About our Proposal – The Digital Deputy Act
Background:
- What do you see as the key issue(s) or problem(s) to be addressed by the proposal? Present lack of accountability for BIG TECH (under current self-regulation schemes) mismanagement individual privacy data online leading to economic and national strategic harms due to resulting massive digital data breaches.
- Describe in detail the problem or deficiency in current law that the proposal seeks to remedy.
Please see attached, unpublished Law Journal Article: Deputizing Software Professionals: One case for settling the lawless Digital Wild West in the Golden State- How does this proposal remedy the problem described above?
As lawyers and currently proposed “licensed software professionals” (aka “Digital Deputies” under California professional engineer’s act) with state-issued professional licensees must adhere to and continue to take ethics and professionalism classes and state license entrance exams as a condition for renewing their licenses, software professionals who choose an optional state licensure proposed by the Digital Deputy Act should also adhere to and continue to take digital ethics and professionalism classes as a condition to maintaining a proposed state professional license. Software professionals can become law enforcement “deputies” in terms of enforcing digital ethics as well as the California Consumer Protection Act (CCPA) and other Digital Data Privacy Laws – while in addition to lawyers- but in a UNIQUELY,PROACTIVE MANNER WHILE SOFTWARE AND DIGITAL DATA IS BEING CREATED. Similar to the US Govt providing for Patent Agents to practice patent law along with Patent Lawyers. As one “perk” or benefit to passing a proposed licensed software professionals exam, the CCPA (– while borrowing from its mentor the EU’s General Data Privacy Regulation (GDPR)) could be amended to allow California licensed software professionals to become Data Protection Officers (DPOs) and thus can work in tech company’s as an affordable substitute to current Privacy Officers who are almost always lawyers with no practical technical training in software.
- How does this proposal remedy the problem described above?
- How would this proposal affect the new board and Agency of the California Privacy Protection Agency (CCPA) under the new California Privacy Rights Act?
This new Agency by 2023-24 will become an independent watchdog to vigorously enforce the CCPA through the California Privacy Rights Act headed by a five member board. In addition to enforcement and rulemaking, the new Agency will have an educational function.
One could argue that the timing could not be any more perfect but to consider the notion of a future CPPA extending its enforcement reach to include activity whereby proposed licensed software professionals could assist with digital law enforcement proactively and granularly in the day-to-day project management activities of software development and data analytics projects that use consumer data and rely on upholding good digital ethical practices. Further, such a relationship between the CPPA and the Digital Deputy Act’s proposed licensed software professionals would be mutually beneficial in that this new agency, that is also responsible for educational outreach, could routinely help the licensing board for software professionals with relevant topics for a licensure entrance exam and annual course requirements for licensed software professionals. Specifically, in addition to this paper’s proposed ACM’s and IEEE’s educational feedback, this feedback from the CPPA could directly apply to a software professional exam that is similar to the current “California State Laws and Board Rules” exam that professional engineers must pass to receive their licensure as mentioned above. Therefore, making digital deputies out of licensed software professionals fosters a strong mutually beneficial educational relationship with the CPPA but also fundamentally uses licensed software professionals to affordably extend the CPPA’s law enforcement outreach beyond that pioneering agency’s budget, per se.
As one practical, low-cost, business-friendly solution to these current enforcement deficiencies, the Digital Deputy Act’s proposal of possibly deputizing software professionals to assist with law enforcement of such digital privacy laws similar to the GDPR would thus conscript multitudes of technically trained individuals whose volume should satisfy market demands for “data compliance experts” so as to drive the expert cost considerably lower than the present market demands. Ultimately, one can envision a future with low cost data compliant experts with broader online law enforcement coverage arising from the collaborative efforts of both the present data privacy and security experts and lawyers who look to law enforcement of data privacy and other online laws retroactively as well as to the proposed California licensed software professionals who could assist with digital law enforcement proactively in the day-to-day project management activities of software development and data analytics. - What person, organization, or governmental entity is requesting introduction? Include contact information. Rafael V Baca , Esq of Silicon Valley is the originator of this concept. Rafa is a US Patent Attorney with a MS Degree in Computer & Data Science and a BS in Mechanical Engineering. Rafa Baca who is currently working as Chair of the American Bar Association Artificial Intelligence and Big Data Committees.
Background information: Please see whitepaper provided by this website, unpublished Law Journal Article: Deputizing Software Professionals: One case for settling the lawless Digital Wild West in the Golden State
PROGRESS HISTORY
A Digital Deputy Act Subcommittee of the ACM San Francisco Bay Area Chapter has been established to allow all software professionals who are California residents who may contact their California elected officials to enact the Digital Deputy Act, including but not limited to those software professionals who are members of the Digital Deputy Act. Here is a charter summary of the Digital Deputy Act Subcommittee:
Digital Deputy (Act) Subcommittee: For the iterative implementation of digital ethics in sw development.
The goals of this subcommittee is two-fold:
- Foster a non-partisan group of software professionals sincerely interested in taking digital ethics to the “next level” with the proposed Digital Deputy Act and similar policies within Silicon Valley to assist California State representatives with recommendations that enforce existing legislative policy in digital ethics relating to software development and data science and security. The group membership is open to ACM, IEEE membership and all software professionals in California. The group seeks greater transparency, accountability and professional responsibility in software and data science and security in the Tech workspace of Silicon Valley and in California.
- Upon implementation of the Digital Deputy Act and other recommendations, this non-partisan group will continue to work with California representatives and State agencies in making recommendations to state-issued professional certifications and professional licenses for software professionals, most especially in the field of digital ethics.
Action items of the Digital Deputy Subcommittee:
- The non-partisan group will maintain a subcommittee member list with a Slack channel for ongoing communications as well as meet quarterly by way of proposed agenda.
- The non-partisan group will construct a written master plan for the implementation of the above goals and revise it during the course of each meeting by quorum vote.
- The non-partisan group may elect leadership so as to present recommendations received from the group to state lawmakers and agencies.
- The non-partisan group will create a history of events, and provide a report of the history to the Chapter leadership as well as to the national ACM US Technology Policy Committee (USTPC) at the end of each year.
LEGISLATIVE HISTORY
- Has there been a similar bill in past sessions?
“ZERO” – California would truly be the pioneer for the USA and the World as a premier way to proactively enforce and regulate ethical software and digital data processes while created by software professionals! - Session, bill number, author, history of the bill (what committees heard the bill, what votes were taken on the bill):
“ZERO” – California would truly be the pioneer for the USA and the World as a premier way to proactively enforce and regulate ethical software and digital data processes while created by software professionals! - Why did it fail?
“ZERO” – California would truly be the pioneer for the USA and the World as a premier way to proactively enforce and regulate ethical software and digital data processes while created by software professionals! - How is this proposal different?
“ZERO” – This proposal is 100% Unique! California would truly be the pioneer for the USA and the World as a premier way to proactively enforce and regulate ethical software and digital data processes while created by software professionals! - Are there any relevant studies, audits, scholarly work on this issue?
YES, the American Bar Association for Law & Technology (Jurimetrics) journal will publish my article for the Fall Academic Term 2020 (publication March 2021): Deputizing Software Professionals: One case for settling the lawless Digital Wild West in the Golden State
Likely supporters:
The State AG office in support of enforcing the California Consumer Privacy Act (CCPA) at the “boots on the ground” level, namely proposed California-licensed software professionals would develop software and treat consumer data “ethically” as a continuing condition of good ethical practices required for renewal of licenses, especially in the reporting of digital data breaches. Along with lawyers, these proposed California-licensed professionals will be at the forefront of enforcing the CCPA and publicly mandated reverence for treating personal data with the utmost respect.
The “People”, citizenry of the state of California. All public in favor of digital data privacy laws, those in favor of the existing California Consumer Privacy Act. This proposal enables legislators to write into law “Public” concerns to how digital privacy is cared for by software companies – with the interest of the general public and their right to privacy. With a professional licensure in place it allows licensed professionals to pay annual license renewal dues as well as actively enforce CCPA data breach regulations that further generate state revenues for such violations.
Likely Opponents:
BIG TECH and TELECOM DIGITAL DATA ISPs where there currently is not major laws in place for accountably of breach of data privacy in a proactive manner. Most all such major laws today happen retroactively, after a software or digital data breach with lawmakers, lawyers and law enforcement reacting to the violation afterwards . Our proposal would have California-licensed software professionals provide PROACTIVE boots-on-the-ground for enforcement on a DAILY basis of the CCPA and related digital ethics and public policy concerns regarding personal data.
Potentially BIG TECH could object having its own (as proposed) state licensed software employees holding them accountable in terms of digital data privacy violations where there currently is not major laws in place for accountably of breach of data privacy.
Arguably, the state can say the licensure program is “OPTIONAL” and not a mandatory requirement for all their software employees have a state license to work at a software company.
Legislatures could point to the success that such an arrangement is working with public works projects such as constructing public highways, bridges and buildings that must be “signed-off” a professional (civil) engineer(s) as a legislated perquisite in the public project bidding process regularly by the state.
To taxpayers, argument would be is this entire proposal is “cost-neutral” or even profitable with the annual licensure fees, annually required course work for the proposed licensed professionals AS WELL AS could be lucrative as to the data breach violations that they could report while working in the field against BIG TECH.