<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=654132&amp;fmt=gif">

CPRA is on the Horizon - What's the Ripple Effect?

Data breaches and technology are evolving at such a rapid rate. In the first half of 2020 alone, data breaches significantly increased by 273% compared to 2019, making privacy laws and regulations such as the CCPA paramount in protecting consumer rights. California is leading the way for privacy compliance, as the fifth-largest global economy, the CCPA forces many companies to address privacy compliance.

All Posts

Did Mactaggart fail to submit signatures for the CPRA?

Did Mactaggart fail to submit signatures in time for the California Privacy Rights Act (“CPRA”) to be on the ballot for the November 3rd election? It is very possible he did.

California law requires a proposed initiative to be certified for the ballot by the Secretary of State at least 131 days before the next general election at which it is to be submitted to the voters, in this case, the November 3, 2020 election. That means that the CPRA must be issued a certificate of qualification for the ballot by June 25, 2020. Any proposed initiative that is not certified on or before that date will not be placed on the ballot.  Because of this hard deadline, initiative proponents like Mr. Mactaggart are advised to provide themselves with sufficient time to complete the necessary requirements to be on the ballot. This includes factoring in the time it takes for government officials to perform the required tasks of counting and verifying petition signatures.  

Mr. Mactaggart’s proposal was behind the recommended schedule from the beginning. For the November 3rd general election, the California Secretary of State suggested submitting proposed initiatives no later than August 20, 2019.  Mr. Mactaggart submitted his proposed initiative, the CPRA, on October 9, 2019.  Because of this, the timeline to complete the required process qualification became extremely condensed. Once submitted, proposed initiatives must undergo a 30-day public review process and a the Department of Finance and the Legislative Analyst prepares a fiscal estimate or opinion of the proposed initiative. Only after this process is completed does the Attorney General’s office prepare the Official Summary of the proposed initiative. The date the copy of the Official Summary is delivered or mailed to the proponent(s) is the “Official Summary Date.” No petition may be circulated for signatures from the public prior to the official summary date and proponents are allowed a maximum of 180 days from the Official Summary Date to collect signatures and file the petitions with county election officials. The Official Summary Date for the CPRA is December 17, 2019.  Therefore, Mr. Mactaggart is permitted to submit petitions for verification until June 15, 2020.  On a Twitter post dated May 4, 2020, the Californians for Consumer Privacy, Mr. Mactaggart’s organization, stated that it had submitted over 900,000 petition signatures to the county election officials to qualify for the November ballot.  Obviously, this is well within the 180-day deadline mandated by law. 

However, submitting the required signatures before the 180-day deadline does not mean that the CPRA will be on the November ballot.  County election officials must still count and verify the signatures submitted for the petition before the June 25th deadline.  The Election Code requires election officials to determine the raw number of signatures on the petition submitted in their county and report the total to the Secretary of State within eight working days from the date of the submission.  Assuming county election officials take all eight working days starting from May 4th, their report would not reach the Secretary of State until May 14th.  Once the report is received by the Secretary of State, he must determine whether the raw count of signatures on the submitted petitions meets the 623,212 signature requirement to be eligible for the ballot.  If the raw count is fewer than 623,212, the ballot initiative will have failed.  If the raw count equals 100 percent or more of 623,212 signatures needed, the Secretary will immediately notify the county elections officials that a random sample will be necessary to verify the signatures.  If a random sample is necessary, county elections officials will verify the validity of the signatures filed with their office using a random sampling technique of verification. 

This random sampling signature verification process must be completed within 30 working days of receipt of the Secretary of State’s random sample notification. Elections official are required to verify at least 500 signatures or three percent of the number of signatures filed in their county, whichever is greater. Counties receiving less than 500 petition signatures are required to verify all the signatures filed in their county. Upon completion of a random sample, the county elections officials will immediately certify to the Secretary of State the number of valid signatures appearing on the petitions that were filed in their counties. (Elections Code § 9030(e).) The Secretary of State then applies a formula to determine the projected statewide total of valid signatures. Assuming the county election officials take the maximum 30 days to complete this process starting on May 14th, verification of the validity of the signatures would not reach the Secretary of State until June 26th, one day after the deadline for the certification to be on the November 3rd ballot. To get an idea of how long it takes some county election officials to complete the random sample verification process, of the 58 counties who received random notices for another ballot initiative on April 16th, 35 of them have yet to complete the random sample verification 13 working days later.  Moreover, the largest counties with the largest number of signatures to verify, including Los Angeles, Orange, and San Diego, and San Bernardino, have yet to complete the verification process.

Even if the county election officials do not take the maximum 30 days to complete the signature verification, the CPRA is not home free.  Depending on the outcome of the signature verification, one of the following scenarios will occur:

  • If the result of the random sample indicates that the number of valid signatures is less than 95 percent of the required number of signatures to qualify, the proposed initiative fails to qualify.
  • If the total number of signatures is greater than 110 percent of the required number of signatures, the Secretary of State will be able to certify that the initiative measure is eligible for the next statewide general election held at least 131 days later.
  • If the result of the random sample indicates that the number of valid signatures represents between 95 percent and 110 percent of the required number of signatures to qualify the initiative measure for the ballot, the Secretary of State directs the county elections officials to verify every signature on the petition. This process is referred to as a “full check” and must be completed within 30 days from the receipt of the Secretary of State’s full check notification.

Given these scenarios, the only probable way the CPRA qualifies for the November 3rd ballot is if the county election officials conduct the raw count and verification process before the deadlines to complete those processes and the random sampling indicates that the number of valid signatures is greater than 110 percent of the 323,212 signatures needed.  Absent those circumstances, it is unlikely the CPRA qualifies for the November 3rd ballot.

Michael Hellbusch
About Michael Hellbusch
Mike Hellbusch, Partner at Rutan & Tucker, counsels companies on privacy and data security matters. He also advises on and regularly drafts technology contracts and policies. He is co-chair of the Orange County Chapter for the IAPP.
Recent Posts

CPRA is on the Horizon - What's the Ripple Effect?

Data breaches and technology are evolving at such a rapid rate. In the first half of 2020 alone, data breaches significantly increased by 273% compare...

What is Privacy Automation?

Privacy laws and regulations have transformed the relationship between businesses and the personal data they collect from consumers. The CCPA grants p...

QuikSense powered by Truyo Meets FDA Certification Compliance

QuikSense, powered by Truyo, is certified to comply with the FDA’s IEC 80601-2-59-2017 specification, making this a cost-effective and reliable wellne...

California Legislature Further Delays B2B & Employee Privacy Rights

On August 31, 2020, the California Legislature passed Assembly Bill 1281, extending the business-to-business and employee partial moratoria also refer...