Local governments around the country are already collecting and retaining personally identifiable information (PII), and in some cases, selling it:

• The Los Angeles Department of Transportation receives geodata from thousands of dock-less scooters available for use around the city.
• The California Department of Motor Vehicles generates $50 million in revenue for selling drivers’ personal information.

What Local Governments Can Learn from CCPA
Local governments will need to prepare for the very possible future of changing their public records management practices as constituents become more mindful about how their personal information is used or shared.

More bills may even take inspiration from CCPA, which enables California consumers to:

• Demand all information the company has collected and saved on them in the past 12 months.
• Demand the deletion of their data.
• Learn how their data is processed.
• See a list of all third parties who may have access to their information.
• Opt-out of the sale of their personal information to third parties.
• Sue organizations if the privacy guidelines are violated, even if there is no breach.

A major criticism of the CCPA is that it excludes California state and local governments’ collection and use of personal information. This doesn’t mean agencies are off the hook. There’s already discussion on applying similar controls to California governments.

And with the governor signing five amendments to the CCPA just months from its enforcement date, it proves that data privacy laws are constantly evolving and can shift at a moment’s notice.

To learn how your agency can better prepare itself for data privacy laws like CCPA, read our guide, How CCPA Impacts Public Records Management.