Law360

On Nov. 6, 2018, voters in San Francisco will decide whether to enact the city’s “Privacy First Policy” that aims to protect the personal information of residents and visitors from abuse by companies doing business in San Francisco. The policy establishes a set of privacy principles to guide the city’s government when considering the adoption of privacy policies, laws, and regulations, and when determining whether to issue permits, licenses, or other entitlements to its contractors and third parties. If the policy is passed, businesses in San Francisco would be required to disclose their data collection policies and obtain input from communities impacted when drafting those policies.

Authors: Ariana Goodell Xiaoyan Zhang

According to the city supervisor, the policy is motivated primarily by the city’s sense of “responsibility to set ground rules that protect the best interest of the general public” as “the information technology sector shap[es] much of our city’s identity.” The policy rides the coattails of the California Consumer Privacy Act passed in June 2018, which empowers consumers with various rights such as the right to know what information is being collected about them and whether it is being sold and the right to opt out of the sale of their personal information.