BILL ANALYSIS �Ó
SENATE JUDICIARY COMMITTEE
Senator Noreen Evans, Chair
2011-2012 Regular Session
SB 602 (Yee)
As Amended March 30, 2011
Hearing Date: April 12, 2011
Fiscal: Yes
Urgency: No
SK:rm
SUBJECT
Reader Privacy Act
DESCRIPTION
This bill, sponsored by the American Civil Liberties Union
(ACLU) and the Electronic Frontier Foundation (EFF), would enact
the Reader Privacy Act placing restrictions on commercial
businesses that offer "book services"-the rental, purchase,
borrowing, browsing, or viewing of books-to the public. Under
the bill, a book services provider may not knowingly disclose to
any government entity, or be compelled to disclose to any person
or entity, the personal information of a user related to the use
of a book, except pursuant to a search warrant, court order, or
with the user's affirmative consent, as specified. The
information could also be disclosed if there was an imminent
danger of death or serious physical injury that required the
immediate disclosure or if the provider believes in good faith
that the personal information is evidence directly related and
relevant to a crime against the provider or the book service
user.
BACKGROUND
The sale of electronic books (e-books) has increased
significantly over the last several years. A recent report by
the Association of American Publishers indicated that sales of
e-books in January 2011 "increased by more than 115 percent
compared to the same time the year before." ("E-book sales jump
at the start of 2011," The Christian Science Monitor, March 18,
2011.) That same report showed that "e-book net sales increased
to $69.9 million compared to $32.4 million in January, 2010."
(Id.) Sales of hardcover and paperback books, in contrast,
�
SB 602 (Yee)
Page 2 of ?
continued to fall; from $55.4 million in January 2010 to $49.1
million in January 2011 for adult hardcover books. Sales of
paperback books fell 30 percent in the same period. Amazon now
sells more of its electronic Kindle books than both paperback
and hardcover books. ("Amazon.com announces fourth quarter
sales up 36% to $12.95 billion," Amazon.com, January 27, 2011.)
And, in December 2010, Barnes & Noble reported that its e-book
outsold physical books on its website, including 1 million
e-books on Christmas Day alone. ("E-book sales surpass physical
book sales on Barnes & Noble website," ITWorld.com, December 31,
2010.)
As e-books have increased in popularity so have privacy concerns
associated with their use. Amazon's Kindle permits users to
instantly download books to the device, but, according to a
recent report on National Public Radio, that same technology
"also makes it possible for the device to transmit information
back to the manufacturer. 'They know how fast you read because
you have to click to turn the page,' says Cindy Cohn, legal
director at the nonprofit Electronic Frontier Foundation. 'It
knows if you skip to the end to read how it turns out.'" ("Is
your e-book reading up on you?" National Public Radio, December
15, 2010.") A March 2010 report further described the privacy
implications of e-books:
Digital book services have the ability to collect and retain
very detailed information about readers. The level of detail
that these services can collect would require an offline
library or bookstore to hire an agent to follow each
individual patron around the stacks, throughout their day, and
finally into their homes. Digital book providers can easily
track what books an individual considers, how often a given
book is read, how long a given page is viewed, and even what
notes are written in the "margins." As reading has moved
online, it also has become much easier to link books that are
browsed or read with a reader's other online activities, such
as Internet searches, emails, cloud computing documents, and
social networking. With all of this information, companies
can create profiles about individuals, their interests and
concerns, and even those of their family and friends.
This tracking is already occurring. For example, Google Books
currently tracks: 1) a reader's initial search query; 2) the
specific book browsed and page viewed; 3) the date/time of the
search or page view; 4) the reader's Internet Protocol
address, browser, and computer operating system; and 5) one or
more cookies that uniquely identify the reader's browser. . .
�
SB 602 (Yee)
Page 3 of ?
. Amazon can and does track similar information on readers
who use its Kindle. As each Kindle is unique and automatically
linked to one particular account holder, the potential for
tracking specific reading habits may be even greater than with
Google Books. Amazon retains information about the books,
magazine subscriptions, newspapers and other digital content
on the Kindle and the reader's interaction with that content.
This includes an automatic bookmark of the last page read, the
content deleted from the device, and any annotations,
bookmarks, notes, highlights, or similar markups made by the
reader. The company's control over its users' reading habits
extends beyond merely tracking them. Amazon's ability to
control content on the Kindle has allowed it to delete whole
books without the account holder's knowledge or consent.
("Digital Books: A New Chapter for Reader Privacy," ACLU of
Northern California, March 2010, p. 7, available online at
www.dotrights.org.)
Given that these book service providers compile significant
amounts of very personal information and in order to provide
clear guidelines for government and some third-party access to
that information, this bill would prohibit those providers from
knowingly disclosing a user's personal information to a
government entity or being compelled to disclose that
information to any person or entity, except in specified
circumstances. This bill would apply to both online and
physical, brick and mortar book service providers.
CHANGES TO EXISTING LAW
Existing law , the U.S. Constitution, provides that Congress
shall make no law . . . abridging the freedom of speech. (U.S.
Const. amend. I.) The First Amendment is binding on the states
through the due process clause of the Fourteenth Amendment.
(Gitlow v. New York (1925) 268 U.S. 652.)
Existing law , the U.S. Constitution, provides that "İt]he right
of the people to be secure in their persons, houses, papers, and
effects, against unreasonable searches and seizures, shall not
be violated, and no Warrants shall issue, but upon probable
cause, supported by Oath or affirmation, and particularly
describing the place to be searched, and the persons or things
to be seized." (U.S. Const. amend. IV.)
Existing law , the California Constitution, provides that all
people have inalienable rights, including the right to pursue
�
SB 602 (Yee)
Page 4 of ?
and obtain privacy. (Cal. Const. art. I, sec. 1.)
Existing law , the California Constitution, guarantees that
"İe]very person may freely speak, write and publish his or her
sentiments on all subjects, being responsible for the abuse of
this right. A law may not restrain or abridge liberty of speech
or press." (Cal. Const. art. I, sec. 2.)
Existing law requires businesses that own or license personal
information about California residents to implement and maintain
reasonable security procedures and practices appropriate to the
nature of the information, to protect the personal information
from unauthorized access, destruction, use, modification, or
disclosure. (Civ. Code Sec. 1798.81.5.)
Existing law defines "personal information" to mean any
information that identifies, relates to, describes, or is
capable of being associated with, a particular individual,
including, but not limited to, his or her name, signature,
social security number, physical characteristics or description,
address, telephone number, passport number, driver's license or
state identification card number, insurance policy number,
education, employment, employment history, bank account number,
credit card number, debit card number, or any other financial
information, medical information, or health insurance
information. (Civ. Code Sec. 1798.80.)
Existing law provides various grounds for the issuance of a
search warrant and specifies that a search warrant cannot be
issued but upon probable cause supported by affidavit, naming or
describing the person to be searched or searched for, and
particularly describing the property, thing, or things and the
place to be searched. (Pen. Code Secs. 1524, 1525.)
Existing law , the Civil Discovery Act, provides for the scope of
discovery in civil actions and permits a party to obtain
discovery by inspecting documents, tangible things, land or
other property, and electronically stored information. (Code
Civ. Proc. Sec. 2016.010 et seq.)
Existing law exempts library circulation records from disclosure
under the California Public Records Act. Existing law provides
that those library records are confidential and shall not be
disclosed to any person, local agency, or state agency except:
(1) to a person acting within the scope of his or duties within
library administration; (2) to a person with written
�
SB 602 (Yee)
Page 5 of ?
authorization from the individual to whom the records pertain;
or (3) by order of the appropriate superior court. (Gov. Code
Secs. 6254(j), 6267.)
Existing state and federal law prohibit video stores from
disclosing a customer's personal information, including video
tape sales or rental information, to any other person without
the written consent of the customer, except in certain
circumstances. (18 U.S.C. Sec. 2710; Civ. Code Sec. 1799.3.)
This bill would provide that a book service provider may not
knowingly disclose to any government entity, or be compelled to
disclose to any person or entity, a user's personal information
related to the use of a book or part of a book, except that:
a.a book service provider must disclose a user's personal
information pursuant to a search warrant issued by a duly
authorized court with jurisdiction over an offense under
investigation if the following conditions are met: (i) the
court issuing the warrant finds that the person or entity
seeking disclosure has a compelling interest in obtaining the
personal information sought; (ii) the court issuing the
warrant finds that the information cannot be obtained through
less intrusive means; (iii) the person or entity seeking
disclosure gives the provider reasonable notice of the
proceeding prior to issuance of the warrant; (iv) the provider
is given the opportunity to appear and contest the issuance of
the warrant prior to its issuance; and (v) notice of the
warrant is given to the book service user contemporaneous with
execution of the warrant, unless there is a judicial
determination of a strong showing of necessity to delay that
notification for a reasonable period of time, not to exceed
seven days;
b.a book service provider must disclose a user's personal
information pursuant to a court order in a pending civil or
administrative action provided that the following conditions
are met: (i) the court issuing the discovery order finds that
the person or entity seeking disclosure has a compelling
interest in obtaining the personal information sought; (ii)
the court issuing the discovery order finds that the
information cannot be obtained through less intrusive means;
(iii) the person or entity seeking disclosure takes reasonable
steps to provide the user and the provider with reasonable
notice of the proceeding prior to the issuance of the court
order so that the user and provider have the opportunity to
�
SB 602 (Yee)
Page 6 of ?
appear and contest the issuance of the court order; and (iv)
the provider refrains from disclosing the personal information
until it provides notice to the user about the issuance of the
court order and the ability to appear and quash the order and
the user has been given a reasonable opportunity to appear and
quash the order;
c.a book service provider must disclose the user's personal
information to any person with the informed, affirmative
consent of that user;
d.a book service provider may disclose the user's personal
information to a government entity if the government entity
asserts-and the book service provider in good faith
believes-that there is an imminent danger of death or serious
physical injury requiring the immediate disclosure of the
information and there is insufficient time to obtain a
warrant. Under this exception, the government entity must
give to the provider a written statement describing the facts
giving rise to the emergency upon request or no later than 48
hours after seeking disclosure; and
e.a book service provider may disclose a user's personal
information to a government entity if the provider believes in
good faith that the personal information is evidence directly
related and relevant to a crime against the provider or that
book service user.
This bill would require any court issuing a search warrant or
civil discovery order requiring disclosure of a book user's
personal information to impose appropriate safeguards against
the unauthorized disclosure of personal information by the
provider pursuant to the warrant or order.
This bill would provide that, except as proof in an action for a
violation of the bill's provisions, no evidence obtained in
violation of the bill shall be admissible in any civil,
administrative, or other proceeding.
This bill would make violations of its provisions subject to the
following penalties:
a.a provider who knowingly provides a book service user's
personal information to a government entity in violation of
the bill's provisions shall be subject to a civil penalty of
up to $500 for each violation, which may be recovered in a
�
SB 602 (Yee)
Page 7 of ?
civil action brought by the book user; and
b.a provider who knowingly provides a user's personal
information to a government entity in violation of the bill on
three or more occasions in any six-month period shall also be
subject to a civil penalty of up to $500 for each violation
which may be assessed and recovered in a civil action brought
by the Attorney General, any district attorney, city attorney,
or specified city prosecutor. This bill would allocate any
penalties collected when an action is brought by these
government entities, as specified.
This bill would provide that a civil action brought pursuant to
the bill must be commenced within two years after the date upon
which the claimant first discovered the violation.
This bill would provide that, if a book service provider
reasonably relies on a warrant or court order for the release of
a user's personal information or relies on any of the bill's
specified exceptions to confidentiality, that reliance is a
complete defense to any civil, administrative, or criminal
action provided that the reasonable reliance is objective.
This bill would require a book service provider to prepare a
report to be made publicly available in an online, searchable
format by March 1 of every year. That report must include
specified information, including the number of federal and state
warrants requesting disclosure of a user's personal information
that the provider has received in the previous year. The report
must also include this same information for any grand jury
subpoenas, civil and administrative subpoenas, court orders, and
requests for information made with the user's informed consent
received by the provider during the prior year.
This bill would also require that the report contain the number
of times that personal information has been disclosed by the
provider, the number of times that the provider contests the
demand for information, and the number of times that the user
contests the demand.
This bill would provide that nothing in the bill shall otherwise
affect the rights of any person under the California
Constitution or any other law.
This bill would contain related definitions, including defining
"personal information" to mean any information described in
�
SB 602 (Yee)
Page 8 of ?
Civil Code Section 1798.80.
COMMENT
1.Stated need for the bill
In support of the bill, the author writes:
As readers increasingly move away from borrowing books from
libraries and buying physical books in bookstores and toward
using electronic devices and online book services to access
and read books, California statutory law needs to codify the
privacy and free speech safeguards for expressive records
guaranteed by the California Constitution . . .
Currently, reader protections in California statutory law only
extend to library records, not records from books browsed or
purchased from online or physical booksellers. Current
federal law also does not safeguard book records.
As Californians increasingly rely on online services to
browse, read, and buy books, it is essential that state law
keep pace and safeguard readers in the digital age. Many
bookstores already collect information about readers and their
purchases. Digital book services collect even more detailed
information: which books are browsed, how long each page is
viewed, and digital notes made in the margins. Current law
doesn't anticipate this new digital reality. Without strong
privacy protections, the reading records increasingly kept by
companies can be targeted by government surveillance as well
as in legal proceedings like divorce cases and custody
battles. İcitations omitted.]
Co-sponsor ACLU writes that "İu]nder SB 602, consumers may feel
more comfortable using new digital book services and technology
without worrying that their personal information will be
unprotected. California should promote the use of new
technology by ensuring that upgraded technology does not mean
downgraded privacy."
EFF, co-sponsor, writes in support:
The books we choose to read reveal privacy information about
our political and religious beliefs, health concerns, and our
personal lives. Maintaining reader privacy is fundamental to
the dignity of Californians and to ensure that they can
continue to enjoy the full range of freedom of expression,
�
SB 602 (Yee)
Page 9 of ?
inquiry and thought.
2.Privacy and free speech safeguards for expressive materials
Under this bill, a book services provider may not knowingly
disclose a user's personal information to any government entity,
or be compelled to disclose to any person or entity, except as
specified. The author indicates that, with respect to
expressive materials such as books and e-books, SB 602 "codifies
the First and Fourth Amendments and the privacy and free speech
provisions of the California Constitution."
Expressive materials such as books and other reading materials
have long been protected under both state and federal law. The
First Amendment to the U.S. Constitution "protects more than
simply the right to speak freely," it includes also the right to
distribute and sell expressive materials and the right to
receive information and ideas. (Tattered Cover v. City of
Thornton (2002) 44 P. 3d 1044, 1051.) In United States v.
Rumely (1953) 345 U.S. 41, the U.S. Supreme Court held that it
was unconstitutional for the government to require a publisher
of political books to disclose the names of purchasers of his
books, stating, "İo]nce the government can demand of a publisher
the names of the purchasers of his publications, the free press
as we know it disappears. Then the spectre of a government
agent will look over the shoulder of everyone who reads. The
purchase of a book or pamphlet today may result in a subpoena
tomorrow. Fear of criticism goes with every person into the
bookstall." (Id. at 57.)
More recently, a federal district court in Wisconsin ruled on a
motion to quash a grand jury subpoena that initially sought the
identities of thousands of Amazon customers who had purchased
books from the target of the grand jury's tax evasion
investigation. Amazon refused to identify any of its customers
to the government, arguing that they had a "First Amendment
right to maintain the privacy of their reading choices." (In re
Grand Jury Subpoena to Amazon.com (2007) 246 F.R.D. 570, 572.)
The court agreed, noting "it is an unsettling and un-American
scenario to envision federal agents nosing through the reading
lists of law-abiding citizens while hunting for evidence against
somebody else. . . . if word were to spread across the
Net-and it would-that the FBI and the IRS had demanded and
received Amazon's list of customers and their personal
purchases, the chilling effect on expressive e-commerce would
frost keyboards across America." (Id. at 573.)
�
SB 602 (Yee)
Page 10 of ?
As the author notes, California's Constitution contains
important privacy safeguards for expressive materials, providing
that all people have inalienable rights, including the right to
pursue and obtain privacy. (Cal. Const. art. I, sec. 1.) The
state Constitution also guarantees that "İe]very person may
freely speak, write and publish his or her sentiments on all
subjects, being responsible for the abuse of this right. A law
may not restrain or abridge liberty of speech or press." (Cal.
Const. art. I, sec. 2.)
As expressive materials move towards the digital age and e-books
increase in popularity, these privacy safeguards may be
challenged. As described in more detail below, many provisions
contained in this bill are based on case law and California's
constitutional privacy protections.
3.Prohibition against disclosure
This bill would provide that a book services provider shall not
knowingly disclose to any government entity, or be compelled to
disclose to any person or entity, the personal information of a
user related to the use of a book or part of a book, except as
specified. (See Comment 4 for discussion of these exceptions.)
a. Prohibition on knowing disclosures limited to government
entities; knowing disclosures to third parties permitted
This bill would prohibit the knowing disclosure of a user's
personal information to any government entity. The intent of
this provision is to prohibit book service providers from
disclosing a user's personal information simply upon the
request of law enforcement or other government entities
(without a warrant).
This provision does not, however, apply to any other person or
entity. As a result, the bill would permit a book services
provider to knowingly disclose a user's personal information
to any other person or entity, including, potentially, third
party marketers.
The sponsor has acknowledged that the bill does not address
disclosure of a user's personal information to third parties,
including marketers, but indicates its preference for limiting
the knowing disclosure provision to government entities at
this time.
�
SB 602 (Yee)
Page 11 of ?
b. Prohibition on compelled disclosures limited to any person
or entity
This bill would provide that a book services provider shall
not be compelled to disclose a user's personal information to
any person or entity. The sponsor indicates that this
provision is intended to include government entities as well.
The following suggested amendment would clarify this point:
Suggested amendment:
On page 3, line 17 strike "or entity" and insert ", entity
or government entity"
c. Disclosure limited to a user's personal information
related to the use of a book or part of a book
Under this bill, book service providers may not knowingly
disclose, or be compelled to disclose, a user's "personal
information related to the use of a book of part of a book."
The bill also defines "personal information" to mean any
information described in Civil Code Section 1798.80 and to
specifically include a unique identifier or Internet Protocol
(IP) address when that identifier or address is being used to
identify, relate, describe, or be associated with, a
particular individual. The definition also includes "any
information associated with a particular user's access or use
of a book service or a book in whole or partial form."
Because the definition of personal information already
includes information associated with the user's use of the
book, it is not clear what the phrase "a user's personal
information related to the use of a book or part of a book"
means. That phrase appears to limit the personal information
that is protected from disclosure to only that information
related to the use of the book, or part of the book. In other
words, it could be interpreted by a provider to mean only
information such as the specific book browsed and page viewed
and any notes or highlights made and not other personal
information like a user's name or address.
The following suggested amendments would address this concern
and clarify the definition of "personal information:"
Suggested amendments:
�
SB 602 (Yee)
Page 12 of ?
1. On page 3, strike lines 6 to 12 and insert:
(4) "Personal information" means all of the following:
(A) Any information that identifies, relates to, describes, or
is associated with a particular user, including, but not
limited to, information specifically listed in Section
1798.80.
(B) A unique identifier or Internet Protocol address when that
identifier or address is being used to identify, relate to,
describe, or be associated with, a particular user of a book
service or book, in whole or partial form.
(C) Any information that relates to or is capable of being
associated with a particular user's access or use of a book
service or a book in whole or partial form.
2. On page 3, strike lines 18 and 19 and insert: "any
personal information of a user, except"
1.Exceptions to no-disclosure rule
This bill would prohibit a book services provider from knowingly
disclosing a user's personal information to a government entity
or being compelled to disclose that information to any person or
entity, except in the following five circumstances: (1) pursuant
to a search warrant; (2) pursuant to a court order; (3) with the
informed, affirmative consent of the user; (4) if there is an
imminent danger of death or serious physical injury; or (5) if
the provider believes in good faith that the personal
information is evidence directly related and relevant to a crime
against the provider or the book service user. These five
exceptions are discussed in turn below.
a. Search warrant as part of an investigation of an offense
Under this bill, a book services provider must disclose a
user's personal information pursuant to a search warrant
issued by a duly authorized court with jurisdiction over an
offense under investigation provided that five specified
conditions are met. First, the court issuing the warrant must
find that the person or entity seeking disclosure has a
compelling interest in obtaining the personal information
sought. The author and his sponsors indicate that case law
supports this standard, pointing to White v. Davis (1974) 13
Cal.3d 757, in which the California Supreme Court held that
the state's constitutional right to privacy requires the
�
SB 602 (Yee)
Page 13 of ?
government to establish a compelling justification for
government information gathering.
Second, the court issuing the warrant must find that the
information cannot be obtained through less intrusive means.
The author and his sponsors assert that support for this
standard can be found in Brillantes v. Superior Court (1996)
51 Cal.App.4th 323, 343 in which the court noted that ". . .
the state must utilize the 'least intrusive means' to satisfy
its interest."
Third, the person or entity seeking disclosure must give the
provider reasonable notice of the proceeding prior to issuance
of the warrant, and, fourth, the provider must be given the
opportunity to appear and contest the issuance of the warrant
prior to its issuance. A 2002 opinion by the Colorado Supreme
Court provides support for these two standards, according to
the author and his sponsors. In Tattered Cover v. City of
Thornton (2002) 44 P. 3d 1044, 1047, the court held ". . . the
Colorado Constitution requires that the innocent bookseller be
afforded an opportunity for an adversarial hearing prior to
execution of a search warrant seeking customer purchase
records." The sponsors rely on the Tattered Cover decision
because it was "largely based upon a reading of free speech
language in the Colorado constitution that is substantially
identical to California's provision."
Finally, a book services provider may disclose a user's
personal information pursuant to a warrant only if notice of
the warrant is given to the book service user contemporaneous
with execution of the warrant, unless there is a judicial
determination of a strong showing of necessity to delay that
notification for a reasonable period of time, not to exceed
seven days. The sponsors point to other provisions of privacy
law which require prior notice to the individual. For
example, Penal Code Section 637.5 requires cable companies to
"promptly notify the subscriber of the nature of the request
and what government agency has requested the information prior
to responding İto the request] unless otherwise prohibited
from doing so by law." Similarly, federal law requires that
court orders authorizing disclosure of a customer's video tape
sales or rental information to law enforcement be issued only
with prior notice to the customer. (18 U.S.C. Sec.
2710(b)(3).)
Co-sponsor ACLU further points out the importance of notice to
�
SB 602 (Yee)
Page 14 of ?
the user in a recent issue paper, stating "İa]nd if a digital
book service does disclose records about its customers, the
readers may never know. For example, Amazon's privacy policy
explicitly exempts most disclosure situations from its promise
to provide notice to users if their information is shared."
("Digital Books: A New Chapter for Reader Privacy," ACLU of
Northern California, March 2010, p. 7, available online at
www.dotrights.org.)
b. Court order in a civil or administrative action
This bill would also provide an exception to the general
no-disclosure rule in instances in which there was a court
order in a pending civil or administrative action provided
that four specified conditions are met (several of these are
substantially similar to those discussed above under Comment
4a). First, the court issuing the discovery order must find
that the person or entity seeking disclosure has a compelling
interest in obtaining the personal information sought.
Second, the court issuing the discovery order must find that
the information cannot be obtained through less intrusive
means.
Third, the person or entity seeking disclosure must take
reasonable steps to provide the user and the provider with
reasonable notice of the proceeding prior to the issuance of
the court order so that the user and provider have the
opportunity to appear and contest the issuance of the court
order. And, fourth, the provider must refrain from disclosing
the personal information until it provides notice to the user
about the issuance of the court order and the ability to
appear and quash the order and the user has been given a
reasonable opportunity to appear and quash the order.
Staff notes that these provisions, allowing for disclosure of
a user's personal information only where the four specified
conditions are met, provide a different standard for discovery
and the production of evidence in civil matters relating to
this particular information. The sponsors assert that this is
appropriate because the expressive records at issue are
protected by both the constitutional right to privacy and the
First Amendment. Disclosure of those records, they continue,
implicates both of these fundamental rights.
c. Informed, affirmative consent
�
SB 602 (Yee)
Page 15 of ?
This bill would permit the disclosure of personal information
about a book service user to any person with the "informed,
affirmative consent" of that user. While that language makes
clear that an implied consent is not sufficient to permit
disclosure, it still arguably creates a potential loophole in
the bill's privacy protections. For example, a book service
provider could give a customer general information about its
privacy practices when he or she first signs up for the
service and obtain that customer's consent to permit his or
her information to be shared for one purpose. Later, that
same information could be shared for a different purpose under
the language of this bill. The following amendment would
address this concern:
Suggested amendment:
On page 4, strike line 24 and insert "to any person provided
that the user has given his or her informed, affirmative
consent to the specific disclosure for a particular
purpose."
d. Imminent danger of death or serious physical injury
This bill would also permit a book service user's personal
information to be disclosed to a government entity if the
government entity asserts-and the book service provider in
good faith believes-that there is an imminent danger of death
or serious physical injury requiring the immediate disclosure
of the information and there is insufficient time to obtain a
warrant. Under this exception, the government entity must
give to the provider a written statement describing the facts
giving rise to the emergency upon request or no later than 48
hours after seeking disclosure.
e. Good faith belief
Finally, this bill provides that a book service provider may
disclose a user's personal information to a government entity
if the provider believes in good faith that the personal
information is evidence directly related and relevant to a
crime against the provider or that book service user.
1.Objectively reasonable reliance
This bill would provide that an objectively reasonable reliance
by a book service provider on a warrant or court order for the
�
SB 602 (Yee)
Page 16 of ?
release of a user's personal information, or on any of the
bill's exceptions to confidentiality, is a complete defense to
any civil, administrative, or criminal action.
2. Penalty provisions
This bill would make violations of its provisions subject to
specified penalties, including that a provider who knowingly
provides a book service user's personal information to a
government entity in violation of the bill's provisions would be
subject to a civil penalty of up to $500 for each violation,
which may be recovered in a civil action brought by the book
user.
In addition to that penalty, a book service provider who
knowingly provides a user's personal information to a government
entity in violation of the bill on three or more occasions in
any six-month period would also be subject to a civil penalty of
up to $500 for each violation which may be assessed and
recovered in a civil action brought by the Attorney General, any
district attorney, city attorney, or specified city prosecutor.
While the sponsors indicate that this language is based on an
existing provision of law relating to rentals of videotapes, the
provision raises the policy question of whether providers
should, in essence, get two "free" bites of the apple every six
months. Under this language, a provider could knowingly
disclose a user's personal information to a government agency
simply upon that agency's request (and in violation of the bill)
twice in a six-month period. They would also then be permitted
to violate the bill again in month seven. If the Committee
elects to address this issue, the following amendment would
permit public prosecutors to address these violations of the
bill:
Suggested amendment:
On page 5, line 20, strike "on three or more occasions in any
six-month period"
3.Technical amendments needed
In order to correct a drafting error and make other necessary
technical changes, this bill should be amended as follows:
On page 4, line 7, strike "discovery" and insert "court"
�
SB 602 (Yee)
Page 17 of ?
On page 4, line 10, strike "discovery" and insert "court"
On page 4, line 39, strike "discovery" and insert "court"
On page 5, line 14, strike "use" and insert "user"
Support : Californians Aware; Consumer Federation of California;
Calegislation; Privacy Activism; Privacy Rights Clearinghouse;
one individual
Opposition : None Known
HISTORY
Source : American Civil Liberties Union (ACLU); Electronic
Frontier Foundation
Related Pending Legislation : SB 445 (Simitian) would clarify
that written and electronic patron library records, as
specified, are confidential and exempt from public disclosure,
with certain exceptions. This bill is pending in the Assembly.
Prior Legislation : None Known
**************