Security sign in the hand of the engineer concept design.

A ballot initiative was recently proposed in California to give consumers privacy rights similar to those granted by the EU’s General Data Protection Regulation. The initiative, called the California Consumer Privacy Act of 2018, would make it possible for residents of the state to find out how businesses handle their personal data, including what information is collected and how it’s shared.

In addition to empowering consumers to discover how businesses collect and use data, the law also allows consumers to hold businesses liable for “security breaches of consumers’ data, even if consumers cannot prove injury.”

The measure itself states that its implementation would be expected to cost potentially in the “low tens of millions of dollars annually… some or all of which would be offset by increased penalty revenue or settlement proceeds authorized by the measure,” but goes on to say that it would have an [u]nknown impact on state and local tax revenues due to economic effects resulting from new requirements on businesses to protect consumer information.”

The initiative is currently supported by several consumer advocacy groups and the privacy-centric internet service DuckDuckGo. It has been met with opposition from telecommunication companies such as AT&T, Comcast, Google, and Verizon, as well as Facebook, which contributed $200,000 to fight its passage.

The Privacy Act would apply to every company that uses the data of California residents, which would accordingly have far-reaching consequences for online companies. It currently requires 365,880 signatures to qualify it for entry on the 2018 California ballot.

Read more about it here.