Whack a mole, with whomever has the most force winning (usually a nation state).
Consider an analogy to a filesystem. If I delete a file, the bits aren't actually gone and are recoverable (at least for a while). But no-one (as far as I know) is saying we need to scrub or smash hard drives to pieces on customer request. We simply tell our storage system not to present this information to us anymore.
Similarly, in any immutable log based system (like many databases), you wouldn't delete a record by actually removing the information - instead you write a tombstone that says "this information was deleted", and then queries will not return it.
If you're using the blockchain to store information, then you simply need to teach your system that retrieves that information to recognise some kind of tombstone, and you need to honor that tombstone. It's besides the point whether anyone else continues to use the information, similarly to if you'd published it on your website then someone had copied it - even if you delete it, other people are under no obligation to also delete it.
Further, reference to Sorrell vs IMS seems very contrived to me (not a lawyer though), as it deals with B2B records (DR prescribing history) as opposed to purely consumer rights or privacy. https://en.m.wikipedia.org/wiki/Sorrell_v._IMS_Health_Inc.
Outcome was that the law was struck down as restricting data mining company’s first amendment rights.
But there sure is s coordinated push of badly written articles spreading FUD about it...
I'm open to the proposition that there's something horrible here but 1) the linked article doesn't seems to able to find any and 2) it does do a good job of selling me on the idea that this law is better than the ballot initiative we'll get if this doesn't pass.
So...what are we meant to do with this info? Call up our local legislators (if we live in CA) and tell them to pass it? (Or...not pass it? I'm honestly confused what the author wants.) There's no call to action here I can see, probably because there's nothing meaningful to do, in which case...maybe take a few more days and make a readable analysis of whatever ends up passing? Because this just feels like fearmongering.
I am a bit wary of something that pops up out of the blue, looking helpful - "never let a good crisis go to waste" and all that. And I'm generally skeptical of "making more laws". But what are the specific flaws in this one?
The indictment seems to be focused on time, meaning there could be flaws we cannot find. But given this is an adversarial process, it also means there (hopefully) hasn't been much of a chance for every entrenched interest to compromise with each other at the people's expense!
The tech giants will eventually benefit from this type of legislation, because after the initial shock it will just help them consolidate. For instance (contrary to the linked FUD), "mom and pop [retail] stores" already don't have to worry about handling customers' information, as that's encapsulated by the payment processors.
So now every little business that wants to use surveillance against their customers will be pushed to go through some centralizer (eg Google). Though from the perspective of the unwillingly surveilled, this isn't really that bad either - eg gaining the ability to actually break up with clingy and histrionic Faceboot.
The big question is if this ability to delete the files being kept about ourselves will remain unneutered, or whether the surveillance industry will eventually succeed in eroding it under some guise of indefinite consent or nebulous mingling of orthogonal purposes.
Another big test will be if the law can be successfully applied against say Experian.
It's really easy to check this, and the answer is no they're not positive on such legislation:
"Amazon, Microsoft, and Uber are paying big money to kill a California privacy initiative": https://www.theverge.com/2018/6/15/17468292/amazon-microsoft...
Only facebook left this group of tech companies opposing this after his testimony in Washington (probably wanted to avoid even more bad PR).
"Facebook exits group opposing California's proposed privacy law": https://www.cnet.com/news/facebook-drops-opposition-to-calif...
It's like how the health insurance companies were really against "Obamacare", while now it has cemented their ability to compel your patronage.
not a claim I would believe without a lot of evidence.
How does this work when someone requests that a company delete all invoices related to them?
I think the cat is already out of the bag. We saw how engaging the public works with the legislature. California net neutrality is a recent case in point.
I would argue that the being frozen thing is a good thing. In fact, I think we need to make this proposition system stronger. Once a proposal meets certification, the applicant or anyone may not withdraw it. This I think reduced chances of reckless gambling behavior.
The California initiative process, introduced around 1911 by crusading progressive governor Hiram Johnson to curb a venal legislature in hock to special interests, worked as designed in this case. Of course special interests adapted and learned to coopt the process, as the sugary-drinks industry is doing with its own initiative to arm-twist the State into preempting local soda taxes like Berkeley’s or San Francisco’s.
The privacy initiative took 2 years of preparation, not 7 days: https://www.theregister.co.uk/2018/06/29/california_data_pri...
Calling direct democracy an "unwelcome workaround to our democratic institutions" and saying it needs to be "eliminated" is a bit much. If the legislature was doing its job properly and giving the people what they want, they couldn't be motivated to support an initiative like this.
Or one of those stakeholders or a chairman beholden to those stakeholders would have pulled the same move that just happened with CAs net neutrality bill and used the process to poison-pill it.
