California has the toughest — and one of the only — consumer data privacy laws in the US: the California Consumer Privacy Act (CCPA). And a ballot measure called the California Privacy Rights and Enforcement Act, or Proposition 24, may make it even stronger.
The CCPA gave Californians a measure of control over how their personal data was collected, accessed, and sold. But it contained some loopholes businesses have used to get around the restrictions imposed by the law — loopholes Proposition 24 would close by giving extra protection to data about “sensitive” areas including race, health, religion, biometric information, and precise location. The proposition would also establish and fund a new state agency to enforce the law, a duty currently left to the underresourced attorney general’s office.
Also, Proposition 24 may be the first California ballot measure to get its own rap:
Proposition 24 has some surprising pro-privacy opponents. The Electronic Frontier Foundation, which advocates for digital civil rights, doesn’t support it (it doesn’t oppose it, either, calling the law a “mixed bag of partial steps forwards and backwards”) and the American Civil Liberties Union is firmly against it. One big reason: The initiative would allow businesses to charge users who opt out of having their data sold or shared more, making privacy rights less accessible to people with lower incomes.
One thing the proposition’s supporters and opponents seem to agree on is that CCPA was a good first step, but a law with a lot of room for improvement. Now we’ll find out what a second step might look like.
California Proposition 24
A yes vote would close some loopholes in California’s data privacy law. It would also establish and fund a new state agency to enforce privacy law.
A no vote would mean no extra protections would be added to California’s data privacy law.