Thursday, April 14, 2011

California Reader Privacy Act (and data breach bill) Clears Legislative Hurdle

For a more detailed post on a recently proposed bill in California that would protect digital reader privacy you can go here. I will rehash some of it now for those that haven't been here before...but most important for you to know is the legislation just passed its first major hurdle, as it won approval by the Senate Judiciary Committee by a vote of 4 to 0, with one Republican abstaining. In addition, SB 24 (Simitian), a critical data breach protection bill passed the State Senate. Click here more information about that bill. 

So why do we need to update our laws to protect the privacy of digital readers? Easy...there are NO protections as of yet, so the logic is simple...digital readers should have the same protections as someone that checks out a book from the library (a privacy right still protected, though under a withering Patriot Act assault).

As I wrote last post, as Californians increasingly turn to electronic books and online book services, it is essential to safeguard the reader’s browsing, buying, and viewing information as such details reveal private information about political and religious beliefs, health concerns, and personal lives.


Digital books are now outselling paperbacks on Amazon.com, readers are turning to online services like Google Books, and analysts expect that over 18-million e-readers will be sold in 2012. As companies collect more detailed reader information -- including books browsed, how long a page is viewed, and even the notes written in the margins -- reading records are becoming a larger target for government surveillance.

In other words, without strong privacy protections, all of our browsing and reading history could be collected, analyzed, and turned over to the government or third parties without our knowledge or consent. In light of what has transpired in this country since the Patriot Act, none of this should sound like undue paranoia - its based on a now long history of corporate and governmental abuses of citizen privacy.

We're not talking about just another library mind you - librarians utilize a different standards for dealing with user information than does the online world. Many libraries routinely delete borrower information, and organizations such as the American Library Association have fought hard to preserve the privacy of their patrons in the face of laws such as the U.S. Patriot Act.

The concerns of privacy advocates are not hypothetical. Our country has a long history of government efforts to compel libraries and booksellers to turn over customer records and information. Why would anyone believe, particularly after the warrantless wiretapping scandal, that the government won't ask a company like Google to turn over the treasure trove of private personal information it has on millions of Americans?

The SB 602 Solution

The Reader Privacy Act would ensure that government and third parties cannot access private reading records without proper justification. The bill permits disclosure of personal information related to reading records when an individual consents to the disclosure and where there are exigent circumstances.

In addition, personal information must be shared when a government entity or private party obtains a warrant or court order upon a showing of a compelling interest, and the warrant or order is the least intrusive means to obtain the information desired.

Notice and opportunity to contest the order must be given to the book seller or provider.  In civil cases, the reader would have the notice and opportunity to contest; while in criminal cases, the reader would not be given advance notice. This allows readers the reasonable ability to protect themselves.
The bill would also establish clear rules for businesses and standards for government and third party access to reader records. Under SB 602, consumers will be able to feel comfortable using new digital book services and technology without worrying that their personal information will be unprotected. California should promote the use of new technology by ensuring that upgraded technology does not mean downgraded privacy.

Let me quote the Electronic Frontier Foundation's (a leading advocate for this legislation) Rebecca Jeschke , who wrote, ...the books we choose to read reveal private information about our political and religious beliefs or interests, our health concerns, our financial situation, and our personal and professional lives. Maintaining reader privacy is fundamental to the dignity of Californians, and this principle is well ensconced in state law. However, with the market for digital books exploding, the law needs an update for the 21st Century.

Digital book services, libraries, and bookstores collect far more information than physical bookstores and libraries do. The data can include books browsed, how long a page is viewed, and even the electronic notes written in the margins. It's not hard to see the detailed portrait this could paint of your life. Without legislative protection, that information is a tempting target for the government or other litigants, like those involved in divorce cases, custody battles, or insurance disputes
...Californians should let their state lawmakers know that this bill is key to updating privacy law for the digital age and ask them to support SB 602....

The bill now moves to the State Senate appropriations committee. I'll keep you updated here.

No comments: