How in the world will any small company in it's infancy be able to know whether they're even properly complying with all of the new privacy rules without paying for an expensive audit?
Web based, personal projects seem to be the most vulnerable.
It doesn't seem that hard to comply. From the article:
"...the bill would allow California residents to find out what information businesses and data brokers collect about them, where that information comes from, and how it's shared. It would give people the power to ask for their data to be deleted and to order businesses to stop selling their personal information. It places limits on selling data on users younger than 16 years of age, and prohibits businesses from denying service to users for exercising their rights under the bill."
If you don't collect personal information it's easy. If you do collect it, just don't sell it and let the customer tell you to delete it.
Doesn't seem too different from dealing with credit card payments and lots of companies have figured out how to do that.
1. Regardless of politics, legislating for net neutrality and privacy on the state level is just silly.
2. This won’t “reign in” the big firms it’ll shield them from competition.
3. At a time when China is totally protecting their tech firms from outside competition and providing them with stolen IP and the EU is using every tool in their disposal to go after US tech companies the last thing our lawmaker should do is try and stab our tech firms in the back.
2. Competition for your otherwise private or your public data sets?
3. Right, because China has bad habits therefore all your data should for sale.
I'm kind of leaning the other way, really. I'll take the privacy laws and let tech adapt or die. The only part that I actually need is the pipe anyway (sort of the antithesis to big content AND data brokers, I guess, but there you go).
I don't care what you're 'leaning' towards or what you can do without, this is about what's good for the nation.
This kind of legislation is not pertinent to the average citizen and this whole debate is being conducted in an environment of hysteria around the cambridge analytica episode which is being fueled by political opportunism.
How an individual's data is or is not handled is not pertinent to that individual? That seems an absurd position to take much less impose onto others via some sort of princely directive.
It would seem like you have skin in the game of free-wheeling and dealing with folks and their data. That or just some passion without premise. What's good for the nation is (re)adapting to privacy - likewise its peoples and doubly so for the state. I also don't see your directive influencing those people's actions either, so it appears some other people disagree, too.
Re: your third point - we should be very careful that proposed legislation doesn't hamstring US tech companies (even if the premise is sound). But we should also be much more aggressively going after the EU and Margrethe Vestager for their blatant anti-US tech protectionist actions. It is unconscionable that our government is concerned about steel production while turning a blind eye to our nation's real competitive advantage and largest national security threat, information technology.
> Introduced by State Assembly member Ed Chau and state senator Robert Hertzberg, the bill would allow California residents to find out what information businesses and data brokers collect about them, where that information comes from, and how it's shared. It would give people the power to ask for their data to be deleted and to order businesses to stop selling their personal information. It places limits on selling data on users younger than 16 years of age, and prohibits businesses from denying service to users for exercising their rights under the bill.
This is fantastic.
I've been trying to opt out of as many data brokers as I can. It's a huge amount of work and many of them try to make the process as painful as possible (since, IIRC, there's no law compelling them to provide and opt-out, so it's just a courtesy).
I really wish there was some kind of national data-broker opt-out system where you could register your preferences, which the brokers would then be required to honor [1].
[1] I'm thinking of something like a blinded service where the broker sends the PII and gets a response back with usage restrictions (e.g. no people-search, do not share with 3rd parties, etc.).
What’s stopping those companies for offering those services at a cost for those customers who don’t want to pay with their data? Unless if the problem is the service being offered isn’t worth the privacy given up to use said service, but that falls back to the shady business model
I think offering those services for a fee instead of data is a perfectly reasonable alternative. But it is my understanding that this violates the above condition.
I understand the thrust of your argument, but I interpret the meaning as not requiring the release of personal data as a precondition if using the service. I’d wager that if you could show that the price you’re charging isn’t attempting to be prohibitively high, then you would be compliant.
Nobody is going to stop doing business in California. If California was its own country it would rank sixth in the world by GDP – ahead of France, India, Italy and Brazil.
Besides that, it's cultural power is also a force to be reckoned with. Pissing off California would be a big mistake.
I just spent a couple weeks in
Europe and almost every site you visit (including US sites) has Collis and data collection popup notifications. Most allow you to accept or manage your settings but after a few pages you couldn’t be bothered anymore and it’s just an annoyance. If you want anonymity on the net get a VPN and throw away accounts. The only resolving point would be places that require true identity. Hold them to a higher standard and ignore the rest.
18 comments
[ 0.19 ms ] story [ 45.7 ms ] threadWeb based, personal projects seem to be the most vulnerable.
"...the bill would allow California residents to find out what information businesses and data brokers collect about them, where that information comes from, and how it's shared. It would give people the power to ask for their data to be deleted and to order businesses to stop selling their personal information. It places limits on selling data on users younger than 16 years of age, and prohibits businesses from denying service to users for exercising their rights under the bill."
If you don't collect personal information it's easy. If you do collect it, just don't sell it and let the customer tell you to delete it.
Doesn't seem too different from dealing with credit card payments and lots of companies have figured out how to do that.
2. This won’t “reign in” the big firms it’ll shield them from competition.
3. At a time when China is totally protecting their tech firms from outside competition and providing them with stolen IP and the EU is using every tool in their disposal to go after US tech companies the last thing our lawmaker should do is try and stab our tech firms in the back.
2. Competition for your otherwise private or your public data sets?
3. Right, because China has bad habits therefore all your data should for sale.
I'm kind of leaning the other way, really. I'll take the privacy laws and let tech adapt or die. The only part that I actually need is the pipe anyway (sort of the antithesis to big content AND data brokers, I guess, but there you go).
This kind of legislation is not pertinent to the average citizen and this whole debate is being conducted in an environment of hysteria around the cambridge analytica episode which is being fueled by political opportunism.
It would seem like you have skin in the game of free-wheeling and dealing with folks and their data. That or just some passion without premise. What's good for the nation is (re)adapting to privacy - likewise its peoples and doubly so for the state. I also don't see your directive influencing those people's actions either, so it appears some other people disagree, too.
This is fantastic.
I've been trying to opt out of as many data brokers as I can. It's a huge amount of work and many of them try to make the process as painful as possible (since, IIRC, there's no law compelling them to provide and opt-out, so it's just a courtesy).
I really wish there was some kind of national data-broker opt-out system where you could register your preferences, which the brokers would then be required to honor [1].
[1] I'm thinking of something like a blinded service where the broker sends the PII and gets a response back with usage restrictions (e.g. no people-search, do not share with 3rd parties, etc.).
I believe the GDPR also includes this stipulation. I'm curious how this actually plays out. Are we saying that:
- Company A makes their money by selling/using data and offers their service for no other charge
- User can tell Company A that they want to use the free service but don't want to give away any of their data
- Company A must provide free service without recouping any of the cost
- How does Company A survive? (I'm talking about a legit, transparent use of data here, not some shady business model)
Will this work in the physical world? Can I go into a store and select an item I want to bring home but then refuse to give up my personal dollars?
Besides that, it's cultural power is also a force to be reckoned with. Pissing off California would be a big mistake.
It is a perhaps understandable mistake for someone whose native language isn't English. "Reign" is about kings ; "rein" is about horses.