We support stronger privacy regulations in California

ProtonMail has joined 23 other tech companies to endorse the Privacy for All Act of 2019, which would give millions of people more control over their data.

We want everyone to have access to online privacy and security. It’s why we created ProtonMail and ProtonVPN. But technological tools alone can’t get us there. We need legal frameworks that protect end-to-end encryption and prioritize privacy as a fundamental human right.

In Europe, the General Data Protection Regulation (GDPR) is pushing back against surveillance-based business models and rampant personal data harvesting. By requiring encryption where feasible and forcing companies to legally justify data processing, the GDPR helps users take back control of the personal information they rightfully own.

But privacy isn’t just a European value. In the United States, where privacy protections fall woefully short of modern standards, the California Consumer Privacy Act serves as a testbed for national legislation. The CCPA isn’t as strong as the GDPR, but it’s much better than nothing.

Not every tech company agrees with us. While paying lip service to privacy, Google, Facebook, and Amazon have paid hundreds of thousands of dollars for lobbyists to undermine privacy laws. One of the firms they sponsor has proposed a weaker federal law that would erase California’s progress by preempting state-level privacy regulations.

While some companies are working against consumers, we have joined together with 23 other tech companies to support better privacy safeguards. On Tuesday, we sent a joint letter to the California State Assembly to support the Privacy for All Act of 2019. This amendment to the CCPA is intended to close loopholes and add protections missing from the original law. You can read more about what the Privacy for All Act does here.

Mass surveillance is not a business model that is good for society. ProtonMail and the other signatories of this letter stand as proof that what’s good for privacy and what’s good for tech companies are not mutually exclusive. We strongly support Privacy for All as another step toward online privacy for all Americans.

****

April 16, 2019

Dear Assemblymember Chau,

We are pleased to support A.B. 1760, sponsored by Assemblymember Buffy Wicks, as a vital addition to privacy protections in the state of California. We thank you for your commitment to the essential area of privacy, and your crucial role in the passage of the California Consumer Privacy Act (CCPA) last year.

We are a broad coalition of for-profit companies that share that privacy commitment and support the CCPA. All of us have California customers and we are currently subject to CCPA’s requirements or may be subject to them in the foreseeable future. As companies that put user privacy at the core of our products and services, we also support legislation that builds on CCPA’s foundation. Our relationship with our users is built on trust—trust that the data they provide to us and other companies will be used only in the ways they understand and expect.

A.B. 1760 holds all covered companies to that standard and makes sure that Californians’ information is protected by default. It will give all Californians the knowledge and power to truly control their personal information, as well as the ability to practically exercise and legally enforce their privacy rights, all without being punished with higher prices or degraded service.

We appreciate and support your committee’s important efforts to provide all Californians with the privacy rights they want and deserve. Thank you again for your leadership on this important issue.

Sincerely,

Duck Duck Go, Inc.
Gabriel Weinberg, Founder and CEO

Brave Software Inc.
Dr. Johnny Ryan, Chief Policy & Industry Relations Officer

Proton Technologies AG
Dr. Andy Yen, CEO

Disconnect, Inc.
Casey Oppenheim, CEO

Vivaldi Technologies LLC
Tatsuki Tomita, Chief Operating Officer

Tresorit AG
Istvan Lam, Co-Founder & CEO

Lavabit LLC
Richard Delgado, COO

Fastmail Pty Ltd
Bron Gondwana, CEO

Fastmail US LLC
Helen Horstmann-Allen, COO

Ecosia GmbH
Christian Kroll, CEO & Founder

Mycroft AI Inc.
Eric Jurgeson, Vice-President

Purism, SPC
Todd Weaver, CEO

Discourse, aka Civilized Discourse Construction Kit, Inc.
Jeff Atwood, CEO

Shiny Frog Limited, aka Bear
Matteo Rattotti, Founder

Sgrouples, Inc. dba “MeWe”
Mark Weinstein, Founder & CEO

Nextcloud GmbH
Frank Karlitschek, CEO

Whaller SAS
Thomas Fauré, CEO

Virtru Corp.
Andrea Little Limbago, PhD
Chief Social Scientist

Tutao GmbH, aka Tutanota
Matthias Pfau, Co-Founder

Snips SAS
Dr. Rand Hindi, PhD
Co-Founder & CEO

Bit Chute Limited
Ray Vahey, Founder & CEO

Mailr Tech LLP, aka Canary Mail
Sohel Sanghani, CEO

Conva Ventures Inc., aka Fathom Analytics
Jack Ellis & Paul Jarvis, Directors

Cliqz GmbH, aka Ghostery
Jeremy Tillman, President

You can get a free secure email account from ProtonMail here.

We also provide a free VPN service to protect your privacy.

ProtonMail and ProtonVPN are funded by community contributions. If you would like to support our development efforts, you can upgrade to a paid plan or donate. Thank you for your support.


About the Author

Ben Wolford

Ben Wolford is a writer at Proton. A journalist for many years, Ben joined Proton to help lead the fight for data privacy.

 

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

3 comments on “We support stronger privacy regulations in California

  • Say I am applying for a mortgage. I need to provide my tax returns, pay stubs, etc to a mortgage broker. That broker has to then share that information with several people like a Title company, underwriters, the investor group that will fund the loan, perhaps a federal agency. Is there anything saying they can’t just use regular email (like g-mail) to send my documents around the internet? Does anything require them to use encrypted messaging or encrypted cloud storage? I would appreciate a blog post detailing the applicable laws in the US and in California. When I was applying for my last mortgage I made the broker allow me to upload documents to a “secure” Microsoft Sharepoint folder but I’m not sure of how private that was or if it just got sent around via gmail after I uploaded it. Thanks for all you do.

    Reply
  • @Roy Cornatzer,

    As a California real estate Broker I can answer your question. No, there are no laws requiring encryption of data in transit or data at rest in the real estate industry. Banks and lender will often request data via secure messaging. Of the ones I’ve talked with about it, the encryption came from a corporate policy rather than a law. GLBA may require it of the banks, not sure.

    Most escrow and real estate companies don’t know what encryption is. I spent over 10 years working in Info Sec in the retail (PCI) and hospital (HIPAA) worlds, so we do utilize encryption and privacy.

    Reply