Legislation creating the nation’s first state-level Office of Privacy Protection was signed into law Monday by Democratic California Governor Gray Davis.
Slated to become operational on Jan. 1, 2002, it was established as a unit of the Department of Consumer Affairs by the legislature last month when it passed a watered-down Personal Information and Privacy Protection Act (SB-129), sponsored by State Senator Steve Peace.
Originally the measure would have established California as the first state in the nation to enact European-style privacy protections. It would have required information gatherers, list companies direct marketers, banks and other financial institutions to obtain a person’s written permission before they could share their information with third parties.
It also would have created a statewide privacy ombudsman to serve as a “non-binding arbiter of disputes” between individuals and information gatherers over unauthorized personal information disclosures.
After debating the measure for more than a year, lawmakers agreed to eliminate the opt-in provision in order to win the praise of the Direct Marketing Association for recognizing that both the tradition of offering consumers a chance to opt-out form having their personal information shared with third parties and that the self-regulation polices of both the DMA and the direct marketing industry are working.
After signing that measure into law, Governor Davis vetoed a bill that would have prohibited businesses in the state from secretly monitoring the e-mails and other computer records of their employees.
In his veto message to the legislature, the governor said “this bill places unnecessary and complicating obligations on employers and may likely lead to litigation by affected employees over whether the required notice was provided,” read and understood by an employee.
The bill’s sponsor, State Senator Debra Bowen, said in a statement that she “fundamentally disagree[d] with the Governor’s rationale” adding that ‘just because employers own the computers and pay for the Internet access doesn’t mean they have the right to spy on their workers, especially when they give employees computer passwords that create an expectation of privacy.”
Bowen said her legislation “would have taken the basic privacy protections that apply to phone calls and extended them to cover e-mail.”
Network
