Voters chose their digital rights on Election Day

Residents of California, Massachusetts, and Maine had their say over facial recognition, data gathering, and the right to repair vehicles

Jamie

Jamie is always hungry. He also writes about digital privacy in exchange for sandwiches.

Encrypted code going into a ballot box.

On Tuesday, U.S. voters didn’t just cast ballots for who they wanted to be their president—several states and cities also voted for legislation that will further protect their digital rights.

On the ballots in California, Massachusetts, and Portland, Maine, were issues ranging from facial recognition and data gathering to the right to repair their own smart vehicles. Here’s how they voted.

[Want to know more about your digital rights? Sign up for the ExpressVPN Blog Newsletter.]

California is placing further restrictions on big tech

California voters further strengthened the California Consumer Privacy Act (CCPA) by voting in favor of Proposition 24, which closes existing loopholes by adding protection around “sensitive” areas including race, health, religion, location, and biometric data.

CCPA will be replaced by the California Consumer Privacy Rights Act (CPRA) when it comes into effect in 2023. It will make it more difficult for Facebook and Google to track consumer activity through third parties and for companies to sell data to each other. The act also calls for the establishment of a state agency to enforce privacy law.

While the details of the law are yet to be finalized, the bill’s writer, Alastair Mactaggart, who founded the Californians for Consumer Privacy group and also wrote the CCPA, told Recode  of his hopes for data privacy laws on a federal level: “I think you’ll start to see more of a push to get good protections in the country. And if that doesn’t work, I think other big states will adopt something like ours.”

It’s worth noting that such strict regulations coming from the home of Silicon Valley is consistent with its handling of big tech companies residing in the state. And because it’s home to many big tech companies, California stands to influence data privacy laws at large in the U.S. and maybe further.

Portland, Maine, is strengthening its facial-recognition ban

Portland, Maine’s most populous city, has become the latest place in the U.S. to solidify its preliminary ban on facial recognition among city employees. San Francisco pioneered such a rule with its preemptive ban in May last year. Since then, Boston, Oakland, Cambridge, and Berkeley have followed suit, amid growing concerns about recent advancements in facial recognition technology, its accuracy, and its prevalence.

The new measure passed will allow Portland’s citizens to sue the city for illegal surveillance and receive up to 1000 USD per violation, excluding lawyers’ fees. Such violations would also be grounds for suspension or termination of employment for city employees.

It is not as restrictive as the rule passed in Oregon’s Portland, which also bans private businesses from using facial recognition technology in their surveillance. There is also a congressional bill that aims to ban federal law-enforcement agencies from using the technology altogether.

If you want to see where facial-recognition technology might be used in your state, check Fight for the Future’s interactive map.

Massachusetts is expanding consumers’ right to repair vehicles

You may be familiar with the right-to-repair debate surrounding smartphones and other portable electronic devices. In Massachusetts, the right-to-repair debate concerned a much bigger device, with voters deciding to require carmakers to give consumers access to their cars’ wirelessly transmitted data—that’s in addition to the mechanical data that had been required already.

This gives car owners the ability to “access and share data generated by the operation of the vehicle with independent repair shops.”

This vote amends Massachusetts’s right-to-repair law in 2012, which exempted vehicles with telematic systems that make wireless telecommunications in a vehicle possible. The amendment now gives drivers the ability to fix their car without having to go through the original manufacturer, which gives drivers more choice surrounding how they can fix their cars.

Like with California’s new restrictions on data collection, Massachusetts’s requirements for companies to comply with the new right-to-repair law could trigger a new nationwide standard for the automobile industry.

And what about on the federal level?

Things have been going a lot more slowly when it comes to enacting consumer-friendly laws protecting digital privacy and freedoms.

In fact, in recent years, legislation on a national level has arguably done more harm than good, with attempts to eradicate encryption via the EARN IT bill, undermine net neutrality, and allowing the sale of consumer ISPs for profit.

But these three new regulations, though localized, signal a shift. We expect more to come.

Also read: Limiting the president’s power to shut down the internet

Jamie writes about current issues concerning digital privacy and security and is known to interview leading figures in tech. He also keeps an eye on changes in government censorship and surveillance.