this post was submitted on 11 Oct 2023
733 points (98.8% liked)

Privacy

31975 readers
233 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

The new bill reinforces that all data brokers must register with the California privacy protection agency, and it requires the CPPA to establish an easy and free way for Californians to request that all data brokers in the state delete their data through a single page, regardless of how they acquired that information. If data brokers don’t comply with these rules, the bill stipulates they be fined or otherwise penalized.

Hopefully this becomes the standard nation wide. Having a single page where you can delete your accounts on multiple services with a single click sounds like a data privacy dream.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 51 points 1 year ago (3 children)

an easy and free way for Californians to request that all data brokers in the state

So what about data brokers not in the state, or even in the US? CA brokers could just reincorporate in another state, no? That is, the ones not incorporated in Delaware like many US companies.

[–] [email protected] 36 points 1 year ago* (last edited 1 year ago) (1 children)

Most of the big tech data barons are incorporated in California, and its not an easy thing to "up and move" corporations with 100s of billions of assests.

It will be easier, much easier, for them to comply, especially as seeing Delaware is also a liberal state, and very well may pass the same law at some point.

[–] [email protected] 1 points 1 year ago (3 children)

Can they just move the assets out to some random far-away jurisdiction? Say "we collect the data, but we actually sell it to this company in Panama and they have it, so we can't give it to you".

[–] [email protected] 3 points 1 year ago

Ah yes, the old parent company with a sole employee and it's address is a basement in a country where the laws they want to avoid don't apply.

[–] [email protected] 1 points 1 year ago

They could make it mandatory to store Californians' personal data in California. I think that's what EU requires? Then they can threaten them with closing their business in California if they don't comply.

[–] [email protected] 9 points 1 year ago

the full sentence you’re quoting is

The new bill reinforces that all data brokers must register with the California privacy protection agency, and it requires the CPPA to establish an easy and free way for Californians to request that all data brokers in the state delete their data through a single page, regardless of how they acquired that information.

i’m not a lawyer, but it seems to me that it’s saying the new bill would require data brokers to register with the CPPA in order to operate in california (regardless of where the companies are based). then, this registration process would force them to comply with the “delete their data through a single page” process (or pay a fine).

the rest of this article seems to support this interpretation.

[–] [email protected] 3 points 1 year ago

The way laws usually work is (gross oversimplification):-

Different state, same country - they have to follow this rule when dealing with customers from California.

Different country - they can break the law, but then California / US can sanction them (i.e. no US-based company can directly do business with them)

There are workarounds to both but 99% of companies will just comply, at least on paper.