If you are a resident of California, the state now has a portal where you can demand deletion of your personal data from 500+ registered data brokers with a single request form, for free.
https://hachyderm.io/@evacide/115823137786391729
Note: aside from this thread, there is also further discussion in the linked Mastodon toot.
Here’s how it’s gonna go:
Government of california: “delete this”
Company: no
Gov: okay well here’s a fine for $200 million, don’t do it again
Company: that’s fine, we made $1.8 billion with the data, this is just the cost of doing business
repeats next year but with a sternly worded letter
Prove me wrong, California. Break companies out of existence when they break the law. Don’t just slap them on the wrist with a fine.
Fine them $1 million per day per person who still has data on their site if they submitted the form.
Really, these types of services need to be opt-in instead of opt-out.
They need to not exist.
I appreciate your cynicism, but I’m not personally inclined towards it. I think what it will ultimately boil down to, which you alluded to, is how the law is enforced. If they get fined as a first measure but then get taken to court for a second failure by California’s attorney general and get subsequently bankrupted, it might stand as an example to others.
Or maybe they’ll still say the potential risk is still worth it. I dunno. We’ll just have to see how this goes, but it’s still better than the current options, which are:
- Trying to navigate deleting your own data, staying on top of it, and hoping they’re actually deleting things.
- Paying a private company to do it and hope they’re not just pocketing your money.
- Doing nothing and getting butt-fucked by surveillance capitalism.
None of those are great, so I’m hopeful this is the start of something better.
Earlier in the year I read an article claiming that something like 40% of the data brokers doing business here (ie collecting data on California citizens) don’t comply with elements of existing law, such as registering with the CA secretary of state. So the author wasn’t bullish on the idea that they’d suddenly start just because there’s a new law. They are sayign the AG will aggressively pursue violators, but we’ll see.
If nothing else, we’ll have one more data store to get hacked.
FYI the terms say brokers don’t have to comply until August 2026, so it may take a while to see a difference
I believe it’s 90 days after August 2026.
Good job California! You’re making some positive moves!
“What about the other 1000+?”
“Well, it’s a start.”
Most of the “500+” will simply ignore their legal requirements and eat the fine.
But some won’t.
So it’s better than continuing to do nothing, it’s at least vocally (legally) saying they aren’t cool with it.
deleted by creator
Atta’boy…
