Most of us go online every day, and big tech is watching our every move. They analyze our data and have used it to build the foundation of the internet economy. But the collection of our data can have devastating consequences. Hackers have stolen data from email providers and credit monitoring firms like Equifax. Facebook has been fined $5 billion for mishandling data that was exploited to influence the 2016 presidential election. Google recently struck a deal to collect data from health care company Ascension without notifying patients or doctors.
California became the first state in the country to take on the issue by giving people more control of their personal data with the California Consumer Privacy Act (CCPA), which comes online January 1. Cal Matters political reporter Laurel Rosenhall wrote about how the new privacy law will work.
“Your basic use of the internet won't really change very much, and the companies still have the ability and the right to do an enormous amount of data collection,” she says. “What is changing is what you have the power to request as a consumer in California. Starting on January 1, you have the power to request from a business all the data they have on you. They'll have to show you what they have, and then you will have the power to ask them to delete it.”
Californians can make that request up to two times per year, and even opt out of having your data collected. But it remains to be seen whether that will affect what you pay to access different websites.
“There is a provision in the law that allows businesses to charge you more for their services if you opt out of letting them sell your data, and we don't know yet how how widespread this will become if companies will use this aspect of the law,” Rosenhall says.
Rosenhall says that tech companies have accepted that consumers want more control of their data, but are taking this opportunity to push for nationwide standards of what that means.
“Where the real question lies is in Washington: whether or not Congress would come up with a nationwide data privacy law, whether the president would sign it, when it would take effect, and whether that would be a law that would override state laws or a law that would just cover the states that don't have their own laws,” she says. “And I have a feeling that none of those things would happen very quickly.”