SlideShare a Scribd company logo

California Privacy Law: Resources & Protections

I
ipspat

By Joanne Mcnabb

Technology
1 of 23
Download to read offline
CA Privacy Law: Resources & Protections Joanne McNabb, Chief Office of Privacy Protection California Department of Consumer Affairs Intellectual Property Society Seminar, January 20, 2004 1
Constitutional Right All people are by nature free and independent and have inalienable rights. Among these are enjoying and defending life and liberty, acquiring, possessing, and protecting property, and pursuing and obtaining safety, happiness, and privacy. Article 1, Section 1, Constitution of the State of California 2
Office of Privacy Protection CA is only state with such an agency Created by law passed in 2000 Purpose: “protecting the privacy of individuals’ personal information in a manner consistent with the California Constitution by identifying consumer problems in the privacy area and facilitating development of fair information practices” 3
Office of Privacy Protection Office functions Consumer assistance Education and information Coordination with law enforcement Best practice recommendations 4
Concerns of Contacts to OPP 40% 38% 30% 20% 17% 15% 9% 8% 10% 6% 2% 3% 3% 0% s s s g l d l l rn im tice etin cia i te i ca era PP nc e V ict a c rk an o l ic ed en O n t Co eft Pr em a Fi ns M G ef Th ies & Tel rU T h ID i c th e ID Pol O 11/01-12/03 5
Education and Information Consumer Information Sheets ID theft prevention, victim checklist, “criminal” ID theft Protecting SSNs, reading privacy policies, controlling unwanted communications Health info privacy Workshops and presentations 86 for consumers, 64 for business (11/01-12/03) 6
Work with Law Enforcement Advisory Committee to High Tech Crimes/Identity Theft Task Force 5 regional task forces of local, state and federal law enforcement Provide information on new laws via web site Make case referrals 7
“Best Practice” Recommendations Recommendations of “best practices,” beyond legal requirements By phone in response to requests Written sets developed with advisory groups SSN Confidentiality Notification of Security Breach 8
CA Privacy Laws Enacted 1999-2003 18 16 16 15 14 12 10 9 8 7 6 5 4 2 0 1999 2000 2001 2002 2003 9
Fair Information Practice Principles (FIPS) Transparency Collection Limitation Purpose Specification Use Limitation Data Quality Individual Participation Security Accountability 10
CA Privacy Laws & FIPs Limits on collection of personal info Limits on use of personal info Requirements of notice of privacy rights Limits on unwanted commercial communications Requirements for data security Requirements for individual access to personal info Rights & remedies for identity theft victims 11
Limits on Collection of Personal Information Ban on recording any personal info when accepting payment by credit card Ban on recording DL # when accepting payment by check Ban on collecting DL# and SSN for supermarket club cards Ban on wiretapping, CATV/satellite TV monitoring Ban on state agency collecting personal info not authorized by law or regulation (IPA) 12
Limits on Use of Personal Information 1 Info “swiped” from drivers licenses (except for age verification, etc.) Onward sharing of “marketing info” of credit card holders subject to opt-out right Public display of Social Security numbers Onward sharing of personal info collected for supermarket club cards 13
Limits on Use of Personal Information 2 Printing of >5 digits of credit card numbers on electronic customer receipts Onward sharing of residential telephone customer calling patterns, financial info, etc. Use by state agency other than as authorized by law (IPA, but cf. Public Records Act) 14
Limits on Use of Personal Information 3 Onward sharing of medical info, other than for TPO, subject to prior consent Use of medical info for marketing purposes, as defined Limited access to birth/death certificates, no SSNs or MMNs on publicly available birth/death record indices 15
Limits on Use of Personal Information 4 Sharing of consumer credit & background info, except for specified purposes, by CRAs, Investigative RAs (but cf. FCRA/FACTA) Sharing of personal financial info w/ 3rd parties by financial institutions (SB 1, eff. 7/1/04) Use of auto “black box” data for other than vehicle safety, etc. (AB 213, eff. 7/1/04) 16
Notice Requirements 1 Notice of security breach involving specified personal info Notice to vets from county recorder re DD214s as public records Notice on collection of personal info by state agencies (IPA) Privacy policy notice in state offices and on agency web sites 17
Notice Requirements 2 Notice of privacy policies/practices on commercial web sites collecting personal info on CA residents (AB 68, eff. 7/04) Upon request, notice to customer of info sharing details or opt-out opportunity (SB 27, eff. 1/05) Notice of presence of auto “black box” in owner’s manual or subscription contract (AB 213, eff. 7/04) 18
Data Security Destruction of customer records by businesses by shredding, etc. Activation process required on substitute credit cards mailed to consumers Credit/debit card “skimmers” outlawed State agencies must use security safeguards to protect personal info (IPA) 19
Individual Access to Information Access to and right to correct personal info in records of state agencies (IPA) Access to and right to dispute personal info in medical records (PAHRA, cf. federal HIPAA) 20
Limits on Commercial Communications Do-Not-Call Registry (state/federal laws) Ban on unsolicited commercial text messages sent to cell phones/pagers Ban on spam sent in violation of ISP’s policy Ban on spam sent w/out prior consent of recipient (but cf. federal CAN SPAM Act) 21
Identity Theft Rights & Remedies Definition of crime, including possession of documents with intent to defraud Requirement of local police to take report Expedited judicial process for victims Database for victims of “criminal” ID theft Victim rights in debt collection and against claimants Victim access to documents on fraudulent accounts (but cf. FCRA/FACTA) 22
Joanne McNabb, Chief Office of Privacy Protection California Department of Consumer Affairs 400 R Street, Suite 3080 Sacramento, CA 95814 916-322-4420 www.privacy.ca.gov 866-785-9663 23

Recommended

Law firm data privacy by dave cunningham
Law firm data privacy by dave cunninghamLaw firm data privacy by dave cunningham
Law firm data privacy by dave cunninghamDavid Cunningham
 
Lex mundi 2011 confidentiality and knowledge collaboration presentation - f...
Lex mundi 2011 confidentiality and knowledge collaboration presentation - f...Lex mundi 2011 confidentiality and knowledge collaboration presentation - f...
Lex mundi 2011 confidentiality and knowledge collaboration presentation - f...David Cunningham
 
The Case for Mandatory Data Breach Disclosure Laws
The Case for Mandatory Data Breach Disclosure LawsThe Case for Mandatory Data Breach Disclosure Laws
The Case for Mandatory Data Breach Disclosure LawsBrian Honan
 
Principles of mobile privacy
Principles of mobile privacyPrinciples of mobile privacy
Principles of mobile privacyEuphodia Maluleke
 
Phish phry operation
Phish phry operationPhish phry operation
Phish phry operationMohamed Zahran
 
The E-Commerce Act - Republic Act 8792
The E-Commerce Act - Republic Act 8792The E-Commerce Act - Republic Act 8792
The E-Commerce Act - Republic Act 8792Janette Toral
 
Identity Theft
Identity TheftIdentity Theft
Identity TheftFairfax County
 
IDT Red Flags White Paper By Wrf
IDT Red Flags White Paper By WrfIDT Red Flags White Paper By Wrf
IDT Red Flags White Paper By WrfBucacci Business Solutions
 

Recommended

Law firm data privacy by dave cunningham
Law firm data privacy by dave cunninghamLaw firm data privacy by dave cunningham
Law firm data privacy by dave cunninghamDavid Cunningham
 
Lex mundi 2011 confidentiality and knowledge collaboration presentation - f...
Lex mundi 2011 confidentiality and knowledge collaboration presentation - f...Lex mundi 2011 confidentiality and knowledge collaboration presentation - f...
Lex mundi 2011 confidentiality and knowledge collaboration presentation - f...David Cunningham
 
The Case for Mandatory Data Breach Disclosure Laws
The Case for Mandatory Data Breach Disclosure LawsThe Case for Mandatory Data Breach Disclosure Laws
The Case for Mandatory Data Breach Disclosure LawsBrian Honan
 
Principles of mobile privacy
Principles of mobile privacyPrinciples of mobile privacy
Principles of mobile privacyEuphodia Maluleke
 
Phish phry operation
Phish phry operationPhish phry operation
Phish phry operationMohamed Zahran
 
The E-Commerce Act - Republic Act 8792
The E-Commerce Act - Republic Act 8792The E-Commerce Act - Republic Act 8792
The E-Commerce Act - Republic Act 8792Janette Toral
 
Identity Theft
Identity TheftIdentity Theft
Identity TheftFairfax County
 
IDT Red Flags White Paper By Wrf
IDT Red Flags White Paper By WrfIDT Red Flags White Paper By Wrf
IDT Red Flags White Paper By WrfBucacci Business Solutions
 
Surveillance technologies a primer
Surveillance technologies a primerSurveillance technologies a primer
Surveillance technologies a primerHector Dominguez
 
Us20100286993
Us20100286993Us20100286993
Us20100286993Norman Gates
 
Privacy - USC 2005
Privacy - USC 2005Privacy - USC 2005
Privacy - USC 2005Internet Law Center
 
Challenges to Achieve Privacy for Online Consumers in Mexico
Challenges to Achieve Privacy for Online Consumers in MexicoChallenges to Achieve Privacy for Online Consumers in Mexico
Challenges to Achieve Privacy for Online Consumers in MexicoJoel A. Gómez Treviño
 
Fonreg presentation - official
Fonreg presentation - officialFonreg presentation - official
Fonreg presentation - officialAyodele Thomas
 
The e commerce law
The e commerce lawThe e commerce law
The e commerce lawDonna Christy Alaba
 
ICT / IT Law (Cyberlaw)
ICT / IT Law (Cyberlaw)ICT / IT Law (Cyberlaw)
ICT / IT Law (Cyberlaw)franciscronje
 
Smartphones are smarter than you thought geo bellas
Smartphones are smarter than you thought geo bellasSmartphones are smarter than you thought geo bellas
Smartphones are smarter than you thought geo bellasGeoBellas
 
What happens to our virtual account or digital asset or data after our death ?
What happens to our virtual account or digital asset or data after our death ?What happens to our virtual account or digital asset or data after our death ?
What happens to our virtual account or digital asset or data after our death ?Bivas Chatterjee
 
Mobile Communications Marketing: Effective Compliance Strategies to Avoid Pen...
Mobile Communications Marketing: Effective Compliance Strategies to Avoid Pen...Mobile Communications Marketing: Effective Compliance Strategies to Avoid Pen...
Mobile Communications Marketing: Effective Compliance Strategies to Avoid Pen...Ryan Thurman
 
Cybercriminality
CybercriminalityCybercriminality
CybercriminalityChantal Abam
 
Internet As An Illegal Market Place
Internet As An Illegal Market PlaceInternet As An Illegal Market Place
Internet As An Illegal Market PlaceWojciech Filipkowski
 
2018 Privacy & Data Security Report
2018 Privacy & Data Security Report2018 Privacy & Data Security Report
2018 Privacy & Data Security Report- Mark - Fullbright
 
The long arm of the gdpr
The long arm of the gdprThe long arm of the gdpr
The long arm of the gdprMathew Chacko
 
Kurnava_Law+Ethics+and+Cybersecurity_Research+Paper
Kurnava_Law+Ethics+and+Cybersecurity_Research+PaperKurnava_Law+Ethics+and+Cybersecurity_Research+Paper
Kurnava_Law+Ethics+and+Cybersecurity_Research+PaperMatthew Kurnava
 
Understanding CJIS Compliance – Information Exchange Agreements
Understanding CJIS Compliance – Information Exchange AgreementsUnderstanding CJIS Compliance – Information Exchange Agreements
Understanding CJIS Compliance – Information Exchange AgreementsDoubleHorn
 
Cyber Claims Insight
Cyber Claims InsightCyber Claims Insight
Cyber Claims InsightGraeme Cross
 
Obama administration defends massive phone record collection
Obama administration defends massive phone record collectionObama administration defends massive phone record collection
Obama administration defends massive phone record collectiontrupassion
 
1.03 ethics and_security_review_ppt (1)
1.03 ethics and_security_review_ppt (1)1.03 ethics and_security_review_ppt (1)
1.03 ethics and_security_review_ppt (1)wright1908
 
CSMFO 2012 Data Privacy in Local Government
CSMFO 2012 Data Privacy in Local GovernmentCSMFO 2012 Data Privacy in Local Government
CSMFO 2012 Data Privacy in Local GovernmentDonald E. Hester
 
All_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfAll_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfJakeAldrinDegala1
 
Privacy Presentation for SOCAP-3
Privacy Presentation for SOCAP-3Privacy Presentation for SOCAP-3
Privacy Presentation for SOCAP-3Gary Kazmer
 

More Related Content

What's hot

Surveillance technologies a primer
Surveillance technologies a primerSurveillance technologies a primer
Surveillance technologies a primerHector Dominguez
 
Challenges to Achieve Privacy for Online Consumers in Mexico
Challenges to Achieve Privacy for Online Consumers in MexicoChallenges to Achieve Privacy for Online Consumers in Mexico
Challenges to Achieve Privacy for Online Consumers in MexicoJoel A. Gómez Treviño
 
Fonreg presentation - official
Fonreg presentation - officialFonreg presentation - official
Fonreg presentation - officialAyodele Thomas
 
ICT / IT Law (Cyberlaw)
ICT / IT Law (Cyberlaw)ICT / IT Law (Cyberlaw)
ICT / IT Law (Cyberlaw)franciscronje
 
Smartphones are smarter than you thought geo bellas
Smartphones are smarter than you thought geo bellasSmartphones are smarter than you thought geo bellas
Smartphones are smarter than you thought geo bellasGeoBellas
 
What happens to our virtual account or digital asset or data after our death ?
What happens to our virtual account or digital asset or data after our death ?What happens to our virtual account or digital asset or data after our death ?
What happens to our virtual account or digital asset or data after our death ?Bivas Chatterjee
 
Mobile Communications Marketing: Effective Compliance Strategies to Avoid Pen...
Mobile Communications Marketing: Effective Compliance Strategies to Avoid Pen...Mobile Communications Marketing: Effective Compliance Strategies to Avoid Pen...
Mobile Communications Marketing: Effective Compliance Strategies to Avoid Pen...Ryan Thurman
 
Internet As An Illegal Market Place
Internet As An Illegal Market PlaceInternet As An Illegal Market Place
Internet As An Illegal Market PlaceWojciech Filipkowski
 
2018 Privacy & Data Security Report
2018 Privacy & Data Security Report2018 Privacy & Data Security Report
2018 Privacy & Data Security Report- Mark - Fullbright
 
The long arm of the gdpr
The long arm of the gdprThe long arm of the gdpr
The long arm of the gdprMathew Chacko
 
Kurnava_Law+Ethics+and+Cybersecurity_Research+Paper
Kurnava_Law+Ethics+and+Cybersecurity_Research+PaperKurnava_Law+Ethics+and+Cybersecurity_Research+Paper
Kurnava_Law+Ethics+and+Cybersecurity_Research+PaperMatthew Kurnava
 
Understanding CJIS Compliance – Information Exchange Agreements
Understanding CJIS Compliance – Information Exchange AgreementsUnderstanding CJIS Compliance – Information Exchange Agreements
Understanding CJIS Compliance – Information Exchange AgreementsDoubleHorn
 
Cyber Claims Insight
Cyber Claims InsightCyber Claims Insight
Cyber Claims InsightGraeme Cross
 
Obama administration defends massive phone record collection
Obama administration defends massive phone record collectionObama administration defends massive phone record collection
Obama administration defends massive phone record collectiontrupassion
 
1.03 ethics and_security_review_ppt (1)
1.03 ethics and_security_review_ppt (1)1.03 ethics and_security_review_ppt (1)
1.03 ethics and_security_review_ppt (1)wright1908
 

What's hot (19)

Surveillance technologies a primer
Surveillance technologies a primerSurveillance technologies a primer
Surveillance technologies a primer
 
Us20100286993
Us20100286993Us20100286993
Us20100286993
 
Privacy - USC 2005
Privacy - USC 2005Privacy - USC 2005
Privacy - USC 2005
 
Challenges to Achieve Privacy for Online Consumers in Mexico
Challenges to Achieve Privacy for Online Consumers in MexicoChallenges to Achieve Privacy for Online Consumers in Mexico
Challenges to Achieve Privacy for Online Consumers in Mexico
 
Fonreg presentation - official
Fonreg presentation - officialFonreg presentation - official
Fonreg presentation - official
 
The e commerce law
The e commerce lawThe e commerce law
The e commerce law
 
ICT / IT Law (Cyberlaw)
ICT / IT Law (Cyberlaw)ICT / IT Law (Cyberlaw)
ICT / IT Law (Cyberlaw)
 
Smartphones are smarter than you thought geo bellas
Smartphones are smarter than you thought geo bellasSmartphones are smarter than you thought geo bellas
Smartphones are smarter than you thought geo bellas
 
What happens to our virtual account or digital asset or data after our death ?
What happens to our virtual account or digital asset or data after our death ?What happens to our virtual account or digital asset or data after our death ?
What happens to our virtual account or digital asset or data after our death ?
 
Mobile Communications Marketing: Effective Compliance Strategies to Avoid Pen...
Mobile Communications Marketing: Effective Compliance Strategies to Avoid Pen...Mobile Communications Marketing: Effective Compliance Strategies to Avoid Pen...
Mobile Communications Marketing: Effective Compliance Strategies to Avoid Pen...
 
Cybercriminality
CybercriminalityCybercriminality
Cybercriminality
 
Internet As An Illegal Market Place
Internet As An Illegal Market PlaceInternet As An Illegal Market Place
Internet As An Illegal Market Place
 
2018 Privacy & Data Security Report
2018 Privacy & Data Security Report2018 Privacy & Data Security Report
2018 Privacy & Data Security Report
 
The long arm of the gdpr
The long arm of the gdprThe long arm of the gdpr
The long arm of the gdpr
 
Kurnava_Law+Ethics+and+Cybersecurity_Research+Paper
Kurnava_Law+Ethics+and+Cybersecurity_Research+PaperKurnava_Law+Ethics+and+Cybersecurity_Research+Paper
Kurnava_Law+Ethics+and+Cybersecurity_Research+Paper
 
Understanding CJIS Compliance – Information Exchange Agreements
Understanding CJIS Compliance – Information Exchange AgreementsUnderstanding CJIS Compliance – Information Exchange Agreements
Understanding CJIS Compliance – Information Exchange Agreements
 
Cyber Claims Insight
Cyber Claims InsightCyber Claims Insight
Cyber Claims Insight
 
Obama administration defends massive phone record collection
Obama administration defends massive phone record collectionObama administration defends massive phone record collection
Obama administration defends massive phone record collection
 
1.03 ethics and_security_review_ppt (1)
1.03 ethics and_security_review_ppt (1)1.03 ethics and_security_review_ppt (1)
1.03 ethics and_security_review_ppt (1)
 

Similar to California Privacy Law: Resources & Protections

CSMFO 2012 Data Privacy in Local Government
CSMFO 2012 Data Privacy in Local GovernmentCSMFO 2012 Data Privacy in Local Government
CSMFO 2012 Data Privacy in Local GovernmentDonald E. Hester
 
All_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfAll_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfJakeAldrinDegala1
 
Privacy Presentation for SOCAP-3
Privacy Presentation for SOCAP-3Privacy Presentation for SOCAP-3
Privacy Presentation for SOCAP-3Gary Kazmer
 
PBPATL - Privacy Seminar 2011
PBPATL - Privacy Seminar 2011PBPATL - Privacy Seminar 2011
PBPATL - Privacy Seminar 2011Kimberly Verska
 
Revision Data Protection Act ( Eduardo And Salvador)
Revision Data Protection Act ( Eduardo And Salvador)Revision Data Protection Act ( Eduardo And Salvador)
Revision Data Protection Act ( Eduardo And Salvador)itgsabc
 
Privacy, human rights and Location Based Services
Privacy, human rights and Location Based ServicesPrivacy, human rights and Location Based Services
Privacy, human rights and Location Based Servicesblogzilla
 
Revision Data Protection Act (Eduardo And Salvador)
Revision Data Protection Act (Eduardo And Salvador)Revision Data Protection Act (Eduardo And Salvador)
Revision Data Protection Act (Eduardo And Salvador)itgsabc
 
Biometric Personal Data, Legal and Technological Utilization Issues
Biometric Personal Data, Legal and Technological Utilization IssuesBiometric Personal Data, Legal and Technological Utilization Issues
Biometric Personal Data, Legal and Technological Utilization IssuesGiannisBasa
 
2014-04-16 Protection of Personal Information Act Readiness Workshop
2014-04-16 Protection of Personal Information Act Readiness Workshop2014-04-16 Protection of Personal Information Act Readiness Workshop
2014-04-16 Protection of Personal Information Act Readiness WorkshopPaul Jacobson
 
Developing a Legal Framework to Combat Cybercrime
Developing a Legal Framework to Combat CybercrimeDeveloping a Legal Framework to Combat Cybercrime
Developing a Legal Framework to Combat CybercrimeMarcelo Gomes Freire
 
C Zick Foley Hoag FEI presentation 111315
C Zick Foley Hoag FEI presentation 111315C Zick Foley Hoag FEI presentation 111315
C Zick Foley Hoag FEI presentation 111315Colin Zick
 
Where In The World Is Your Sensitive Data?
Where In The World Is Your Sensitive Data?Where In The World Is Your Sensitive Data?
Where In The World Is Your Sensitive Data?Druva
 
Policies and Law in IT
Policies and Law in ITPolicies and Law in IT
Policies and Law in ITAnushka Perera
 
George Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarGeorge Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarDon Grauel
 
Data Privacy Act in the Philippines
Data Privacy Act in the PhilippinesData Privacy Act in the Philippines
Data Privacy Act in the PhilippinesShirley Ingles-Cruz
 
PREVENTING ID THEFT GUIDE FOR CONSUMERS
PREVENTING ID THEFT GUIDE FOR CONSUMERSPREVENTING ID THEFT GUIDE FOR CONSUMERS
PREVENTING ID THEFT GUIDE FOR CONSUMERSGreg Ewers
 
Corporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy ComplianceCorporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy ComplianceFinancial Poise
 
PREVENTING IDENTITY THEFT: A GUIDE for CONSUMERS
PREVENTING IDENTITY THEFT: A GUIDE for CONSUMERSPREVENTING IDENTITY THEFT: A GUIDE for CONSUMERS
PREVENTING IDENTITY THEFT: A GUIDE for CONSUMERS- Mark - Fullbright
 
Unit 8 DB Identity Theft Article A Chief’s ViewIdentity Thef.docx
Unit 8 DB Identity Theft Article A Chief’s ViewIdentity Thef.docxUnit 8 DB Identity Theft Article A Chief’s ViewIdentity Thef.docx
Unit 8 DB Identity Theft Article A Chief’s ViewIdentity Thef.docxouldparis
 

Similar to California Privacy Law: Resources & Protections (20)

CSMFO 2012 Data Privacy in Local Government
CSMFO 2012 Data Privacy in Local GovernmentCSMFO 2012 Data Privacy in Local Government
CSMFO 2012 Data Privacy in Local Government
 
All_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdfAll_you_need_to Know_About_the_Data_Privacy_Act.pdf
All_you_need_to Know_About_the_Data_Privacy_Act.pdf
 
Privacy Presentation for SOCAP-3
Privacy Presentation for SOCAP-3Privacy Presentation for SOCAP-3
Privacy Presentation for SOCAP-3
 
PBPATL - Privacy Seminar 2011
PBPATL - Privacy Seminar 2011PBPATL - Privacy Seminar 2011
PBPATL - Privacy Seminar 2011
 
Revision Data Protection Act ( Eduardo And Salvador)
Revision Data Protection Act ( Eduardo And Salvador)Revision Data Protection Act ( Eduardo And Salvador)
Revision Data Protection Act ( Eduardo And Salvador)
 
Privacy, human rights and Location Based Services
Privacy, human rights and Location Based ServicesPrivacy, human rights and Location Based Services
Privacy, human rights and Location Based Services
 
Revision Data Protection Act (Eduardo And Salvador)
Revision Data Protection Act (Eduardo And Salvador)Revision Data Protection Act (Eduardo And Salvador)
Revision Data Protection Act (Eduardo And Salvador)
 
Biometric Personal Data, Legal and Technological Utilization Issues
Biometric Personal Data, Legal and Technological Utilization IssuesBiometric Personal Data, Legal and Technological Utilization Issues
Biometric Personal Data, Legal and Technological Utilization Issues
 
2014-04-16 Protection of Personal Information Act Readiness Workshop
2014-04-16 Protection of Personal Information Act Readiness Workshop2014-04-16 Protection of Personal Information Act Readiness Workshop
2014-04-16 Protection of Personal Information Act Readiness Workshop
 
Btk fatih akpinar
Btk fatih akpinarBtk fatih akpinar
Btk fatih akpinar
 
Developing a Legal Framework to Combat Cybercrime
Developing a Legal Framework to Combat CybercrimeDeveloping a Legal Framework to Combat Cybercrime
Developing a Legal Framework to Combat Cybercrime
 
C Zick Foley Hoag FEI presentation 111315
C Zick Foley Hoag FEI presentation 111315C Zick Foley Hoag FEI presentation 111315
C Zick Foley Hoag FEI presentation 111315
 
Where In The World Is Your Sensitive Data?
Where In The World Is Your Sensitive Data?Where In The World Is Your Sensitive Data?
Where In The World Is Your Sensitive Data?
 
Policies and Law in IT
Policies and Law in ITPolicies and Law in IT
Policies and Law in IT
 
George Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler SeminarGeorge Gavras 2010 Fowler Seminar
George Gavras 2010 Fowler Seminar
 
Data Privacy Act in the Philippines
Data Privacy Act in the PhilippinesData Privacy Act in the Philippines
Data Privacy Act in the Philippines
 
PREVENTING ID THEFT GUIDE FOR CONSUMERS
PREVENTING ID THEFT GUIDE FOR CONSUMERSPREVENTING ID THEFT GUIDE FOR CONSUMERS
PREVENTING ID THEFT GUIDE FOR CONSUMERS
 
Corporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy ComplianceCorporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
Corporate & Regulatory Compliance Boot Camp - Data Privacy Compliance
 
PREVENTING IDENTITY THEFT: A GUIDE for CONSUMERS
PREVENTING IDENTITY THEFT: A GUIDE for CONSUMERSPREVENTING IDENTITY THEFT: A GUIDE for CONSUMERS
PREVENTING IDENTITY THEFT: A GUIDE for CONSUMERS
 
Unit 8 DB Identity Theft Article A Chief’s ViewIdentity Thef.docx
Unit 8 DB Identity Theft Article A Chief’s ViewIdentity Thef.docxUnit 8 DB Identity Theft Article A Chief’s ViewIdentity Thef.docx
Unit 8 DB Identity Theft Article A Chief’s ViewIdentity Thef.docx
 

More from ipspat

The Role of Claims Construction in Patent Valuation
The Role of Claims Construction in Patent ValuationThe Role of Claims Construction in Patent Valuation
The Role of Claims Construction in Patent Valuationipspat
 
Building Fences In Cyberspace: Business Method Patents and the Internet
Building Fences In Cyberspace: Business Method Patents and the InternetBuilding Fences In Cyberspace: Business Method Patents and the Internet
Building Fences In Cyberspace: Business Method Patents and the Internetipspat
 
Outsourcing Lessons as Learned and Applied by Agilent
Outsourcing Lessons as Learned and Applied by AgilentOutsourcing Lessons as Learned and Applied by Agilent
Outsourcing Lessons as Learned and Applied by Agilentipspat
 
The Role of Claims Construction in Patent Valuation
The Role of Claims Construction in Patent ValuationThe Role of Claims Construction in Patent Valuation
The Role of Claims Construction in Patent Valuationipspat
 
Information Security Risk Management
Information Security Risk ManagementInformation Security Risk Management
Information Security Risk Managementipspat
 
Social Networking Software
Social Networking SoftwareSocial Networking Software
Social Networking Softwareipspat
 
Overview of Legal Structures for Outsourcing
Overview of Legal Structures for OutsourcingOverview of Legal Structures for Outsourcing
Overview of Legal Structures for Outsourcingipspat
 
Keeping Information Safe: Privacy and Security Issues
Keeping Information Safe: Privacy and Security IssuesKeeping Information Safe: Privacy and Security Issues
Keeping Information Safe: Privacy and Security Issuesipspat
 
Licensing & IP Valutation
Licensing & IP ValutationLicensing & IP Valutation
Licensing & IP Valutationipspat
 
Current Issues in International Cross-Border I.P. Strategies
Current Issues in International Cross-Border I.P. StrategiesCurrent Issues in International Cross-Border I.P. Strategies
Current Issues in International Cross-Border I.P. Strategiesipspat
 
Bridging the Gap: Securing IP
Bridging the Gap: Securing IPBridging the Gap: Securing IP
Bridging the Gap: Securing IPipspat
 
Intellectual Property Rights in Nanotechnology
Intellectual Property Rights in NanotechnologyIntellectual Property Rights in Nanotechnology
Intellectual Property Rights in Nanotechnologyipspat
 
Developing a National Software Strategy: Some IP Considerations
Developing a National Software Strategy: Some IP ConsiderationsDeveloping a National Software Strategy: Some IP Considerations
Developing a National Software Strategy: Some IP Considerationsipspat
 
Changing Relationship Between Venture Capital And Angels - Impact On Funding ...
Changing Relationship Between Venture Capital And Angels - Impact On Funding ...Changing Relationship Between Venture Capital And Angels - Impact On Funding ...
Changing Relationship Between Venture Capital And Angels - Impact On Funding ...ipspat
 

More from ipspat (14)

The Role of Claims Construction in Patent Valuation
The Role of Claims Construction in Patent ValuationThe Role of Claims Construction in Patent Valuation
The Role of Claims Construction in Patent Valuation
 
Building Fences In Cyberspace: Business Method Patents and the Internet
Building Fences In Cyberspace: Business Method Patents and the InternetBuilding Fences In Cyberspace: Business Method Patents and the Internet
Building Fences In Cyberspace: Business Method Patents and the Internet
 
Outsourcing Lessons as Learned and Applied by Agilent
Outsourcing Lessons as Learned and Applied by AgilentOutsourcing Lessons as Learned and Applied by Agilent
Outsourcing Lessons as Learned and Applied by Agilent
 
The Role of Claims Construction in Patent Valuation
The Role of Claims Construction in Patent ValuationThe Role of Claims Construction in Patent Valuation
The Role of Claims Construction in Patent Valuation
 
Information Security Risk Management
Information Security Risk ManagementInformation Security Risk Management
Information Security Risk Management
 
Social Networking Software
Social Networking SoftwareSocial Networking Software
Social Networking Software
 
Overview of Legal Structures for Outsourcing
Overview of Legal Structures for OutsourcingOverview of Legal Structures for Outsourcing
Overview of Legal Structures for Outsourcing
 
Keeping Information Safe: Privacy and Security Issues
Keeping Information Safe: Privacy and Security IssuesKeeping Information Safe: Privacy and Security Issues
Keeping Information Safe: Privacy and Security Issues
 
Licensing & IP Valutation
Licensing & IP ValutationLicensing & IP Valutation
Licensing & IP Valutation
 
Current Issues in International Cross-Border I.P. Strategies
Current Issues in International Cross-Border I.P. StrategiesCurrent Issues in International Cross-Border I.P. Strategies
Current Issues in International Cross-Border I.P. Strategies
 
Bridging the Gap: Securing IP
Bridging the Gap: Securing IPBridging the Gap: Securing IP
Bridging the Gap: Securing IP
 
Intellectual Property Rights in Nanotechnology
Intellectual Property Rights in NanotechnologyIntellectual Property Rights in Nanotechnology
Intellectual Property Rights in Nanotechnology
 
Developing a National Software Strategy: Some IP Considerations
Developing a National Software Strategy: Some IP ConsiderationsDeveloping a National Software Strategy: Some IP Considerations
Developing a National Software Strategy: Some IP Considerations
 
Changing Relationship Between Venture Capital And Angels - Impact On Funding ...
Changing Relationship Between Venture Capital And Angels - Impact On Funding ...Changing Relationship Between Venture Capital And Angels - Impact On Funding ...
Changing Relationship Between Venture Capital And Angels - Impact On Funding ...
 

Recently uploaded

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 

Recently uploaded (20)

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 

California Privacy Law: Resources & Protections

  • 1. CA Privacy Law: Resources & Protections Joanne McNabb, Chief Office of Privacy Protection California Department of Consumer Affairs Intellectual Property Society Seminar, January 20, 2004 1
  • 2. Constitutional Right All people are by nature free and independent and have inalienable rights. Among these are enjoying and defending life and liberty, acquiring, possessing, and protecting property, and pursuing and obtaining safety, happiness, and privacy. Article 1, Section 1, Constitution of the State of California 2
  • 3. Office of Privacy Protection CA is only state with such an agency Created by law passed in 2000 Purpose: “protecting the privacy of individuals’ personal information in a manner consistent with the California Constitution by identifying consumer problems in the privacy area and facilitating development of fair information practices” 3
  • 4. Office of Privacy Protection Office functions Consumer assistance Education and information Coordination with law enforcement Best practice recommendations 4
  • 5. Concerns of Contacts to OPP 40% 38% 30% 20% 17% 15% 9% 8% 10% 6% 2% 3% 3% 0% s s s g l d l l rn im tice etin cia i te i ca era PP nc e V ict a c rk an o l ic ed en O n t Co eft Pr em a Fi ns M G ef Th ies & Tel rU T h ID i c th e ID Pol O 11/01-12/03 5
  • 6. Education and Information Consumer Information Sheets ID theft prevention, victim checklist, “criminal” ID theft Protecting SSNs, reading privacy policies, controlling unwanted communications Health info privacy Workshops and presentations 86 for consumers, 64 for business (11/01-12/03) 6
  • 7. Work with Law Enforcement Advisory Committee to High Tech Crimes/Identity Theft Task Force 5 regional task forces of local, state and federal law enforcement Provide information on new laws via web site Make case referrals 7
  • 8. “Best Practice” Recommendations Recommendations of “best practices,” beyond legal requirements By phone in response to requests Written sets developed with advisory groups SSN Confidentiality Notification of Security Breach 8
  • 9. CA Privacy Laws Enacted 1999-2003 18 16 16 15 14 12 10 9 8 7 6 5 4 2 0 1999 2000 2001 2002 2003 9
  • 10. Fair Information Practice Principles (FIPS) Transparency Collection Limitation Purpose Specification Use Limitation Data Quality Individual Participation Security Accountability 10
  • 11. CA Privacy Laws & FIPs Limits on collection of personal info Limits on use of personal info Requirements of notice of privacy rights Limits on unwanted commercial communications Requirements for data security Requirements for individual access to personal info Rights & remedies for identity theft victims 11
  • 12. Limits on Collection of Personal Information Ban on recording any personal info when accepting payment by credit card Ban on recording DL # when accepting payment by check Ban on collecting DL# and SSN for supermarket club cards Ban on wiretapping, CATV/satellite TV monitoring Ban on state agency collecting personal info not authorized by law or regulation (IPA) 12
  • 13. Limits on Use of Personal Information 1 Info “swiped” from drivers licenses (except for age verification, etc.) Onward sharing of “marketing info” of credit card holders subject to opt-out right Public display of Social Security numbers Onward sharing of personal info collected for supermarket club cards 13
  • 14. Limits on Use of Personal Information 2 Printing of >5 digits of credit card numbers on electronic customer receipts Onward sharing of residential telephone customer calling patterns, financial info, etc. Use by state agency other than as authorized by law (IPA, but cf. Public Records Act) 14
  • 15. Limits on Use of Personal Information 3 Onward sharing of medical info, other than for TPO, subject to prior consent Use of medical info for marketing purposes, as defined Limited access to birth/death certificates, no SSNs or MMNs on publicly available birth/death record indices 15
  • 16. Limits on Use of Personal Information 4 Sharing of consumer credit & background info, except for specified purposes, by CRAs, Investigative RAs (but cf. FCRA/FACTA) Sharing of personal financial info w/ 3rd parties by financial institutions (SB 1, eff. 7/1/04) Use of auto “black box” data for other than vehicle safety, etc. (AB 213, eff. 7/1/04) 16
  • 17. Notice Requirements 1 Notice of security breach involving specified personal info Notice to vets from county recorder re DD214s as public records Notice on collection of personal info by state agencies (IPA) Privacy policy notice in state offices and on agency web sites 17
  • 18. Notice Requirements 2 Notice of privacy policies/practices on commercial web sites collecting personal info on CA residents (AB 68, eff. 7/04) Upon request, notice to customer of info sharing details or opt-out opportunity (SB 27, eff. 1/05) Notice of presence of auto “black box” in owner’s manual or subscription contract (AB 213, eff. 7/04) 18
  • 19. Data Security Destruction of customer records by businesses by shredding, etc. Activation process required on substitute credit cards mailed to consumers Credit/debit card “skimmers” outlawed State agencies must use security safeguards to protect personal info (IPA) 19
  • 20. Individual Access to Information Access to and right to correct personal info in records of state agencies (IPA) Access to and right to dispute personal info in medical records (PAHRA, cf. federal HIPAA) 20
  • 21. Limits on Commercial Communications Do-Not-Call Registry (state/federal laws) Ban on unsolicited commercial text messages sent to cell phones/pagers Ban on spam sent in violation of ISP’s policy Ban on spam sent w/out prior consent of recipient (but cf. federal CAN SPAM Act) 21
  • 22. Identity Theft Rights & Remedies Definition of crime, including possession of documents with intent to defraud Requirement of local police to take report Expedited judicial process for victims Database for victims of “criminal” ID theft Victim rights in debt collection and against claimants Victim access to documents on fraudulent accounts (but cf. FCRA/FACTA) 22
  • 23. Joanne McNabb, Chief Office of Privacy Protection California Department of Consumer Affairs 400 R Street, Suite 3080 Sacramento, CA 95814 916-322-4420 www.privacy.ca.gov 866-785-9663 23