Also published in the LA Progressive
We’ve written a lot about the adoption and implementation of CCPA, California’s state privacy law. We’ve told you about industry’s attempt to water the law down and the successful fight of privacy advocates to keep that from happening. We’ve told you about the loopholes that remain in this game-changing law.
Now, the novel coronavirus is raising the stakes once again. Sorely needed contact tracing is a service big tech is rushing to provide, and privacy protections are a seeming inconvenience.
But long after the spread of COVID-19 is contained, the data trove collected of our movements and associations will remain as an asset of great value to the companies, and a threat to our control over our personal information.
Continue reading Why Data Minimization Is The Privacy Principle We Need Now
We’re highlighting this report from Access Now (lead author Estelle Masse) because it is one of the best summaries we have seen for how society can use data to fight COVID-19 without dumping privacy protections overboard.
Chock full of case studies (the good and the bad) and sensible recommendations.
Please read, share and pass it on.
Continue reading Access Now Recommendations on Privacy In The Age of COVID-19
California’s statewide privacy coalition weighed in on the regulatory plans for the California Attorney General to administer and enforce the California Consumer Privacy Act.
The verdict? Pretty good job by Becerra’s office, but a few things can always be better. Like what?
*Clamping down on targeted advertising. Transfers of data for the purpose of targeted advertising are “sales”, even if the adtech industry wants to pretend they aren’t.
* Watch out for “risk to security” loopholes. CCPA already provides exceptions for security issues. They don’t need to be broadened any more.
*Limit pay for privacy. Dividing customers by “group” exacerbates the possibility of discrimination by group characteristics. Privacy harms manifest, like other kinds of discrimination, along societal divides. Privacy protections shouldn’t replicate existing discriminatory patterns.
*Data brokers are not service providers. The AG should not conflate the data exchange business with legitimate service providers. Not the same thing.