One month after the California Senate passed privacy bill S.B. 590 on the last day of its legislative session, Gov. Gray Davis vetoed the bill late Oct. 12 during a frenzy of legislative action on his way out of office.
Though it was just one of 200 bills vetoed or approved by the embattled governor prior to the Monday deadline, it was the only bill of four relating to data collection to get vetoed this session.
As passed Sept. 12, the bill would have prohibited marketers from requiring customers to provide personal information irrelevant to the completion of a transaction. It also would have required that businesses sharing customer data with third parties give consumers notice and the choice to opt out.
S.B. 590 was introduced in February by state Sen. Jackie Speier and passed the Senate on May 12. Before an amendment was added in the Assembly, the bill prohibited all sharing of consumer data except for the completion of transactions. The California Senate passed the amended bill 25-12 and sent it to Davis.
Though it is unclear why Davis vetoed the bill, his veto statement said in part, “While I respect Senator Speier's courage and her ever-present leadership on this and a wide range of important legislative matters, regretfully I must return this measure to the Legislature for further consideration in the next legislative session in order to resolve a number of outstanding issues.” The statement did not spell out what the issues were.
Speier spokesman Robert Herrell said, “No final decisions have been made but it's certainly possible that the bill will be introduced by the senator early next year.”
The senator has no problem with marketers collecting data voluntarily from consumers, he said, but consumers must be able to opt out of any data collection that is unnecessary to complete a transaction at the time of purchase.
“From a common sense perspective there is no reason that consumers should be forced or coerced to give out information that they don't need to,” Herrell added.
Davis did sign into law on Oct. 12 A.B. 68, a bill written by Assemblyman Joe Simitian that requires Web sites or online services that collect personal information to post privacy policies.
Among other data-related bills that Davis signed into law recently was another from Speier. S.B. 1 mandates opt-in consent for the sharing of financial data and is set to take effect July 1, 2004. It was passed Aug. 19 after amendments were made and several financial institutions backed down in their opposition to avoid a stricter March ballot initiative.
Though Davis signed S.B. 1 in August, enactment of the law depends on whether the U.S. Senate renews the state pre-emption provision of the Fair Credit Reporting Act, which is set to expire Jan. 1. Permanent state pre-emption already passed 392-30 in the House of Representatives on Sept. 10.
On Sept. 24, Davis signed S.B. 27, dubbed “Shine the Light.” The bill was authored by state Sen. Liz Figueroa. As introduced, the bill would have required companies to keep records of all customer data that is shared with third parties offline or online for direct marketing purposes. It also would have required companies to provide a consumer with all the data that was shared and the names of the third-party data users within 30 days of a request by the consumer. It would affect any company doing business in California.