On the forefront of data privacy law, California’s governor has signed a first-of-its-kind legislation that tightens regulations on data brokers, a move that necessitates such entities to expunge personal data requested by the consumer. Hitherto, data brokers have excelled in the practice of aggregating personal or business-related data—notably from public records, yet sometimes sourced privately—before merchandising or licensing such information to third parties for an array of applications.
This newly enacted California law, formally identified as Senate Bill 362, endows Californian residents with the power to have all personal data withdrawn by data brokers, signifying a key evolution in privacy rights within the digital sphere.
Significant procedural clarifications are needed as these changes are implemented and data brokers will be forced to navigate a largely unchartered sphere of privacy law. For corporations and law firms, attention should be directed at elucidating and understanding these regulations to remain compliant, and ensuring client data is managed in line with these new standards. Full coverage and analysis of the new law can be found at JD Supra.
Although the specific response of the data broker industry to this new legislation remains to be seen, the potential for further such laws in a world increasingly focused on privacy marks California’s new law as a significant legal development.