SAN FRANCISCO, June 29, 2018 (BSS/AFP) – California on Thursday passed a
strict new law aimed at protecting people’s privacy online, a move that
promised to shift the terrain on which internet firms operate in the wake of
recent scandals.
The bill signed into law by Governor Jerry Brown followed in the spirit of
a major General Data Protection Regulation that recently took effect in
Europe.
The legislation cut off an initiative that is heading for the ballot in
this state in the fall.
It was crafted to ensure rights including knowing what personal information
is collected by companies on the internet and whether it is sold, and to
whom, according to the bill signed by Brown.
The law also gives people a right to “say no” to the sale of their personal
information, and calls for them to be treated the same as anyone else online
if they opt to restrict use of their data.
Internet businesses that receive “verifiable” requests by people to have
their data deleted will be required to do so, with a list of exceptions that
include keeping what is needed to complete transactions, detect security
breaches, or protect against illegal activity.
“A consumer shall have the right, at any time, to direct a business that
sells personal information about the consumer to third parties not to sell
the consumer’s personal information,” the legislation said.
“This right may be referred to as the right to opt out.”
Business home pages will be required to provide “clear and conspicuous”
links titled “Do Not Sell My Personal Information” that take people to opt-
out pages.
People whose personal information is stored unencrypted and not
sufficiently protected were also give the right to pursue civil claims.
The shift both in Europe and California came after the harvesting of
Facebook users’ data by Cambridge Analytica, a US-British political research
firm, for the 2016 US presidential election.