Jerry Brown became California’s longest-serving governor earlier this month. But the state he governs now is drastically different than the one he first faced in 1975. That dynamic landscape is illustrated nowhere more clearly than in the blending and shifting of the borders between technology and individuals’ privacy rights.
For example, just three years before he began his first term Californians amended the state constitution to enshrine privacy as one of their fundamental rights.
Nicole Ozer of the ACLU noted that California lawmakers “have a long history of proactively addressing privacy issues.”
“This past year has been a really important year for new privacy legislation here in California,” she added.
But the measures that have been taken to protect that right this year are less philosophical and more technical — they are primarily practical laws related to the internet. It is clear that the California Brown now governs expands far beyond its borders into cyberspace.
“California lawmakers are in a good position and have a long history of proactively addressing privacy issues.”
For example, Brown signed SB 568 by Senate President Pro Tem Darrell Steinberg, D-Sacramento, which allows minors to retroactively delete content they post online. The prevalence of social media presents a complication to the issue of online privacy, however. Voluntarily sharing information online has become a part of daily life, presenting a complication to that commitment to privacy Californians made in 1972.
“For these people that are willingly or intentionally disclosing information, we want to tell them, number one, what information is being collected and, secondly, how information is being used,” said Assemblymember Ed Chau, D-Alhambra, who is chair of the Assembly’s Privacy Committee. “We need to make a determination as to where to draw the line.”
Chau emphasized that in his work legislating on privacy issues, it has been a balancing act between interests such as innovation, freedom of speech, national security, and the right to privacy.
“With regards to government privacy of public records and government data, legislating on that has not been very difficult,” said Lenny Goldberg, a lobbyist for the Privacy Rights Clearinghouse. “Where the difficulty lies is when you try to legislate with regard to the private sector.”
But this year has seen its share of privacy violations alongside those new privacy protections, even from public entities, including cases like the NSA scandal in which the government infringed on those privacy rights rather than protecting from them.
“You have all kinds of information about your private life that is floating around and is subject to being seen and scrutinized by not only government officials but private entities,” said Jim Ewert, general counsel for the California Newspaper Publishers Association.
The National Security Agency scandals have left Americans wondering what kind of privacy they can really expect in a world where information is shared through a public system in which data is never really gone.
California may be one of the first states trying to answer that question.
“California has sort of been on the vanguard,” said Nicole Ozer, Technology and Civil Liberties Policy Director for the Northern California ACLU. “California lawmakers are in a good position and have a long history of proactively addressing privacy issues.”
According to Ozer and Chau, transparency about content and uses for information collected online is a major approach used in legislation to protect citizens’ privacy rights.
Gov. Brown signed AB 370, which requires entities to disclose how they respond to consumers’ “do not track” requests, as well as SB 46, which beefs up requirements for disclosure about the collection of personal information, particularly when there is a breach. Chau himself authored AB 242, a two-year bill that aims to make internet privacy policies more accessible and comprehensible.
But such laws have their limits in cases like those involving the NSA, when the government itself was in violation of those principles of transparency.
Some bills characterize those anxieties. For example, Gov. Brown vetoed SB 467 by Senator Mark Leno, D-San Francisco, which would have require law enforcement to obtain a warrant in order to access private email and social media messages.
Steve Peace, a former Finance Director and state senator from San Diego, recently dropped his efforts for a November 2014 ballot initiative that would have made identifiable information shared with commercial or government entities implicitly confidential.
Ewert added that despite California’s notably strong shield laws, government interference, like the controversy that emerged when the US government tapped into the AP’s phone records, could limit press freedom as well.
“If the government can just ignore the law and simply spy or look at information that a reporter routinely gathers, then sources are not going to be willing to come forward,” he said.
And despite California’s commitment to privacy in that 1972 constitutional amendment, a more recent attempt at a ballot initiative reflects the limits to that Californian principle in a dynamic and digital world.
Steve Peace, a former Finance Director and state senator from San Diego, recently dropped his efforts for a November 2014 ballot initiative that would have made identifiable information shared with commercial or government entities implicitly confidential. The initiative’s death knell was the Legislative Analyst’s Office report that argued it would cost too much in enforcement and potential litigation.
The debate that eventually killed the initiative raises important questions about the capacity to enforce legislation on the internet, both the fiscal sense as discussed in the LAO report and the logistical practicality. Any regulation the state places over online entities could extend beyond the state’s borders, forcing global compliance, which could be costly.
“The law already acknowledges that it’s imperfect,” said Professor Deidre Mulligan, the Faculty Director at Berkeley’s Center for Law and Technology. She compared the state’s ability to enforce regulation of the internet to speeding laws, which are likewise imperfectly enforced.
“We always face complexities with respect to enforcement,” she added. “I’m not trying to suggest that the internet and networks that are global don’t present some questions.”