The California state legislature on Thursday approved a landmark internet privacy bill that would give users more control over what internet companies can do with their data.
The California Consumer Privacy Act would require companies to give their users detailed information about what information they collect, what they do with that data and who they sell it to. Users would also be able to request that websites stop sharing their data with third parties.
The bill was introduced as a way to head off a ballot initiative that had gained traction among the state’s voters. Alastair Mactaggart, a California real estate developer who was championing the ballot proposal, agreed last week to pull the initiative if the privacy bill passed by Thursday, the deadline to remove ballot proposals.
The bill, which still needs the governor’s signature to pass, would go into effect in 2020 and would only apply to users in California.
It was modeled on a sweeping set of European privacy regulations that went into effect last month designed to better inform users about what is being done with their data and to give them more control over it.
The privacy movement in the U.S. has gained more momentum in the months since Facebook became embroiled in the Cambridge Analytica scandal, in which the GOP-linked political consulting firm improperly obtained data on 87 million users.
If passed, the California bill would appear to be the toughest set of data privacy rules passed in the wake of the data leak.