The Price of Privacy

November 2018

Image: iStock

We thought we’d offer a break from all the U.S. elections coverage to focus on what some elected officials recently did in our area of expertise: privacy and cybersecurity. Several legislators have introduced consumer data protection laws, but so far only one major bill has passed at the state, versus federal, level.

Earlier this year, California legislators passed the nation’s most stringent consumer privacy law to date. It’s modeled in the image of the European Union’s sweeping General Data Protection Regulation (GDPR) that had us all receiving updated privacy policies and website cookie warnings since spring.

The California Consumer Privacy Protection Act of 2018 provides the state’s citizens more latitude in how their private data is used by tech companies that have long enjoyed unfettered access with low security controls. We all allow it to happen when we blindly accept those dense user agreements to download an app.

Beginning in 2020, California consumers will have the right to know what data companies have on them. They also can restrict that data’s use. Additionally, anyone under 16 must opt in to data sharing, rather than the current system of opting out.

This all sounds great if you are a consumer, but what if you are a company or content marketer that relies on tracking your customer’s activities in order to better serve them? How will tech behemoths like Facebook and Google continue to make money for investors if the scope and integrity of their data is diminished?

California lawmakers appear to have considered this too and added loopholes that could minimize the act’s reach. The new law also allows tech companies to charge more to users who opt out of sharing their private data. This, I believe, deserves more attention.

Almost half of all Americans are currently victims of data thieves. How do I know? Last year’s Equifax data heist impacted 148 million people, amounting to 44 percent of the entire U.S. population. My guess is the other 56 percent are either children or those rare individuals who never purchase anything like a car or house or groceries using credit. None of the victims ever opted in or out from having their private information shared with Equifax’s actual customers: lenders and others inquiring about someone’s creditworthiness.

I once was forced to live off cash and debit cards for two years after being the victim of identity theft. It was really hard. My household bottom line grew due to a major decline in purchases, but my credit score plunged.

The new California law is likely to be replicated in other states. It’s also likely to look differently by the time it is put into practice. There are always unintended consequences to anything we do or create, and no doubt consumers and companies (particularly small businesses) will pay a higher premium for controlling or preventing use of personally identifiable information. However, there also may be an upside not frequently discussed.

Much is now being made of how much time we spend online and particularly on our smartphones. Perhaps we’ll actually learn to wean ourselves from bad habits and addictive devices by removing some of the more invasive apps and guarding our privacy more. Who knows, maybe we’ll even come to embrace the low-tech lives of the past.

Thank you for reading this,

Anne Saita