Prop 24
Since we passed the California Consumer Privacy Act (CCPA), two things have happened: First, some of the world’s largest companies have actively and explicitly prioritized weakening the law. Second, technological tools have evolved in ways that exploit a consumer’s data with potentially dangerous consequences. We believe using a consumer’s data in these ways is not only immoral, but it also threatens our democracy. So we introduced the California Privacy Rights Act (CPRA), that was enacted into law with the passage of Proposition 24.
Proposition 24 — the California Privacy Rights Act of 2020 — gives consumers the power to take back control over our information from thousands of giant corporations. Here are some of the new privacy rights you get with Prop 24:
Protects Our Personal Information
Prop 24 creates new rights to stop businesses from using our sensitive personal information, including our health and financial data. Prop 24 stops companies from selling location data without our knowledge or consent.
Safeguards our Children’s Privacy
Prop 24 will triple fines for collecting and selling children’s private information. Prop 24 will require opt-in consent for the sale of personal information from consumers under 16.
Establishes a Privacy Agency
Prop 24 will establish the California Privacy Protection Agency to protect consumer rights and to give consumers control over their personal data.
| Components | Existing Law | Prop 24 |
| Right to Know What Information a Business has Collected About You |  |
|
| Right to Say No to Sale of Your Info | |
|
| Right to Delete Your Information | |
|
| Data Security: Businesses Required to Keep Your Info Safe | |
|
| Data Portability: Right to Access Your Information in Portable Format | |
|
| Special Protections for Minors | |
|
| Requires Easy “Do Not Sell My Info” Button for Consumers | |
|
| Provides Ability to Browser with No Pop-Ups or Sale of Your Information |  |
|
| Penalties if Email Plus Password Stolen Due to Negligence | |
|
| Right to Restrict Use of Sensitive Personal Information | |
|
| Right to Correct Your Data | |
|
| Storage Limitation: Right to Prevent Companies from Storing Info Longer than Necessary | |
|
| Data Minimization: Right to Prevent Companies from Collecting More Info than Necessary | |
|
| Right to Opt Out of Advertisers Using Precise Geolocation (< than 1/3 mile) | |
|
| Ability to Override Privacy in Emergencies (Threat of Injury / Death to a Consumer) | |
|
| Provides Transparency Around “Profiling” and “Automated Decision Making” | |
|
| Establishes California Privacy Protection Agency to Protect Consumers | |
|
| Restrictions on Onward Transfer to Protect Your Personal Information | |
|
| Requires High Risk Data Processors to Perform Regular Cybersecurity Audits | |
|
| Requires High Risk Data Processors to Preform Regular Risk Assessments | |
|
| Appoints Chief Auditor with Power to Audit Businesses’ Data Practices | |
|
| Protects California Privacy Law from being Weakened in Legislature | |
|
The California Consumer Privacy Act of 2018, the most sweeping consumer privacy legislation in the nation, grants new data privacy rights for every Californian. CCPA gives you the power to take back control of your personal information, including:
The Right to Know
You have the right to know what personal information a business has collected on you – and you should.
The Right to Say No
You have the right to say no to the sale of your personal information – and you should.
Hold Big Corporations Accountable
You have the right to hold businesses responsible for safeguarding your personal information – and you should.