Why it matters: Microsoft is one of the few tech giants that isn't in the business of hoarding user data. In a new move, the company will comply with a California privacy law throughout the US, after publicly calling for GDPR-like regulation of the entire tech industry.
The Redmond giant said in a statement released on Monday that it will honor the same "core rights" established by California's new digital privacy bill for every citizen in the United States.
The announcement was made by Julie Brill, who is Microsoft's chief privacy officer. She pledged the company will support the California Consumer Privacy Act and its provisions and "will provide effective transparency and control under the CCPA to all people in the US."
For those of you who are unfamiliar with it, the CCPA provides a strict set of rules that are designed to protect consumers and give them control and true ownership over their personal data. The bill will require companies to clearly disclose the ways they use a customer's data, the reasons for collecting it, as well as inform on what parts of it are shared with third parties.
Under the CCPA, consumers can also ask companies to have their data erased from their servers while being offered continued service if they want it. At the very least, they can ask for their data not to be sold to any third parties. The new bill will go into effect in January 2020, and makes it easier for consumers to sue after a data breach while the attorney general gets more authority to fine companies that break the rules.
Interestingly, tech giants like Google and Facebook who gobble enormous amounts of data weren't happy about CCPA but still lobbied for it to circumvent a ballot initiative that had been seeking even tougher privacy regulations. In a way, CCPA is similar to GDPR. However, it isn't nearly as broad and only targets companies that make most of their revenue from selling user data.
To put things in perspective, Microsoft is putting itself in a good position if CCPA is adopted more widely, and sending a strong message to consumers that it doesn't need to feed on their data in order to turn a profit. The law is still developing, so the requirements are likely to change. The biggest hurdle for regulators will be for Congress to come to a consensus on whether to allow states to have their own privacy law or craft national legislation that goes above and beyond.
In the meantime, a newly proposed privacy bill means executives like Mark Zuckerberg could end up in jail if their companies break the law. And while the chances of it being passed are anyone's guess, at least that's not the only effort in that direction. A broad antitrust probe is currently looking in every big tech company's closet, and chances are lawmakers will not like what they find.