The California Privacy Rights Act officially cleared the threshold to make it into the November 2020 ballot last week. It was a bumpy road to certification, but
CPRA would create such an enforcer: the CalPPA. The CalPPA will be vested with full administrative power, authority and jurisdiction to implement and enforce CPRA. It will be funded initially with $5 million dollars (for 2020-2021) and $10 million in each following year. The CPRA provides for a progressive transfer of authority from the current regulator (the California Attorney General) to the CalPPA over time. The new agency will have the authority to audit business’s privacy practices and further develop CPRA by issuing regulations on a wide range of areas, including requiring annual audits and regular risk assessments for organizations that meet certain thresholds.
In the words of Alastair Mactaggart:
"Establishing a new authority to protect California privacy rights, was a key goal of CPRA. In order to ensure its independence, we modeled the structure of the agency after the California Fair Political Practices Commission. The agency will be governed by a five-member board (with the Chair and one member appointed by the Governor and the remaining members appointed by the attorney general, Senate Rules Committee and speaker of the Assembly.) We expect the new agency to not only vigorously pursue enforcement that ensures consumers get back control over their data, but also engage with the industry and provide guidelines and regulations in furtherance of CPRA.”
The key question that remains: What will California voters do come November?
It is always difficult to predict the outcome of an election. It is nearly impossible when the only available polls pre-date an unprecedented health crisis that has forced the California governor to declare a budget emergency and tap into the California rainy day fund. California anticipates a $54.3-billion budget deficit this year. Last month, the California governor laid out a grim revised budget plan that would slash state funding for education and other popular programs to make up for the yawning shortfall. Will Californians be ready to put $5 then $10 million dollars towards this agency? How will California residents feel about increased compliance costs for the thousands of medium and small businesses still fighting to survive after months of lock-down?
The proponents believe that the current crisis could work in their favor.
“Although it is true that the difficult economic situation we are in could raise concerns about investing in a new agency among California voters, it is also true that the pandemic is fueling voter concerns about intrusive data collection and unethical use of personal information leading to discrimination," said Mactaggart. "Also, we know from prior polls that Californians overwhelmingly support stronger protections with regards to children's data, which CPRA provides. Therefore, we are confident that come November, Californians will vote yes on CPRA.”
Photo by Vital Sinkevich on Unsplash
