Hello. Can Californians stand all this privacy? Residents of the state will vote on new privacy protections just months after 2018’s landmark law begins to be enforced July 1. Advocates behind the California Consumer Privacy Act have gotten a proposal for stricter, European-style protections on to the November ballot, WSJ Pro’s David Uberti reports.

Other news: Prison time for Russian hacker; Canadian medical lab must undertake security reforms; and India bans dozens of Chinese apps. 

California enters privacy law limbo as November vote looms. The state is slated to begin enforcing its landmark 2018 privacy statute, the California Consumer Privacy Act, on Wednesday. But a successful petition drive by advocates behind this law has now pushed stronger, European-style protections onto the November ballot last week.

The early months of enforcement of the CCPA—and coming popular vote on the new California Privacy Rights Act—could preview stricter consumer protections nationwide, privacy experts say, as federal legislation remains stalled in Congress.

Among ways in which the California Privacy Rights Act would build upon the CCPA are the following: 

• Forming a standalone enforcement agency
• Raising the threshold of businesses covered by the law from 50,000 to 100,000 annual consumers
• Adding a category of “sensitive personal information” for characteristics like race, sexual orientation and health status 
• Letting Californians opt out of firms sharing their data with third parties—not just selling it—in a shot at targeted digital advertising that relies on users’ personal information

Read the full article.

Russian national sentenced to nine years in U.S. prison. A federal judge ruled Friday that Aleksei Burkov, who pleaded guilty in January to access device fraud and other crimes, must serve nine years in federal prison, Hacker News reports. Mr. Burkov ran the “Cardpayment” website, which sold credit- and debit-card numbers, as well as an online marketplace where members-only hackers sold their services, according to the plea. More than $20 million in fraudulent purchases were made in the U.S. with card details from the Cardpayment site, the Justice Department said. Mr. Burkov was extradited from Israel late last year after being arrested there in 2015.

Canadian medical lab must revamp its data handling, watchdogs order. Two privacy regulators in Canada said Toronto-based LifeLabs must stop collecting unnecessary patient information, dispose of such data securely and improve other security practices, Gov Info Security reports. “LifeLabs failed to take necessary precautions to adequately protect the personal health information of millions of Canadians,” the regulators said. In December, the medical-testing laboratory firm revealed a breach that exposed data on about 15 million individuals, including names, birth dates and, in some cases, lab results.

New steps: LifeLabs has since appointed a chief information security officer, hired a new chief privacy officer and chief information officer and allocated an initial $50 million investment for information security, among other moves, the company said.

India bans 59 Chinese apps. TikTok and WeChat are among the apps that the Indian government said are a threat to its country’s security and sovereignty, the Associated Press reports. India’s Ministry of Information Technology said it has received complaints about the banned apps sending user data to servers outside the country.

Write to the WSJ Pro Cybersecurity Team: Kim S. Nash, James Rundle, Catherine Stupp and David Uberti.

Follow us on Twitter: @knash99, @JimRundle, @catstupp and @DavidUberti. 

Contact Enterprise Technology Editor Steve Rosenbush at steven.rosenbush@wsj.com or follow him on Twitter: @Steve_Rosenbush.