Also published in the LA Progressive

We’ve written a lot about the adoption and implementation of CCPA, California’s state privacy law. We’ve told you about industry’s attempt to water the law down and the successful fight of privacy advocates to keep that from happening. We’ve told you about the loopholes that remain in this game-changing law.

Now, the novel coronavirus is raising the stakes once again. Sorely needed contact tracing is a service big tech is rushing to provide, and privacy protections are a seeming inconvenience.

But long after the spread of COVID-19 is contained, the data trove collected of our movements and associations will remain as an asset of great value to the companies, and a threat to our control over our personal information.

We’re highlighting this report from Access Now (lead author Estelle Masse) because it is one of the best summaries we have seen for how society can use data to fight COVID-19 without dumping privacy protections overboard.

Chock full of case studies (the good and the bad) and sensible recommendations.

Please read, share and pass it on.

Privacy advocates, including Media Alliance, commented on the second iteration of operational rules for the California Consumer Privacy Act of 2018, which the AG hopes to begin enforcing on July 1, 2020.

The statewide coalition of privacy groups asked the AG not to back down on the start of the enforcement period, as some industry groups have asked, to require more transparency from data brokers, to enforce do not track software as equivalent to a filed opt-in request and to prevent service providers from forming comprehensive customer profiles.

In celebration of Data Privacy Day (earlier this week), and the operational start of the California Consumer Privacy Act (CCPA), privacy advocates invited CA legislators to take the law out for a spin.

Our practice companies: Tik-ToK, a youth-oriented social media network, and Experian, one of the 3 leading credit bureaus in the country

While legislators are trying out their new law, you can also join the impromptu test. See if you can find out what Tik-Tok and Experian have collected about you, and ask them to stop selling it, and tell us how it goes!

California’s statewide privacy coalition weighed in on the regulatory plans for the California Attorney General to administer and enforce the California Consumer Privacy Act.

The verdict? Pretty good job by Becerra’s office, but a few things can always be better. Like what?

*Clamping down on targeted advertising. Transfers of data for the purpose of targeted advertising are “sales”, even if the adtech industry wants to pretend they aren’t.

* Watch out for “risk to security” loopholes. CCPA already provides exceptions for security issues. They don’t need to be broadened any more.

*Limit pay for privacy. Dividing customers by “group” exacerbates the possibility of discrimination by group characteristics. Privacy harms manifest, like other kinds of discrimination, along societal divides. Privacy protections shouldn’t replicate existing discriminatory patterns.

*Data brokers are not service providers. The AG should not conflate the data exchange business with legitimate service providers. Not the same thing.

The CA Legislature passed the California Consumer Privacy Act in a heated rush a year ago and just beat the clock for a planned statewide ballot initiative by a matter of hours. Consumer privacy advocates grumbled that the bill could be a bit better, industry groups promised to challenge it in 2019, and the one thing everyone agreed on was that some changes would happen. But on July 9th, the best efforts of the business lobby …. failed.

SF Chronicle: Fight To Change CA’s Landmark Privacy Law Fizzles