Microsoft says it will honor California's digital privacy law throughout the U.S.

[nanoguy]

Why it matters: Microsoft is one of the few tech giants that isn't in the business of hoarding user data. In a new move, the company will comply with a California privacy law throughout the US, after publicly calling for GDPR-like regulation of the entire tech industry.

The Redmond giant said in a statement released on Monday that it will honor the same "core rights" established by California's new digital privacy bill for every citizen in the United States.

The announcement was made by Julie Brill, who is Microsoft's chief privacy officer. She pledged the company will support the California Consumer Privacy Act and its provisions and "will provide effective transparency and control under the CCPA to all people in the US."

For those of you who are unfamiliar with it, the CCPA provides a strict set of rules that are designed to protect consumers and give them control and true ownership over their personal data. The bill will require companies to clearly disclose the ways they use a customer's data, the reasons for collecting it, as well as inform on what parts of it are shared with third parties.

Under the CCPA, consumers can also ask companies to have their data erased from their servers while being offered continued service if they want it. At the very least, they can ask for their data not to be sold to any third parties. The new bill will go into effect in January 2020, and makes it easier for consumers to sue after a data breach while the attorney general gets more authority to fine companies that break the rules.

Interestingly, tech giants like Google and Facebook who gobble enormous amounts of data weren't happy about CCPA but still lobbied for it to circumvent a ballot initiative that had been seeking even tougher privacy regulations. In a way, CCPA is similar to GDPR. However, it isn't nearly as broad and only targets companies that make most of their revenue from selling user data.

To put things in perspective, Microsoft is putting itself in a good position if CCPA is adopted more widely, and sending a strong message to consumers that it doesn't need to feed on their data in order to turn a profit. The law is still developing, so the requirements are likely to change. The biggest hurdle for regulators will be for Congress to come to a consensus on whether to allow states to have their own privacy law or craft national legislation that goes above and beyond.

In the meantime, a newly proposed privacy bill means executives like Mark Zuckerberg could end up in jail if their companies break the law. And while the chances of it being passed are anyone's guess, at least that's not the only effort in that direction. A broad antitrust probe is currently looking in every big tech company's closet, and chances are lawmakers will not like what they find.

Permalink to story.

https://www.techspot.com/news/82723-microsoft-honor-california-digital-privacy-law-throughout-us.html

 

[Uncle Al]

Of course they don't need it NOW, they have already had it for years! But it's a good step that all of them need to put into practice .....

 

[Evernessince]

This bill won't mean much if the penalty for violation doesn't exceed the benefit of lying.

 

[mailpup]

This bill won't mean much if the penalty for violation doesn't exceed the benefit of lying.

A good point. Also, violations of the law and subsequent penalties would only apply to California if I understand this correctly. That is the only state that seems to have this law. Even if Microsoft applies a compliant policy across the US, it's only a policy not a law in other states. It seems to me, and I could be wrong, if Microsoft violates their new policy in other states, it's just an "oops" with no legal penalty. So by announcing this policy perhaps Microsoft hopes there will be reduced pressure to pass actual laws in the other 49 states and thus no real penalties if they screw up.

 

[Danny101]

"Microsoft is one of the few tech giants that isn't in the business of hoarding user data."

Somehow I don't feel better or confident about this promise.

 

[ShagnWagn]

Is this a statement that every executive would get behind, and if they break it, buy their own prison and put themselves in it? This may be enough for me to downgrade to Win10.

 

[Yynxs]

Unless the law reads "..the company must have opt-in permission in writing on a piece of paper from every consumer..." the California law(s) is/are worthless. The piece of paper allows the consumer to go to a courtroom and show the most clueless juror they did not sign to allow access to their personal life.

Equally, the fine for violating privacy should be specified, excessive and split between the individual and the government, with the government prosecuting. This gets the individual into the business of simply filing a complaint and the government in the legal business of protecting their rights; what it should be doing.

Finally, multiple violations, say 10 or more, are charged as felonies and include jail time in Kansas for the Executives, their staff, the developers and QA, and any contractors that allowed bypassing the paper rule. Nothing is going to change until these scum feel the wrath descending on their leaders and compliant followers and people start being afraid to write code that violates US citizens' rights.