Assembly hearing urges stronger, enforceable privacy rules as surveillance shifts from episodic to ubiquitous
Loading...
Summary
Experts at a California State Assembly Privacy and Consumer Protection Committee hearing warned that surveillance capitalism and AI-driven inference have outpaced notice-and-consent rules and urged clearer statutory limits, stronger enforcement tools, and more resources for regulators to protect Californians’ constitutional privacy rights.
The California State Assembly’s Privacy and Consumer Protection Committee convened an informational hearing on commercial and government surveillance, where academics, labor organizers, and investigative reporters urged state lawmakers to strengthen enforceable privacy protections rather than rely on notice-and-consent frameworks.
Nicole Ozer, executive director of the Center for Constitutional Democracy at UC Law San Francisco, laid out the historical foundation: "The right to privacy is the right to be left alone," she said, tracing California’s constitutional right to privacy to the 1972 amendment (ACA 51) and urging legislators to enact laws that operationalize that constitutional protection for the AI era. Ozer noted judicial decisions in the 1980s and 1990s narrowed remedies for privacy claims and said lawmakers can restore meaningful protection through statute.
Professor Deirdre Mulligan of UC Berkeley described three structural shifts that make past regulatory approaches inadequate: vastly expanded surveillance infrastructure, a wider variety of personal data (including biometrics), and more powerful computational inferences. "Surveillance has become the background condition of everyday life," Mulligan told the committee, adding that enforcement agencies need more technical and interdisciplinary staff and clearer, enforceable statutory definitions.
Panelists and committee members discussed tools already in California law — for example, the California Electronic Communications Privacy Act (CalECPA) and data-broker statutes — but said those laws require stronger enforcement and remedies. Several witnesses recommended statutory mechanisms such as private rights of action, suppression remedies for illegally obtained commercial data, and explicit prohibitions or heightened protections for particularly sensitive categories of information, including some health and children’s data.
Investigative reporting and real-world examples framed the urgency: Jason Kebler of 404 Media described how license-plate-reader and other commercial camera networks can be networked across jurisdictions and sometimes have been used without proper oversight. "Local citizens become guinea pigs for things like autonomous drones, license plate reader technology," Kebler said, pointing to cases where cross-jurisdictional searches were used for immigration enforcement.
Lawmakers pressed for concrete drafting guidance: definitions that avoid unintended consequences for beneficial safety uses, funded enforcement mechanisms, and ways to preserve state authority even if the federal government moves on AI rulemaking. The hearing closed with a public-comment period in which labor and health-care advocates urged worker-focused privacy protections and cautioned against corporate surveillance that undermines safety and trust.
The committee did not vote on legislation; members said the hearing was an advisory step toward possible bills that would combine clear statutory limits on collection and use, stronger enforcement, and heightened protections for categories of data deemed especially sensitive. The committee signaled it will use testimony to inform statutory language and enforcement design in upcoming legislative sessions.
