California Secretary of State Debra Bowen has allowed signature collection to commence for a ballot initiative, named the Personal Privacy Protection Act, that could drastically alter the California privacy regime. The initiative, led by former state Senator Steve Peace and retired attorney Michael Thorsnes, seeks to amend the California Constitution to define personally identifiable information as “any information which can be used to distinguish or trace a natural person’s identity which is linked or linkable to a specific natural person” but excludes information that is publicly available from government records. The definition of personally identifying information would also explicitly include “financial and/or health information.”
In addition to defining personally identifiable information, the initiative would create a presumption that such information is confidential and would establish a presumption of harm if shared without a consumer’s express consent, unless it was disclosed for a compelling interest and there was no reasonable alternative for accomplishing that interest.
To reach the November 2014 ballot, initiative supporters would have to gather 807,615 signatures of registered voters by February 24, 2014. If approved by California voters, it would take effect January 1, 2016.
Written by Nick Stamos, Associate, Technology and Privacy Group, and Claire Lucy Readhead, Associate, Privacy & Data Security | Alston & Bird LLP