California lawmakers passed a new privacy bill last thursday ( 6/29), which gives state residents more control over the information that businesses collect on them and in addition, penalise businesses that do not comply. It is the first law of its kind in the United States.
The so-called California Consumer Privacy Act of 2018 (AB 375) gives Californians the right to see what information businesses collect on them, get access to information on the types of companies their data has been sold to, and request businesses to stop selling that information to third parties. This privacy act is similar to the new EU General Data Protection Regulation, but with crucial additions. Under the GDPR protections, businesses are required to get users’ permissions prior to collecting and storing their data. However, through opt-in pop-ups designed by these companies, consumers don’t really have a choice but to give consent, in order to use these services. In contrast, the Californian bill would create the “Spotify exception”, “which allows companies to offer different services or rates to consumers based on the information they provide—for instance, a free product based on advertising. But, the bill states, the difference must be “reasonably related to the value provided to the consumer by the consumer’s data.”
Experts in this field believe that the law will have tremendous impacts and potentially set standards for states across the nation. However, between companies and consumers, the storm of conflicts might just be coming.