privacy – Steve Blum's Blog

Californians take privacy out of legislature’s hands and vote for stricter rules

5 November 2020 by Steve Blum
ccpa, privacy, public policy, security

Voters in California decisively strengthened an already strong privacy law, and took away the power of elected officials to amend and enforce it. When the dust cleared yesterday, yes votes on proposition 24 had a 12% lead over the noes. Ballot counting in California might drag on until the middle of December, but it is all but mathematically certain that yes will prevail by a wide margin.

Prop 24 tweaks the California Consumer Privacy Act (CCPA), which sets limits on what companies can do with information about you that they’ve collected.… More

Privacy and digital security is a personal responsibility. It can’t be anything else

17 July 2020 by Steve Blum
ccpa, encryption, privacy, public policy, security

Three unrelated stories that broke within 24 hours demonstrate why digital security is a personal responsibility, and how blindly trusting third parties – individuals or private companies or governments – to look after your best interests is no solution:

The European Court of Justice nixed a data sharing safe harbor deal between the European Union and the U.S., pointing out in its decision that “the requirements of US national security, public interest and law enforcement have primacy”, which makes any promises of privacy meaningless.

… More

CPUC begins process of holding Frontier to account for service outages, but it might be too late

24 January 2020 by Steve Blum
cpuc, frontiercommunications, privacy, rural broadband, verizon

Nearly four years after the fact, Frontier Communications is being held to answer for the fumbled cutover of Verizon wireline customers it acquired in 2015. Last month, the California Public Utilities Commission formally opened an investigation into the widespread reports of dead lines and customer service meltdowns that went on for weeks after Frontier closed on its purchase of Verizon’s decaying copper telephone systems and somewhat more modern fiber to the home FiOS territories in California.… More

California’s consumer privacy law is a call to action for federal regulators

9 January 2020 by Steve Blum
ab375, ces2020, ftc, privacy, public policy

Federal Trade Commission chair Joseph Simons was on the undercard for Consumer Technology Association CEO Gary Shapiro’s “fireside chats” with federal policymakers at CES in Las Vegas on Tuesday. Warming up the audience ahead of Federal Communications Commission chair Ajit Pai’s long awaited CES debut, he urged congress to give his agency the U.S. privacy cop job that California now holds by default. The FTC is already pursuing privacy enforcement actions under existing law “because the big tech platforms are becoming so consequential to our lives and so large”, Simon said.… More

Privacy is now a Made in California product

2 January 2020 by Steve Blum
ab375, becerra, ccpa, privacy, public policy

California’s data privacy law took effect yesterday, although formal regulations and active enforcement by the attorney general’s office don’t kick in until July. Even so, the AG plans to respond to complaints and monitor compliance with the bits of the law that do have teeth now. Until – unless – congress does something, the California Consumer Privacy Act (CCPA) is the national standard.

If you want confirmation, just look in your email inbox. If it’s anything like mine, it’s full of CCPA notifications.… More

Contract for the Web addresses virtues and vices of government intervention

29 November 2019 by Steve Blum
contract for the web, monopoly, privacy, public policy, utility regulation

The “Contract for the Web” campaign published its manifesto last week, titled, naturally enough, Contract for the Web. It’s a declaration of nine principles, including “make the internet affordable and accessible to everyone”, “respect and protect people’s privacy and personal data to build online trust” and “develop technologies that support the best in humanity and challenge the worst”, which are among the tasks the contract assigns to private companies. Individuals are urged to “be creators and collaborators on the web”, “build strong communities that respect civil discourse and human dignity”, and “fight for the web”.… More

Fitbit deal tests Google’s willingness, ability to follow California privacy law

15 November 2019 by Steve Blum
fitbit, google, privacy

Fitbit

Google’s $2.1 billion purchase of Fitbit will, if nothing else, be an excellent test case for California’s new consumer data privacy law, which takes effect in January. The California Consumer Privacy Act (CCPA) requires companies above a certain size let their customers know what kind of personal data is being collected and what it’s being used for, and gives individuals a level of control over the collection and use of their data.

The activity, location and health data collected by Fitbit devices is highly personal.… More

Privacy is too complicated for California to understand, mobile industry panel says

28 October 2019 by Steve Blum
ab375, becerra, mwc2019, privacy, public policy

California’s consumer data privacy law will be the default privacy standard across the U.S., at least for the coming year, and that’s upsetting the Washington, D.C. crowd. A panel discussion on privacy legislation at the Mobile World Congress trade show in Los Angeles last week featured three industry lobbyists, the head of an industry front organisation and a Federal Trade Commission lawyer. All of them are based in D.C., and shared Beltway-centric advice on who should be calling the shots.… More

Draft rules for businesses add enforcement detail to California’s consumer privacy law

16 October 2019 by Steve Blum
ab375, becerra, privacy, public policy

California’s tough consumer privacy law technically takes effect in January, but enforcement won’t begin until next July. The California attorney general has the job of writing the detailed rules that businesses will have to follow, and then enforcing those rules.

The first draft of those new rules was posted for public review and comment. They apply to businesses with more than $25 million in “annual gross revenues”, or collects or deals in “the personal information of 50,000 or more consumers, households, or devices”, or that deal in people’s personal information for a living.… More

Proposed California initiative would toughen and lock in consumer privacy rules

26 September 2019 by Steve Blum
ab375, privacy, public policy

The man behind California’s new privacy law doesn’t like what lobbyists are trying to do to it in Sacramento, and plans on taking his case directly voters. In 2018, Alastair Mactaggart and his organisation – Californians for Consumer Privacy – collected enough signatures to get a tough privacy law on the ballot, but withdrew the initiative after a deal with was cut with lawmakers to enact most of its provisions. But anything the legislature can do, it can also undo, so Mactaggart is going back to the voters.… More