Companies Must Tell Customers What They Are Doing with their Data

Consumer transactions are no longer as simple as exchanging goods for cash. Even mom-and-pop shops are trying to harvest as much information as possible to bring back customers and target successful demographics. Without realizing it, we as consumers leave behind a trail of personal information wherever we go. The state of California has decided that you should know what information you’re giving away and what companies are doing with it.

fingerprint4.4The Right to Know Act was proposed to the California legislature in mid-February and looks to modernize the Civil Code’s privacy section:

A business that has a customer’s personal information and discloses that personal information to a third party shall make the following information available to the customer free of charge: (A) All personal information that was disclosed… (B) The names and contact information of all of the third parties that received personal information from the business.

The EFF breaks it down to show that any company can comply with this – from tech giants in Silicon Valley to three person start-ups working in their mom’s basement. So what’s a business to do?

Their first solution is easy: If you don’t think you can handle telling consumers what data you’re storing and who you’re sharing it with, don’t store data or share it with anyone. Other options include disclosing what information you take at the time of purchase or sending out individual data information once a year. Technically, consumers can only request this data from companies once every 12 months. Pick your poison, but whichever drink you choose, customers must know exactly what data you’re storing and what you’re doing with it.

muricaWhile it’s easy to sell this law as bringing more freedom to consumers in the land of the free and home of the brave, we’re actually just following Europe. The EU is on top of their Internet privacy laws and has been fighting tooth and nail to protect their citizens before tech companies grow too big in their abuse of power. CNET noted that it took a US state an entire year to draft a consumer data transparency law after Europe did.

It’s this European way of thinking that caused California lawmakers to draft the legislation. They’re not worried about small bakeries trying to build an email list for their newsletters; they’re worried about the Googles and Facebooks of the world. Every week Google is in the news for privacy issues and they make no secret of the fact that they collect your data and store it indefinitely. Note: this law doesn’t mean companies can’t keep storing and selling information, they just have to tell customers what they’re doing with it.

As California is the hub of the tech industry, the probability that laws follow in other states is high. Because the Internet is so universal it’s easy to forget that individual countries and states can make legislation against monsters like Twitter. The rest of America will have to sit and wait while businesses slowly drain and spread their personal information all across cyberspace.

About the author

Amanda Dodge