California’s New Data Privacy Law Has Muddled Expectations of Companies

Natasha Singer, New York Times:

Millions of people in California are now seeing notices on many of the apps and websites they use. “Do Not Sell My Personal Information,” the notices may say, or just “Do Not Sell My Info.”

But what those messages mean depends on which company you ask.

Stopping the sale of personal data is just one of the new rights that people in California may exercise under a state privacy law that takes effect on Wednesday. Yet many of the new requirements are so novel that some companies disagree about how to comply with them.

I’m not sure they’re “novel” as much as they are poorly defined. A couple of weeks ago, a piece in the Wall Street Journal explained how Facebook would be taking advantage of the confusion — at least until the actual expectations of these new regulations are hashed out in court in the coming years.

Laws like the CCPA, and GDPR in Europe, are necessary steps forward, even though they are incomplete and imperfect. But that’s part of the process; and, as new test cases come forward to challenge their measures, they will become better-defined. They should be paired with better antitrust enforcement, too, so that those companies which have huge market advantages cannot unfairly coerce consumers.