Election News

Making their voices heard at the polls, Californians voted on a number of candidates and measures that may affect their privacy rights.

California voters elected Democratic State Senator Debra Bowen, who prevailed in a tight race for Secretary of State over Republican incumbent Bruce McPherson.  Bowen has authored significant privacy legislation in California, including security freeze legislation, and campaigned on a platform focused on privacy rights, including security and reliability questions surrounding the use of electronic voting machines.

Californians have rejected Proposition 85, with 54% of voters voting no on the measure, which would have prohibited abortion for a minor until 48 hours after a physician notifies her parent or legal guardian, except in cases of medical emergency or a parental waiver.  Proposition 85 was similar to last year’s Proposition 73, which lost by a six percent margin.  Opponents of the measure argued it would endanger at-risk minors and threaten privacy rights.  In 1997, the California Supreme Court struck down as violative of the right of privacy guaranteed by article I, section 1, of the California Constitution, a law requiring minors to obtain parental consent or court approval prior to an abortion.  American Academy of Pediatrics v. Lungren, S041459.

On Monday, the Court of Appeal, Second Appellate District upheld the validity of California’s “security freeze” law, section 1785.11.2 of the California Civil Code, but nonetheless enjoined under the First Amendment its application to the U.D. Registry (“U.D.”), a provider of credit reports drawn in material part from public records.  U.D. Registry, Inc. v. State of California, B179653 & B186012 (October 30, 2006).

California’s Security Freeze Law

Section 1785.11.2, authored by Senator Debra Bowen, was enacted to enhance protection of consumers from identity theft by allowing them to place fraud alerts on their credit reports and to prevent or control the release of those reports, and by prohibiting specified government and business uses of social security numbers.

The security freeze law provides, among other things, that “[a] consumer may elect to place a security freeze on his or her credit report by making a request in writing by certified mail to a consumer credit reporting agency.”  If such a security freeze is in place, “information from a consumer’s credit report may not be released to a third party without prior express authorization from the consumer.”  A consumer credit reporting agency has five business days to place a freeze on a credit report after receiving a written request.

Section 1785.11.2 was intended in part to shift some of the identity theft burden from consumers to credit reporting agencies.  Also of concern to California lawmakers, as noted by the U.D. Registry court, was “a consumer’s right to control the use of his or her personal and financial information.”

Welcome to the LACBA California Privacy Law blog. This blog will provide a forum for summary and discussion of recent developments in California privacy law. California was the first state in the nation to require operators of commercial websites or online services to post privacy policies, and was the first state to pass legislation requiring notification to customers for security breaches of personal information. California continues to pioneer new legislation and policy to address growing concerns regarding individual privacy rights in the information age. The last few weeks have seen the usual flurry of activity on the privacy front in California.[1]
 

Recent California Privacy Law Developments

In the wake of the Hewlett-Packard pretexting revelations, Attorney General Bill Lockyer filed criminal fraud and conspiracy charges in Santa Clara County against former HP chairman Patricia Dunn and four others.  Also, Governor Schwarzenegger signed a bill (S.B. 202), effective January 1, 2007, prohibiting the sale or purchase of a consumer’s phone records without the consumer’s written consent and the practice of obtaining such records by fraud or deceit.

In the same time period, the California Supreme Court refused to reconsider or modify its ruling in Kearney v. Salomon Smith Barney, Inc., 39 Cal.4th 95 (2006), which held that out-of-state companies are subject to California law requiring two-party consent for the recording of telephone conversations made to or received from California.  For more on Kearney, click here.