California’s new privacy law is now in effect, allowing state residents to take better control of the data that’s collected on them — from social networks, banks, credit agencies and more.
There’s just one catch: the companies, many of which lobbied against the law, don’t make it easy.
California’s Consumer Privacy Act (CCPA) allows anyone who resides in the state to access and obtain copies of the data that companies store on them, and the right to delete that data and opt-out of companies selling or monetizing their data. It’s the biggest state-level overhaul of privacy rules in a generation. State regulators can impose fines and other sanctions for companies that violate the law — although, the law’s enforcement provisions do not take effect until July. That’s probably a good thing for companies, given most major tech giants operating in the state are not ready to comply with the law.
Just as companies did with Europe’s GDPR, many companies have sprung up new privacy policies in preparation, as well as new data portals, which allow consumers access to their data and to opt-out of their data being sold on to third-parties, such as advertisers. But good luck finding them. Most companies aren’t transparent about where their data portals are, often out of sight and buried in privacy policies, near-guaranteeing that nobody will find them.
Just two days into the new law, and some are already fixing it for the average Californian.
Damian Finol created a running directory of company pages that allow California residents to opt-out of their data being sold and request their information. The directory is updated frequently, and so far includes banks, retail giants, airlines, car rental services, gaming giants and cell companies — to name a few.
caprivacy.me is a simple directory of links to where California residents can tell companies not to sell their data, and request what data companies store on them (Screenshot: TechCrunch)
The project is still in its infancy, but relies on community contributions (and anyone can submit a suggestion), he said. In less than a day, it already racked up more than 80 links.
“I’m passionate about privacy and allowing people to declare what their personal privacy model is,” Finol told TechCrunch.
“I grew up queer in Latin America in the 1990s, so keeping private the truth about me was vital. Nowadays, I think of my LGBTQ siblings in places like the Middle East, where if their privacy is violated, they can face capital punishment,” he said, explaining his motivations behind the directory.
There’s no easy way — yet — to opt-out in one go. Anyone in California who wants to opt-out has to go through each link. But once it’s done, it’s done. Put on a pot of coffee and get started.