By Michael Belote, Esq., California Advocates
Of all the issues pending in Sacramento, including wildfires, immigration, health care reform, taxation, housing water, and many more, perhaps no issue commands more attention than the broad subject of data. Policymakers increasingly are aware of the monetization of information, and there are literally dozens of bills proposing increased regulation of the collection, use and sharing of data.
California is now less than seven months from the implementation date of the California Consumer Privacy Act, or CCPA. The California law represents arguably the world’s most expansive privacy law, spawning proposals in other states and even discussion in Washington, D.C. of the possibility of a uniform national privacy law. Despite the wishes of some, CCPA is not going away and will not be delayed, becoming effective on January 1, 2020.
And CCPA is a bit of a moving target. When the privacy package of AB 375 and SB 1121 were enacted last year, the Legislature wisely delayed the effective date by one year, providing time to refine the law in this incredibly complicated area during 2019. There are a number of bills pending which, depending upon your point of view, either accomplish common-sense clarifications of CCPA, or retreat from important protections provided to consumers. The bills involve such diverse areas as loyalty programs (think airline miles), fraud prevention, smart speakers, facial recognition programs, automobile data, and more.
The most important of the privacy bills is AB 25 (Chau), the main clean-up bill of the privacy package last year. Right now the bill contains a number of practical, but important clarifications, such as establishing that employees are not “consumers” for purposes of CCPA, preventing employees from, for example, demanding deletion of their personnel files. But every word of the clean-up bills is being scrutinized by business to make sure that businesses are not exposed to new liabilities, and by consumer groups, to make sure that consumers do not lose protections granted by last year’s laws.
We do not expect to see changes in the basic rules of who is covered by CCPA. Clearly any business with $25M or more in gross annual revenue is covered, but the other two criteria are more subtle. Businesses who derive more than 50% or more of their revenue from selling personally-identifiable information, or who receive, buy, share or sell information from 50,000 or more consumers are also covered. Clearly while not all UTA member companies will qualify, a number of them will, and these companies must begin putting in place the procedures necessary to comply with the law in January.
At the same time that mega-issues like privacy, housing and wildfires are pending, the less glamorous day to day work of legislating continues. There are bills pending which increase regulation of small dollar loans, which potentially could affect certain niche areas of real estate lending.
UTA also has a sponsored bill for 2019, SB 306 (Morrell). The bill builds upon laws enacted in Arizona and elsewhere which create an express ability for trustees to withdraw or resign as trustee. The bill, although low-key, has attracted a fair amount of attention from lender and title organizations, and we are working with these groups on the practical aspects of notice and recording of resignations. Some times the practical, technical bills require as much effort as the big, high-profile issues!
As we head into the second half of the legislative year, it also is becoming clear which bills are not likely to pass this year. Online notarizations, for example, are growing in other states and no doubt will someday come to California, but the bill permitting this authority will not pass in 2019. So too with bills to expand the property tax postponement program. And the bill to extend sales tax to services, while still very much a priority for the author, Senator Bob Hertzberg from the San Fernando Valley, is very unlikely to move this year.