Trouble Alert: California Privacy Initiative Could Have Far-Reaching Impact
California legislators and regulatory officials pride themselves on driving national public policy on many issues, including personal privacy and data security. Call this pride (and the underlying assertiveness to test new ideas) what you will, but it is certainly true that California generates plenty of non-traditional fodder for national debate.
A new ballot initiative just introduced could once again influence national debate and legislative action – and, if passed as currently envisioned, do so in ways that will likely dampen our digital lifestyles, stifle innovation and restrict the responsible collection and use of consumer data by marketers.
As with other Golden State initiatives, this one merits watching from DMA members.
Last week, former California Senator Steve Peace and trial attorney Michael Thorsnes filed a ballot initiative with the attorney general’s office to amend the state constitution in order to make any personally identifying information (PII) about an individual confidential and require any sharing of that information to be on an opt-in basis. The Initiative aims to amend the California Constitution to establish a very broad opt-in privacy regime with narrow exceptions. If the required number of signatures are collected — at least 807, 615 signatures — the Initiative would face a vote in November, 2014, and if approved on in that election, would take effect less than two months later, bringing to California a very different set of privacy rules than apply anywhere else in the United States. A very limited exemption is provided for disclosure if there is a “countervailing compelling interest (such as public safety or protected non-commercial free speech).
The amendment would apply broadly to natural persons, corporations and government bodies or subdivisions. PII is defined to cover “any information which can be used to distinguish or trace a natural person’s identity, including but not limited to financial and/or health information, whether taken alone, or when combined with other personal or identifying information which is linked or linkable to a specific natural person.” The initiative would establish a presumption of “harm” for any disclosure by a commercial or governmental entity that does not meet these narrow criteria.
This is a ballot initiative and has different rule making and policy procedures than a legislative bill. DMA is working with our lobbyists and local counsel in Sacramento to determine where the initiative is in the certification process and what, if any, opportunities there will be to voice opposition. There is no formal policy review of citizen proposed ballot initiatives. It will only make it to the ballot if the signatures are collected in full.
Given the general concerns around many aspects of the privacy issue, writ large right now, this could become a major inflection point in the overall privacy debate.
If you are a California-based company, DMA may be calling on you for information and support. If you have large California operations, and would like to be kept informed, please keep an eye on this blog and contact our government affairs team to be added to our Direct from Washington newsletter and DMA Action alerts. (Members only, please.)