For the past five months, Golden State residents and tourists alike have enjoyed the legal freedoms and wide product selection of adult-use cannabis legalization, all while largely ignoring the piles of sensitive personal data repeatedly turned over to dispensaries and delivery services.
Because marijuana is an age-sensitive product, all California dispensaries are required to check customer IDs before sales, with a significant number of permitted pot shops scanning customer data into permanent profiles that are then kept on file. Across the state, dispensary employees told the Bee that any customer who refused to turn over their personal data would be turned away from the store. Now awaiting a vote in the state Senate, the consumer protection legislation has garnered the support of at least one high-profile digital rights organization.
In a letter to state legislators, the Electronic Frontier Foundation – a San-Francisco based nonprofit working to protect personal information across the digital landscape – argued that A.B. 2402 is a necessary precaution in safeguarding Golden State pot buyers from unwanted advertisements as well as the federal government, which still enforces a nationwide prohibition on cannabis.
“As the legal marijuana market in California develops, consumer privacy will be a critical area to protect,” the organization explained. Oregon, the last state to enact a marijuana consumer protection law, allows customers to offer email addresses or phone numbers to pot shops for special sales or personalized shopping, but that data collection must be explicitly voluntary.
If passed by the California state Senate, A.B. 2402 would move to the desk of Governor Jerry Brown for a final decision on the cannabis consumer protection bill.