Mintz, Levin law firm. 

“As of the Senate Appropriations Committee hearing yesterday, a group of amendments were pulled from the agenda at the last minute and appear to be heading directly to the Senate floor for a vote without further changes,” Larose writes. “Once voted out, these are likely to be crossing over to the Assembly for conference markup.”

Her report ticks off the affected amendments.  One, AB-846, could affirm the ability of publishers to charge for digital content, because it refers to “premium services” as well as loyalty programs.  Another, AB-1355, allows a consumer to be treated differently based on the value of the information they are willing to share.

The others affect employee information, data from public records, auto-vehicle records and whether a website has to have a phone number as well as an email address for consumer privacy inquiries. Larose says one proposal, AB-1281, which would have regulated facial-recognition technologies, “appears to have stalled for now.” 

CCPA COUNTDOWN:

• California’s attorney general seeking three lawyers to become CCPA enforcers (Ross Todd, Law.com)

• Software vendor ESET says its survey shows widespread business ignorance, confusion about CCPA (ESET, Business Wire)

• Push to expand state consumer privacy law likely is not over, says California business lobby (Calif. Manufacturers & Tech Assn., NorCal Record)

• CCPA meant to take on Big Tech. — Small businesses caught in the middle (Sara Rubin, Monterey County Weekly)

• A fresh legal analysis of CCPA compliance obligations (Womble Bond Dickinson (US) LLP)

• A legal primer on CCPA requirements for responding to consumer requests (Emily Bruemmer, Davis Wright Tremaine LLP)

2. OTI urges tech focus on ‘marginalized’ civil rights protections; author is named Shorenstein fellow

New America’s Open Technology Institute (OTI) released a report this week outlining how problems with companies’ data practices disproportionality affect marginalized communities. It proposes steps to protect their civil rights and mitigate any harms. 

“As policymakers consider passing meaningful privacy legislation, civil-rights protections are a critical but mostly overlooked component. To have effective privacy legislation, we must ensure that companies’ data practices do not violate individuals’ civil rights — especially when it comes to marginalized communities. Problematic commercial data practices disproportionately harm people of color—especially Black and Brown communities — women, immigrants, religious minorities, members of the LGBTQ+ community, low-income individuals, and other marginalized communities.” 

The report supports giving the Federal Trade Commission more rulemaking authority and giving individuals multiple ways to rectify perceived violations of privacy and civil rights. As discriminatory practices are making it into the digital realm the report states that “Further guidance and broader policy changes are needed to resolve the ambiguities around applying civil rights laws to these novel means of discrimination.”

The report’s authors include Becky Chao and Eric Null, who both work at OTI, and Brandi Collins-Dexter, who was just named a 2019-2020 fellow at the Harvard-JFK Shorenstein Center to “write a paper on the digital ecosystem and how it has forever altered the political, economic, sociological and psychological ways in which we engage offline.” 

READ MORE:

• Privacy Rights are Civil Rights (New America)
• Centering Civil Rights in the Privacy Debate (New America)

3. Republican leading Senate tech task force says first priority should be data privacy

Differing from the Democrat-led House, U.S. Senate Judiciary Committee Tech Task Force leader Marsha Blackburn (R-Tenn.) wants to focus on data-privacy legislation, putting the tackling of big tech and antitrust issues on the back burner for now. She says that we should first see how companies’ business models and market competition change after privacy legislation is passed, and take a more incremental approach to regulation.

In a conversation this week with the Washington Post, Blackburn didn’t give a clear timeline on when legislation should be in place or indicate if that would be before or after CCPA is enacted. She said a key priority of the task force is to help lawmakers “up their institutional knowledge” on issues like privacy, data security, competition, and political censorship accusations. She cited the BROWSER Act, which she introduced in April, as a starting point for data regulation.

Sen. Dianne Feinstein (D-Calif.) is co-chair of the task force and Blackburn expects the work to span committees and parties.

READ MORE:

• Senate Tech Task Force Leader Marsha Blackburn (R-TN) Wants to Focus on Data Privacy (Benton Foundation)
• The Technology 202: The head of a Senate tech task force wants to focus on data privacy (Washington Post)