We need control over how our data is used. Thanks to California, there’s a promising new path.

By Shira Ovide

This article is part of the On Tech newsletter. You can sign up here to receive it weekdays.

The U.S. government last week settled with an app that lets women track their periods over claims that it shared its users’ health information with Google and Facebook. A photo-storage app also settled claims that it used people’s images to build a facial recognition system.

These app makers got in trouble not because what they did seemed creepy — but because they weren’t upfront about it.

In the United States, as long as companies don’t mislead their customers, there aren’t many legal limits on what they can do with our private information.

That’s not great, is it? But California has a relatively new data privacy law that — while awkward and flawed — is starting to show intriguing ways to empower Americans to limit how our data can be used.

Last week, the Federal Trade Commission said that the women’s app, Flo Health, broke its promise to its users to keep their information private when it shared sensitive data including women’s pregnancy status with other companies.

According to the terms of the settlement, Flo is now required to obtain people’s consent before it shares their health information. (Flo didn’t admit it did anything wrong. The company said that it doesn’t share users’ health data without permission.)

Source: Read Full Article