IVN News

Privacy Summit Brings Legislators and Advocates to Round Table

California Manufacturing and Technology Association Executive Director Jack Stewart moderated a 4 hour round table discussion at Sacramento’s Citizen Hotel on Wednesday. The event was hosted by the Independent Voter Project and featured a welcome video message from Congressman Eric Swalwell, member of the Committee on Science, Space and Technology and the Committee on Homeland Security. Also in attendance was Assemblymember Calderon, Chair of the Arts, Entertainment, Sports, Tourism and Internet Media Committee, Assemblymember Brown, member of the Committee on Rules, Assemblymember Gray, Chair of the Joint Legislative Audit Committee, Assemblymember Nestande, and Assemblymember Ed Chau, Chair of the Select Committee on Privacy.

Privacy advocates, including representatives from the ACLU, Privacy Rights Clearing House, and the California Trial Attorneys, along with representatives from tech, manufacturing, retail, and other industries debated the complex issue, including issues related to a proposed Constitutional amendment concerning privacy. The Amendment was submitted last month to the Attorney General by former State Senator and Finance Director Steve Peace and former trial attorney, poet, and photographer Michael Thorsnes.

Peace and Thorsnes revealed at the meeting that they intended to make further amendments to the proposal before taking it to the public for signatures. “I know this is complex. We are going to take the time to do it right,” Peace said.

The discussion focused on (1) why California is uniquely situated to pave the way for national privacy policy; (2) the difference between a “law” and a Constitutional Amendment; (3) suggestions for policy implementation, and (4) critiques of the California Personal Privacy Initiative provisions.

(1) California, home to the most vibrant tech industry in the country – and arguably the world – has become a national leader in privacy policy. With a rich history of introducing privacy legislation and consumer protection laws, California recognizes the impact of privacy concerns on their most valued industry, placing the state in a unique position to frame the debate in Washington.

California’s standard for privacy in the banking industry under the Financial Information Privacy Act (“SB1”), for instance, became the national standard by way of voluntary compliance by those doing business in and outside of California.

Further, California is a uniquely privacy-conscious state. It is one of only a hand-full of states with a constitutional right to privacy that applies to government and private intrusion. (Article 1, Section 1, California Constitution, amended in 1972).

Industry representatives in attendance were generally cautious in their comments, emphasizing the complexity of the issue, while privacy advocate groups touted California’s potential to play a leading role in the growing privacy debate.

While attendants engaged in a healthy debate on the proposed initiative, there was a general consensus that California is the right place to start shaping legislation on consumer privacy protection online.

(2) The California Personal Privacy Initiative is a constitutional amendment, not a statutory law. 

Unlike statutory law, which tends to deal with specifics, a Constitutional Amendment works as a statement of principles. In that respect, Constitutional laws work to guide court decisions and shape future legislation, rather than to provide specific requirements. An almost universal consensus from the group was that privacy policy is complex, esoteric, and has the potential to negatively impact the growth of business, especially in a state that is home to the tech industry. Therefore, Constitutional principles must be broad enough to cover privacy as it relates to several areas of our lives, but narrow enough not to trump or impede legitimate and promising business and technology.

(3) Privacy advocates and legislators have already started discussing solutions. A key theme of IVP’s Privacy Summit was child protection and the consequences associated with posting inappropriate content on social media sites.

“Don’t ban technology, ban inappropriate use of technology,” Roxanne Gould cautioned and instead suggested an education plan to prepare consumers, and more importantly younger generations of Internet users.

“Kids today think they are made of the most powerful penetrable shields,” she continued, citing the heightened risks of inappropriate conduct to be misconstrued in the age of Facebook and Twitter. 

Legislators have already set out to address this concern, with proposed protections including a bill to allow minors to retract statements made online and Senate Bill 225, introduced by Senator Cannella to criminalize “revenge porn,” or the posting of nude or sexually explicit photos of someone else online.

An attendee offered the suggestion that an educational program like D.A.R.E. be included as part of high school curriculum, which could educate students on the long-term consequences of sharing too much information online.

Solutions rooted in transparency and consumer choice were also discussed, such as requiring more transparent opt-in privacy disclosures.

(4) Striking a balance between consumer privacy and public safety, however, does not come without criticism. Some policymakers, for instance, suggested that more research and education was necessary before they could enact informed legislation, because many data collecting and sharing technologies are so new that we don’t adequately understand them.

“There have been 25 privacy bills introduced in California this year alone,” Assemblymember Ian Calderon noted, warning that any additional legislation could be premature.

Concerns about enforcement also surfaced, with both Assemblymember Brown and a representative from Google questioning how any law can adequately balance the need to protect privacy while respecting competing interests such as public safety and free speech. As a corollary to that concern, other panelists warned that the initiative could be left without “teeth” because most of those who would be liable under its privacy protections would hide behind the exceptions for unauthorized disclosure carved out of the initiative for such competing interests.

The answers to these questions are complex and constantly evolving, and while no resolution was reached as to how best to protect personal privacy and data online, the debate has begun.

Privacy rights will be the civil rights battle of the 21st century, concluded Steve Peace, former State Senator and co-author of the California Personal Privacy Initiative. But the difficulty in dealing with the issue of privacy starts at the beginning: in its definition. Privacy means a lot of different things to a lot of people. Some argue that privacy does not even exist online and we just need to accept that. Others argue that information collectors should not ever disclose personal information to a third party without authorization.

Whether privacy is ever defined legally, the purpose of the summit was less ambitious. An open and honest discussion of principles between privacy advocates, industry representatives, legislators, and private citizens.

How do you define privacy?