In a surprising twist, the growing popularity of states legalizing marijuana could be another impetus for strong federal privacy regulations. The movement to protect consumer rights is occurring as many marketing industry executives are carefully scrutinizing the impact of the European Union’s General Data Protection Regulation (GDPR).
At least some industry executives appear to support a federal privacy standard. This past fall, executives from Google and Apple spoke in favor of regulations that will help consumers feel confident that their privacy will be protected when using technology.
Apple CEO Tim Cook maintains that such regulation is essential to ensure that technology reaches its full potential, reports Fortune.
On one hand, the comments from Cook are not surprising. Last summer, Apple announced that the latest version of its Safari web browser includes technology to prevent Facebook and other data companies from tracking users’ internet activities, according to Wired.
Yet, other factors, such as fears about a complex network of potential state regulations, are driving some industry executives to support federal legislation that protects privacy. In a Fortune in October, Danny Allan, Veeam Vice President of Product Strategy, criticized California passing a data privacy law in June.
The commentary maintains that California, which is the first state to take such action, will give consumers the right to see what data is being sold when the law goes into effect in 2020. Consumers will also be able to tell organizations to stop selling the data.
In some regards, the law is similar to the General Data Protection Regulation that was passed by the European Union in 2016. The commentary argues that the vague wording of the California law and the potential for other states to pass their own regulations is “the stuff CIO nightmares are made of.”
Rather than having individual states pass distinct regulations, it would make sense to create a federal regulation modeled off of the GDPR because U.S. tech firms already have systems in place to deal with the European law. Federal regulations could preempt state laws.
Support for a federal privacy law may also be driven by growing demand among the general public for consumer rights legislation. In a recent study by the Progressive Policy Institute, 60% of survey respondents said they have concerns about privacy and data protection, reports Project DisCo, a publication from the Disruptive Competition Project.
The legalization of marijuana, especially for recreational purposes, is also increasing concerns about data privacy. Massachusetts recently legalized sales of recreational marijuana and requires pot purchasers to have government issued identification cards. The cards are scanned with technology that is similar to technology used at nightclubs to block underage individuals.
R. David Edelman, a cybersecurity researcher at MIT, maintains, however, that data from identification cards can be kept by pot dispensers, which creates the risk that information on individuals’ private habits could be exposed. So reports The Boston Herald.
The data could be used by federal law enforcement officials or by organizations seeking to conduct background checks on individuals, he maintains. So far, representatives of the state’s two dispensers maintain that they will not retain the data.
California, meanwhile, has passed regulations that apply the same privacy protections to recreational marijuana users that currently apply to medical cannabis users, according to the California Cannabis Portal.
Data, however, can be shared for processing payments and for use by government officials for official purposes. The law is primarily intended to prevent data about pot customers from being sold or traded for commercial purposes.
In Canada, meanwhile, a data breach has exposed the records of approximately 4,500 marijuana orders, reports Bloomberg Law. The Ontario Cannabis Store announced the data breach in early November.