California Weighs Tough Rules For Data Brokers

Right To Know Act would allow state residents to see full reports from any website, mobile app or data broker who collects personal data about them.

What personal information about you is being bought, sold or shared by online advertisers, data brokers or anyone else who handles consumer data?
A proposed California state law, The Right to Know Act (AB 1291), would give consumers the right to receive -- for free -- a copy of all personal data being stored about them by a data broker, website or mobile app provider, as well as a list of all third parties with which that information has been shared.
According to a current
draft of the legislation
, which was proposed by California State Assembly member
Bonnie Lowenthal
, the bill would require any business that has a customers personal information, as defined, to provide at no charge, within 30 days of the customers specified request, a copy of that information to the customer as well as the names and contact information for all 3rd parties with which the business has shared the information during the previous 12 months, regardless of any business relationship with the customer.
According to the American Civil Liberties Union of Northern California, which is
backing the legislation
, the bill would modernize current privacy law and give Californians an effective tool to monitor how personal information, including about health, finances, your location, politics, religious, sexual orientation, buying habits and more, is being collected and disclosed in unexpected and potentially harmful ways.
[ Are you willing to trade privacy for a GPS-style map of the mall? See
Indoor Location Tracking Has Lost Common Sense
. ]
California law already mandates that state residents be allowed to ascertain how some types of personal information about them are being collected. But this law, which focuses on direct marketing, has been outpaced by rapid changes in technology and data collection and sharing practices, according to a
letter written by EFF senior staff attorney Lee Tien
in support of the bill.
Lowenthals law would expand current protections to cover all online and offline information collected and stored by websites, mobile apps and data brokers, including location data. This law is about transparency and access, not new restrictions on data sharing, said Rainey Reitman, the EFFs activism director, in a
blog post
. The proposed law wouldnt limit or restrict sales of data, and it wouldnt provide additional security measures for how data is stored or new requirements for anonymization. While those are all important issues to consider, the law is actually far more basic. It helps consumers, regulators, policymakers and the world at large shine a light onto the largely hidden, highly lucrative world of the personal data economy.
Whats the concern with
consumer data collection
? By some estimates, data brokers now maintain reports on
500 million consumers
, and that data can be combined in sometimes unexpected ways to give advertisers and marketers insights that a person would rather remain private. One oft-repeated example hails from a 2012
New York Times
story
, in which a statistician working for Target -- who was later instructed to stop talking to the
Times
reporter -- detailed how the retailer could use peoples shopping patterns to ascertain when website visitors were most likely pregnant, for the purpose of enticing them to purchase baby-related products.
To date, data brokers have
resisted requests from Congress
to detail which types of information theyre collecting, storing and sharing on consumers, defending their lack of disclosure by citing, in part,
non-disclosure agreements with other businesses
and their need to protect trade secrets.
But Reitman suggested affected companies would have little difficulty complying with Lowenthals proposed
information disclosure requirement
bill. This law mimics the rights of data access already available to users in Europe, which means that most of the big tech companies should already have systems in place to facilitate user access, she said.
Regardless, consumer rights groups have long recommended that people who are worried about having their personal information tracked should
beware what they share
via Facebook, Twitter, blogs or other online forums, as well as participating in telephone surveys and other mechanisms used for collecting consumer data for marketing purposes.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
California Weighs Tough Rules For Data Brokers