There is never a dull moment in the world of privacy policy. An online presence is fundamental to commerce and entertainment in our society and throughout the world, but along with it comes conflict and controversy. Now, a new uncertainty looms on the horizon.
The passage of Proposition 24 brings the creation of the first-ever California Privacy Protection Agency (CPPA), an independent regulatory and enforcement body vested with full administrative power, authority, and jurisdiction to implement and enforce the California Consumer Privacy Act and the newly enacted California Privacy Rights Act of 2020.
Aside from the Federal Trade Commission, which has been the chief federal agency on privacy policy and enforcement since the 1970s, this will be the first privacy agency of its kind in the United States, and the first state-level agency that is dedicated to privacy policy and enforcement.
An Example or a Warning
Being the first dedicated privacy agency in the United States, the inaugural board of this new agency will exert great influence over privacy policy and enforcement into the future. This influence will bleed beyond California’s borders, serving as either a model, or a warning, for jurisdictions looking to follow suit.
The CPPA will be governed by a five-member board, including one chairperson. The Governor will appoint the chairperson and one member; and each of the three remaining seats will be appointed by the Attorney General, Senate Rules Committee, and Speaker of the Assembly, respectively.
The World Watches
The world is watching to see what CPPA’s inaugural board looks like, whether it will be inclusive of diverse stakeholder input, whether it will have the ability to empathize with the businesses and economics of the real world, and whether the appointments will be made on fact-based inquiries about qualifications, experience, and merits.
The fear, however, is that the board will be made up of zealots, activists, and academics who are disconnected from the real world and apathetic toward the struggles that business owners in California face on a daily basis. It is no secret that California privacy enforcement continued against businesses unabated throughout the pandemic.
Because of the great power and responsibility that the CPPA is vested with, it is important that the inaugural board be comprised of individuals who bring a balanced and inclusive approach to the position. Doing so could bring-much needed transparency and predictability to the world of privacy regulation.
This article appeared first as a Capitol Insider blog post.
