By now, you have probably heard about the California Consumer Privacy Act (CCPA). But, if you haven’t, keep reading.
What is it?
The California Consumer Privacy Act (CCPA) was signed into law in June 2018 — but it goes into effect January 1, 2020. To date, it is considered the most comprehensive privacy law in the United States. Even though it applies to California residents, this new law has the potential to give all Americans more control over their digital data.
Under the CCPA, if you are a resident of California, it could be easier for you to find out the personal data companies have about you — and ask them to delete it. You will also be able to ask companies not to sell your personal information to third parties.
How does the CCPA affect your business?
You must comply with the CCPA if your business meets any of the three requirements:
- Has $25 million or more in gross revenues
- Buys, sells or shares personal data of 50,000 Californians or more
- Makes 50% or more of its revenues from selling data
Although smaller companies might not meet the requirements, it’s always best to use common sense when it comes to data privacy.
While the law goes into effect in January 2020, businesses have until July 1, 2020, to come into compliance, or until the California Attorney General’s office publishes its regulations — whichever comes first.
Afterwards, the penalties for noncompliance range from civil penalties of up to $7,500 per violation to be imposed by the government or $750 per consumer violation for breach of the law in a private action.
It’s worth noting that amendments to the CCPA that are still pending in the California legislature, so stay tuned for more updates.