Estimated reading time: 1 minute, 56 seconds

Who's Ready Now That California's Consumer Privacy Act is Live?

Saturday, Jan 04 2020
Regulatory
Written by  Security Tech Brief Staff

California’s sweeping new data privacy law is now operative, and the moment of truth has arrived for businesses in the Golden State and beyond.

california 160550 1280Echoing somewhat the drama of Y2K, companies nationwide were counting down until January 1, when the California Consumer Protection Act took effect. While it’s not yet clear whether the impact of the CCPA will live up to its full billing, the requirements the law imposes on firms are no hoax. CCPA gives consumers a right to know what data businesses have collected about them and, upon request, have that data deleted. The law applies to companies doing business in California, whether that’s selling products to customers in the state or providing back-end services to businesses that are subject to CCPA.

The full effect of the law depends on how many consumers decide to make use of it, notes Fortune. Widespread demands for businesses to delete personal data could make targeted ads less effective and disrupt the online economy. But relatively few people have asserted their rights under Europe’s similar privacy law, the General Data Protection Regulation, implemented last year.

Regardless, though, for companies doing business in California, compliance is a burden. A state-commissioned nonpartisan report estimates the upfront cost to California businesses as $55 billion. Some companies, including Microsoft, have said they will honor consumers’ data rights under CCPA across all 50 states. The U.S. Chamber of Commerce, meanwhile, is lobbying for a federal law to override CCPA.

Facebook, whose Cambridge Analytica disaster is mentioned in CCPA as one of the reasons for the law, recently declared itself “ready” for the new privacy restrictions, as ZDNet reports. Data covered by CCPA ranges from names, email addresses, and Social Security numbers to purchasing or browsing histories, employment or health records and location information from GPS apps, as CBS News notes.

To be sure, businesses are exempt unless they have global revenue of more than $25 million, handle the personal information of 50,000 or more California consumers or electronic devices or get at least half of their revenue from selling personal data.

Enforcement is scheduled to begin by July 1, and California’s attorney general has signaled that the process will be informed by businesses’ good faith. “We will look kindly on those that... demonstrate an effort to comply,” California Attorney General Xavier Becerra told Reuters.

 

Read 2762 times
Rate this item
(0 votes)
More in this category: « Dems Propose Internet of Things Cybersecurity Bill Facebook’s 'Deepfakes' Policy Draws Fire on Capitol Hill »

Visit other PMG Sites:
PMG360 is committed to protecting the privacy of the personal data we collect from our subscribers/agents/customers/exhibitors and sponsors. On May 25th, the European's GDPR policy will be enforced. Nothing is changing about your current settings or how your information is processed, however, we have made a few changes. We have updated our Privacy Policy and Cookie Policy to make it easier for you to understand what information we collect, how and why we collect it.
Ok Decline