On the News

New Cyber Privacy Protections in California, Michigan Get Mixed Reviews

Passage of two ballot measures concerning privacy in California and Michigan has set the stage for increased privacy laws in the rest of the country, according to Wired.

Proposition 24 in California created new privacy provisions through the California Privacy Rights Act (CPRA). The new law regulates data that’s shared, sold or monetized, and allows people to choose whether or not to opt out of having their data collected. Users can also opt out of website tracking, either selectively or with a “global opt-out.”

Some critics however say there are too many shortcomings in the measure to make it effective.

Another significant part of CPRA created a new category of Sensitive Personal Information (SPI) that includes a person’s sexuality, religion, race or health. Businesses are required to disclose when they plan to use SPI, to which a consumer can choose to not have their SPI collected or sold.

Proposition 24 filled some of the loopholes left by the California Consumer Privacy Act, which allowed for data collection without consent of the users but still “let Facebook, Google and hordes of anonymous data brokers avoid regulation,” Wired said.

Even though privacy is often regarded as positive, especially after so many problems with the CCPA, advocates claim that Prop 24 still doesn’t meet the mark for what people need.

For one, it won’t go into effect until 2023, and businesses that make less than $25 million in revenue are exempt from the law.

Advocates also worry that the law will incentivize data sharing for those who are disadvantaged, creating a “pay for privacysituation.

“Prop 24 threatens to make privacy a luxury available only for the most privileged Californians,” says Jacob Snow and Chris Conley in ACLU’s Northern California blog.

“By forcing Californians to opt-out and potentially pay for their privacy, it places the burden of privacy on the individual, a load those in working families and marginalized communities cannot bear.”

ACLU California did not endorse Proposition 24, saying that it was a fake privacy law.

“Instead of increasing protections, it requires people to jump through more hoops and adds anti-privacy loopholes for big business,” according to the ACLU website.

Proposition 24 was passed with over 55 percent support.

Michigan also passed a new privacy law, Proposal 2, which requires law enforcement to obtain search warrants before they are allowed to seize someone’s electronic data.

The law would give people the same protection for their digital information that their home gets from a search and seizure in the situation of an arrest.

“If government agents need a search warrant to enter our homes and search through our closets and the papers locked in desk drawers, the same sort of due process should be required if they want to go rifling through electronic data that can be every bit as revealing,” said Merissa Kovach, the policy strategist for ACLU Michigan, the Detroit Free Press reported.

According to Wired, the proposition was introduced after Michigan State Police used Stingrays, which are cell tower-like devices that can transmit a phone’s location or a person’s identity.

Proposal 2 was supported by both ACLU Michigan and the Michigan Association of Police Chiefs. It passed with nearly 90 percent support.

According to the Wired article, the fact that the ACLU disagreed with a privacy law while the police agreed with one means that things are changing in how the nation is viewing privacy.

Privacy in the post-2020 landscape will be odd, iterative, surprisingly bipartisan, and very complicated,” said Wired.

Emily Riley is a justice reporting intern with TCR.