California is quietly hurtling toward becoming a model for how not to establish privacy policy. It’s time to pull back the curtain on a newly created regulatory agency’s dangerously costly and confusing proposals, and shout out what everyday Californians stand to lose if these programs proceed. The public should be privy to the policy-shaping actions of the California Privacy Protection Agency (CPPA) because they place all businesses and consumers at risk, while doing little to advance the stated goal of protecting personal information.
The CPPA recently completed its first set of public hearings and was met with a loud cry from the business community, including diverse members of the Los Angeles County Business Federation (BizFed) representing job creators of all sizes and across all sectors.
Employers will have to choose between using resources to fill jobs and requirements to divert funds toward CCPA and California Privacy Rights Act (CPRA) compliance. The California Attorney General’s own study estimated initial compliance costs would be $55 billion dollars – an amount that does not include costs for new regulations issued by the CPPA. As compliance costs climb, many businesses have no choice but to pass costs on to consumers.
Small enterprise – the backbone of our economy – will be disproportionately hurt. Small business owners and their customers depend on free services that could disappear if the expansion of CPPA’s regulatory program continues unchecked. The agency could ultimately force companies to charge for these services. It could also limit digital advertising or render it less effective, decimating the tool that has empowered small business to compete with giants such as Walmart, Target and Amazon.
The ongoing demonization of technology employers will only prompt more companies and residents to exit California for states more hospitable to talent, innovation and tenacity. We cannot afford the compliance costs or the accelerated brain drain.
Overregulating the use of anonymous data will affect all Californians’ daily lives. For example, toll booths use information to expedite traffic through bridges and other toll areas, grocery stores keep the right goods stocked by knowing the consumer buying habits and location services empower users to avoid traffic congestion. The CPPA needs to balance legitimate concern around the release of personal information with the public’s need for data-dependent services.
Privacy regulations are also mired in confusing definitions and legalese that make it unclear, even to experts, which businesses are covered, who can opt out, and when data can be used for targeted advertising, among other intricacies. A recent survey found 90% of California companies are unprepared for CCPA compliance. Laws that cannot be complied with should not be passed. Agencies that cannot regulate effectively should not be created.
Related Articles
Reinsertion of U.S. troops in Somalia is unlikely to produce a better outcome
Eric Garcetti’s ambassadorship nomination should be axed
The mayor’s parents pull a few strings
Democrats’ midterm prospects are already bleak – but they could get worse
No more: Political Cartoons
To be clear, BizFed and local business leaders are not broadly opposed to government regulation – only rules and systems that are counterproductive or impossible to enforce. In this case, both evils are true.
Rather than cleaning up the mess that has been created by an overdose of unnecessary regulations, the CPPA has announced its intention to expand the regulatory effort and create even more costs and confusion.
Gov. Gavin Newsom and the Legislature must step in and take corrective action. They cannot separate themselves from the CCPA because they helped create the agency through their earlier legislative actions, support for the initiative and appointment of members to the CCPA Board. They own the process and the results, and they owe it to all Californians to get this right.
Tracy Hernandez is CEO of the Los Angeles County Business Federation (LA BizFed).