California lawmakers are looking to make their strictest-in-the-nation data privacy law even tougher.
Last year, California passed the California Consumer Privacy Act (CCPA) that provides consumers with more transparency and control over their digital data. The law, which goes into effect next year, gives consumers the right to know what information companies are collecting, why they are doing that and who they are sharing it with. The bill faced no opposition and was signed into law by Governor Jerry Brown with just hours before the deadline.
Now a proposed amendment aims to give consumers the right to file c lawsuits against companies in violation of the regulation. The law currently gives companies a 30-day window to fix any violations before any penalty is handed down. The proposal eliminates that mandate if plaintiffs are suing for monetary damages, according to the bill’s sponsor, Senator Hannah-Beth Jackson, a Democrat from Santa Barbara.
“The tech industry, by its very nature, has been very much opposed to any form of regulation,” she said in an interview about the CCPA, according to Bloomberg. “It’s an industry that’s reincarnated the Wild West; no rules, no limits, no regulation. We’ve reached the tipping point.”
But some believe the amendment would complicate a law that already gives consumers a small right to sue over data breaches. In fact, the proposal’s opposition warned that a broader “right to private action” could destabilize business models in tech, insurance, retail and advertising.
“A private right to action on a law that is not yet cooked would be a disaster,” said Sarah Boot, a lobbyist for the California Chamber of Commerce. “It would be a class-action bonanza.”
The amendment, which will be reviewed in legislative committees, is one of a slew of proposals submitted before the state’s Feb. 22 deadline. Other proposals want to see data brokers required to register with the state, and companies revealing the value of users’ data.