Existing law, the Information Practices Act of 1977, prescribes a set of requirements, prohibitions, and remedies applicable to public agencies, as defined, with regard to their collection, storage, and disclosure of personal information.
Existing law, the California Consumer Privacy Act of 2018 (CCPA), grants a consumer various rights with respect to personal information, as defined, that is collected or sold by a business, as defined, including the right to direct a business that sells personal information about the consumer to third parties not to sell the consumer’s personal information.
This bill would prohibit data collected, received, or prepared for purposes of contact tracing from being used, maintained, or disclosed for any purpose other than facilitating contact tracing efforts. The bill would
prohibit an officer, deputy, employee, or agent of a law enforcement agency, as defined, from engaging in contact tracing. The bill would require all data collected, received, or prepared for purposes of contact tracing to be deleted within 60 days, except if that data is in the possession of a state or local health department.
Existing constitutional provisions require that a statute that limits the right of access to the meetings of public bodies or the writings of public officials and agencies be adopted with findings demonstrating the interest protected by the limitation and the need for protecting that interest.
This bill would make legislative findings to that effect.
The California Constitution requires local agencies, for the purpose of ensuring public access to the meetings of public bodies and the writings of public
officials and agencies, to comply with a statutory enactment that amends or enacts laws relating to public records or open meetings and contains findings demonstrating that the enactment furthers the constitutional requirements relating to this purpose.
This bill would make legislative findings to that effect.