New legislators must strengthen California privacy rights now

The California State Capitol.
The California State Capitol. Los Angeles Times/TNS

The nation’s richest tech companies are trying to weaken a new law that gives Californians more control over their data and privacy online. Legislators who are taking an oath today to protect the state Constitution’s values of “safety, happiness, and privacy” must stop them.

People should be able to find out what data companies are collecting on them and should be able to control what happens to their information, especially if companies are selling it. The California Consumer Privacy Act, passed last year on a unanimous vote, provides those basic protections, with special provisions for children.

The Internet Association, a lobbying outfit that represents companies like Twitter, Snapchat, Google and Facebook, is working to change the law before it goes into effect in 2020.


The group, known for its aggressive attempts to fight consumer protections, has tried to label California’s landmark law a “draft” while casting its language as overly broad and innovation-stifling.

The big tech companies want business as usual, protecting practices that led to Facebook’s targeted political advertising scandal and the breach of Marriott customer data.

James Steyer

The companies have shown the lengths they will go to protect the status quo, as shown in New York Times reporting that Facebook hired a public relations firm to attack its critics and competitors, including targeting lawmakers with a mix of threats, promises, and goodies. Even after damaging our democracy, the company continued to “delay, deny, and deflect” its responsibility.

The Internet Association is targeting California’s law not only at the state level, but is lobbying federal agencies to write a privacy law that would supersede California’s and give companies more control over digital information, the New York Times reported.

We all need stronger privacy protections online. It really is a national crisis, and that is why so many Americans are counting on California to stand up for our landmark law, which could become a model for other states.

So where does this leave us? Back at the California Legislature.

Despite all the mud and lobbying dollars the internet companies can throw around, the Legislature still has a very clear path to protecting our privacy online.

First, we must make sure the California Attorney General’s Office has the resources to protect our rights online. The California Consumer Privacy Act gives the office real new responsibilities for protecting our privacy, and we have to make sure it has the ability to do so. If the attorney general does not get what he needs, the bill must be amended so that consumers can sue on their own behalf to defend their privacy rights.

Second, we need to expand and strengthen the Consumer Privacy Act to cover all the situations where families are taken advantage of online. The law protects us when our data is sold from one company to another, but industry lobbyists fought furiously to give companies leeway over how they use consumer data internally — even when using it to target kids.

Polls show 94 percent of Americans value their privacy. They want stronger privacy rights online now, and we expect new legislators will hear this appeal and act on it.

James P. Steyer is the CEO of Common Sense, a nonprofit focused on media and technology issues surrounding children. He may be reached at