New California privacy law restricts sharing of biometrics and other personal data
California legislators have headed off tough proposed privacy legislation by unanimously passing the California Consumer Privacy Act of 2018 9 (CCPA), Internet of Business reports.
The Act, which is scheduled to come into force in 2020, was lobbied against by companies including Facebook, Google, Comcast, AT&T, and Verizon, and could dramatically change the collection and commercialization of consumer data by companies in the state.
A petition signed by more than 600,000 people had proposed even tougher measures, and had a deadline for withdrawal which forced the legislators to put the Act to a vote. The Internet of Business reports that because of California’s immense size, its status as home to many of the world’s largest tech companies, and the cost and difficulty of setting up different privacy rules could make the CCPA a de facto national U.S. standard for sharing data with third parties.
The legislation puts rules into place governing the transparency of the collection, sharing, and sale of personal information, which is defined as including biometrics, geolocation data, internet browsing history, and a range of identifiers. Since it was first proposed in 2017, the legislation has been changed to allow companies to provide different levels of service based on different degrees of customer interaction.
With GDPR coming into force in Europe in May, Microsoft has extended the same privacy safeguards used in Europe to customers globally, and Apple is poised to do the same.