Schedule a Consultation: 858.483.9200

Can “Data Dividends” Make the Consumer Privacy Act Workable for San Diego Businesses

Governor Gavin Newsom recently proposed what he called a “data dividend” that all California consumers should be paid when their personal data is collected. The Governor believes that consumers should “share in the wealth that is created from their data.” See CNN report here. The Governor did not provide any details but maybe he was thinking about a business model along the lines of YouTube which monetizes some of the videos that are uploaded by consumers. Payments vary depending on subscribers, views, and comments and whether advertisers are willing to post short advertisements during video playback.

In any event, in considering the idea, it is possible that the “data dividend” concept could be a potential option for dealing with the complexity of the California Consumer Privacy Act. See Cal. Civ. Code, § 1798.100 et seq. The Act will go into effect next year and requires various layers of consent and disclosures when a company collects, stores, and uses personal data collected from consumers.

One of biggest potential hurdles in tracking consents and “data dividends” might be an administratively workable method of tracking consents. The California Consumer Privacy Act specifically allows and seemingly encourages payments to consumer for data collection. Section 1798.125(b)(1) of the Act provides:

“A business may offer financial incentives, including payments to consumers as compensation, for the collection of personal information, the sale of personal information, or the deletion of personal information. A business may also offer a different price, rate, level, or quality of goods or services to the consumer if that price or difference is directly related to the value provided to the consumer by the consumer’s data.”

Subsection (b) also mandates that various disclosures must be provided to the consumer, that consumers be notified of the price being paid for use of their data, that opt-in consents must be signed, that consent can be revoked, and more.

As noted, this pay-to-play provision might be a possible solution to a complex administrative problem of tracking consents. Let us say you offer a service that collects various personal data. If you offer an additional tier of pricing — say a $3 a month discount — this might be an easy method of collecting the necessary consents and tracking any revoked consents. The price being paid is an easy method of keeping track of which customers have consented, which have not, and which have revoked consent. Many services, such as cellular phone service contracts, already use a similar method for encouraging consumers to make payments via automatic withdrawals or automatic credit card debits. So the programing and online forms are already extant and, in theory, could easily be modified to cover data collection.

Now, obviously, this may not have been what Governor Newsom had in mind with his idea of “data dividends.” Indeed, the consumer is not really being paid for the value of his or her data. Rather, this is more about contract management, administrative tracking, and providing various shields in the event of litigation.

As we have discussed on this blog, actions and behavior can be seen as evidence of consent to contractual terms. Likewise, taking the benefit of a contract can be a basis for saying the consumer consented. In this manner, arguing to a judge that the customer took advantage of the discount is powerful evidence that the consumer consented to the collection of his or her data even if, for example, the actual consent form is lost, destroyed or if a judge holds that your San Diego business’ online box-to-click-for-consent was not conspicuous enough.

Contracts and online Terms of Service agreement must be updated before the Act becomes effective. In addition to the consents, proper and effective and conspicuous disclosures will be required to tell your consumers what data is being collected, how it is used and stored, how long it is stored and how and when it is destroyed. You will need to retain an experienced San Diego corporate attorney to help ensure that your business will be compliant when the time comes.

Call San Diego Corporate Law Today

For more information, call corporate attorney Michael Leonard, Esq., of San Diego Corporate Law. Mr. Leonard’s law practice is focused on business, transactional, and corporate matters and he proudly provides legal services to business owners in San Diego and the surrounding communities. Call Mr. Leonard at (858) 483-9200 or contact him via email. Like us on Facebook.

You Might Also Like:

Prepare to Protect Biometric Data

CCPA Will Apply to Employees and Job Candidates

Update: 2018 California Consumer Privacy Act is Amended

What the California Consumer Privacy Act of 2018 Means for San Diego Businesses

Data Breaches and Data Protection for San Diego Businesses

Need a Corporate Attorney?

SCHEDULE A CONSULTATION

Schedule a Consultation: 858.483.9200