California’s New Delete Act Is One of the World’s Most Powerful Privacy Laws - 4 minutes read




A new law in California gives consumers the power to do something meaningful about the companies buying and selling their data for the very first time. On Tuesday, Gov. Gavin Newsom signed the Delete Act into law, introducing a number of provisions that beef up state privacy regulations. Among other stipulations, it lets Californians force every data broker to delete the fruits of their data harvest with one, single click.

California and several other states already require most companies to delete the information they collect on request. Unfortunately, the process is close to useless, because you need to contact every business individually. You also have to live in a fantasy world where you know the names of even a fraction of the businesses that spy on you for cash.

It’s a loophole “big enough to drive a few million stolen identities through and it’s time to close it,” said CA Sen. Josh Becker, who introduced the bill. “Data brokers possess thousands of data points on each and every one of us, and they currently have the ability to use this data related to reproductive healthcare, geolocation, and purchasing data to sell it to the highest bidder. The Delete Act will protect our most sensitive information.”

The Delete Act will create a system where you can make one single request that forces the entire data broker industry to delete the details they harvest from your life. It’s the first regulation of its kind from a major government.

Right now you can ask data brokers to erase information they collect about you directly, but they don’t have to delete the data that they get from other companies. That’s an important distinction because that’s where most of the data comes from. In addition, over 500 data brokers are already registered with the state, and the Delete Act will force them to disclose information about what kind of data they have.

The Delete Act spells out consequences too, enshrining civil penalties and administrative fines for lawbreaking data-mongers.

The law is “the most decisive step we’ve seen lawmakers take to rein in the shadowy business of data brokers. It promises consumers an easy way to assert control over the personal data that today is freely bought and sold on the open market, like a do not call list for data brokers,” said John Davisson, Director of Litigation and Senior Counsel at EPIC, the Electronic Privacy Information Center. “It rejects the idea that companies should be able to commercially exploit the most sensitive details of lives with impunity.”

The tech business treats your life like a barrel of oil, a commodity that can be traded and sold to boost corporate profits. Data-hungry businesses like Google will tell you that’s just how it has to be if we want the internet to be glorious and free. That’s only half true.

With the data broker business, in particular, you get nothing out of the exchange. You’ve probably never heard of most of these companies, and they have no direct connection to your life as a consumer. Along the way, the industry’s practices regularly put people at risk of significant harm. For example, a conservative Catholic group exposed a gay priest using data reportedly shared by Grindr in 2021. The data broker business is also notorious for endangering victims of domestic abuse by disclosing their home addresses and contact information.

“The burden of policing abusive data practices shouldn’t fall on consumers,” Davisson said. “And even the Delete Act, as significant as it is, is no substitute for a law that limits how much data businesses and brokers can collect about us in the first place, without any action from consumers.”



Source: Gizmodo.com

Powered by NewsAPI.org