Bill Text


Bill PDF |Add To My Favorites | print page

AB-950 Consumer privacy protection.(2019-2020)

SHARE THIS: share this bill in Facebook share this bill in Twitter
Date Published: 02/20/2019 09:00 PM
AB950:v99#DOCUMENT


CALIFORNIA LEGISLATURE— 2019–2020 REGULAR SESSION

Assembly Bill
No. 950

Introduced by Assembly Member Levine

February 20, 2019

An act to add Sections 1798.91.01 and 1798.91.02 to the Civil Code, relating to consumers.


LEGISLATIVE COUNSEL'S DIGEST


AB 950, as introduced, Levine. Consumer privacy protection.
Existing law prohibits a business from requesting medical information directly from an individual regardless of whether the information pertains to the individual, and using, sharing, or otherwise disclosing that information for direct marketing purposes unless certain requirements are met, including that it disclose that it is obtaining the information to market or advertise products, goods, or services to the individual and that it obtain consent for the information to be used or shared for that purpose, as specified.
This bill would require a business that conducts business in California, and that collects a California resident’s consumer data, to disclose to the consumer the monetary value to the business of their consumer data by posting the average monetary value to the business of a consumer’s data, including that information in its privacy policy posted on its internet website, and also including in its privacy policy disclosure of any use of a consumer’s data that is not directly or exclusively related to the service that the consumer has contracted the business to provide, as specified. The bill would also require a business that conducts business in California, that collects a California resident’s consumer data, and that sells that data, to disclose to the consumer the average price it is paid for a consumer’s data and to disclose to the consumer the actual price it was paid for a consumer’s data upon receipt of a verifiable request for that information from the consumer.
This bill would also establish the Consumer Data Privacy Commission comprised of members of academia, civil society, and industry to provide guidance to the Legislature regarding appropriate metrics and methodology for determining the value of consumer data. The bill would require the commission to report its findings to the Legislature on or before January 1, 2021.
Vote: MAJORITY   Appropriation: NO   Fiscal Committee: YES   Local Program: NO  

The people of the State of California do enact as follows:


SECTION 1.

 Section 1798.91.01 is added to the Civil Code, immediately following Section 1798.91, to read:

1798.91.01.
 (a) A business that conducts business in California, that collects a California resident’s consumer data, shall disclose to the consumer the monetary value to the business of their consumer data by doing all of the following:
(1) Posting on its internet website the average monetary value to the business of a consumer’s data.
(2) Including in its privacy policy posted on its internet website in a section entitled “The Value of Your Data” the average monetary value to the business of a consumer’s data. This value shall be updated at least every 90 days and whenever the business’ terms of service or privacy policy change.
(3) Including in its privacy policy posted on its internet website, disclosure of any use of a consumer’s data that is not directly or exclusively related to the service that the consumer has contracted the business to provide. The business shall identify specific types or fields of personal information taken from the consumer data by reference to the categories set forth in subdivision (o) of Section 1798.140.
(b) (1) A business that conducts business in California, that collects a California resident’s consumer data, that sells that data, shall disclose to the consumer the average price it is paid for a consumer’s data.
(2) A business that conducts business in California, that collects a California resident’s consumer data, that sells that data, shall disclose to the consumer the actual price it was paid for the consumer’s data upon receipt of a verifiable request for that information from the consumer.
(c) For purposes of this section, “business” has the same meaning as in Section 1798.140.

SEC. 2.

 Section 1798.91.02 is added to the Civil Code, immediately following Section 1798.91.01, to read:

1798.91.02.
 (a) The Consumer Data Privacy Commission is hereby established.
(b) The commission shall provide guidance to the Legislature regarding appropriate metrics and methodology for determining the monetary value of consumer data.
(c) The commission shall be comprised of members of academia, civil society, and industry.
(d) The commission shall report its findings to the Legislature by January 1, 2021.
(e) (1) The requirement to submit a report imposed under subdivision (d) is inoperative on January 1, 2025, pursuant to Section 10231.5 of the Government Code.
(2) A report to be submitted pursuant to subdivision (d) shall be submitted in compliance with Section 9795 of the Government Code.