Skip to Content
MIT Technology Review

Three places where data is on the ballot this November

How voters in California, Michigan, and Massachusetts will help shape the future of data privacy and control across the United States.

October 26, 2020
2016 voters in booths2016 voters in booths
Shelby Lum/Richmond Times-Dispatch via AP

The 2020 election may be among the most consequential in modern memory, but it’s not just candidates that are on the ballot. Voters in 34 states are deciding on 129 measures, including several that touch on the way we use technology.

Among these are three initiatives in California, Massachusetts, and Michigan that could affect access to and control of data, with national implications for both citizen and consumer rights. 

State and local initiatives are typically bellwethers, with successful ones serving as models for other states. And in areas such as data and technology, where there aren’t always federal regulations, state laws can often become the de facto national policy when companies choose to match the highest regulatory standard.

Here are three ballot initiatives worth watching on November 3. 

California: Will Proposition 24 expand privacy protections? 

California’s Proposition 24, the “Consumer Personal Information Law and Agency Initiative,” seeks to expand the state’s data privacy law, the California Consumer Protection Act.  The CCPA went into effect in January and already represents the country’s most comprehensive privacy bill. 

Prop 24 would close several perceived gaps in the current law. It would create an enforcement agency, change its “Do not sell” provision to “Do not sell or share,” and expand the type of sensitive information that users could opt out of sharing with advertisers, like data on health, race, genetics, sexual orientation, religious beliefs, and union membership. Additionally, Prop 24 would allow the new enforcement agency to take immediate action, including fines, for CCPA violations, rather than wait out the 30-day grace period that companies currently receive to “cure” the breach.

But these expanded privacy measures come at a cost. Consumers would still have to opt into the protections, rather than opt out, and companies would be allowed to charge more for goods and services to make up for revenue they lose by not getting to sell data. This could make it harder for low-income and other marginalized groups to exercise their privacy rights. 

Prop 24 has divided privacy- and rights-oriented groups like the NAACP (which is for the bill), the ACLU (which is against it), and the Electronic Frontier Foundation (which has remained neutral, calling it “a mixed bag of partial steps forward and backwards”). Tech companies and associations like the Internet Association and chambers of commerce have remained surprisingly quiet. 

Spending on the Yes campaign has vastly outstripped No, with most money coming from Bay Area real estate developer Alastair Mactaggart, who was behind both this proposition and the earlier one that led to the CCPA. An October poll commissioned by the Yes on Prop 24 campaign showed that 77% of Californians were in favor of the measure.

But regardless of the outcome, other states will likely follow suit. California’s CCPA led to at least nine similar regulations across the country, in states including Maryland, Nevada, and Massachusetts. 

Massachusetts: Who should own your car’s wireless data? 

While voters in California are considering how best to protect consumer data, Question 1 in Massachusetts asks voters to consider how, and with whom, consumer data should be shared. 

The data in question is the wireless information transmitted by cars, known as telematics. If the question passes, cars made in 2022 or later and sold in Massachusetts would be required to have standardized, open-access telematics systems accessible to the owner or anyone else. In practice, this means third-party repair shops, who are leading the support for the bill. 

Ultimately, the debate is about consumers’ right to choose who gets to repair their devices. 

Massachusetts passed the country’s first right-to-repair law in 2013, requiring car manufacturers to sell diagnostic data to third-party shops. But that did not include wireless data, which would be covered by this measure. 

Car manufacturers are opposed, saying the measure does not give them enough time to safely update car systems without exposing them to security risks. But each side also has broader support at the national level. The National Highway Traffic Safety Administration echoes concerns about cybersecurity, while Senators Bernie Sanders and Elizabeth Warren, as well as consumer groups like Consumer Reports, support the legislation. Warren, the state’s senior senator, has called for national right-to-repair legislation. 

The outcome of this ballot initiative will have broad implications outside Massachusetts; the 2013 law led car manufacturers to share their data across the country. 

Michigan: Requiring search warrants for electronic data  

While the ballot initiatives in California and Massachusetts have support and opposition on both sides, voters in Michigan are expected to overwhelmingly support the state’s Proposition 2, which would require a search warrant for electronic data and communications. According to Ballotpedia, the proposal has no known opposition. 

It joins a number of other state regulations explicitly regulating police access to electronic data. In 2014, Missouri became the first state to protect electronic communications from search and seizure, and New Hampshire passed a similar bill in 2018; both were overwhelmingly popular, with support from 80% of voters in Missouri and 75% in New Hampshire. 

In 2019, Utah went a step further, becoming the first state to protect electronic data collected from third parties or remote servers—including  social-media data, search histories, and cell-phone location data—from warrantless access. It also passed unanimously.