Special to California Globe by Julio Rivera.
In mere hours from now, a new and groundbreaking piece of legislation will go into effect in the State of California and the entire nation will be watching.
The California Consumer Privacy Act (CCPA), the landmark California law which kicks into effect on January 1st, 2020, will affect businesses with at least $25 million in revenue, entities that earn at least half their money by selling consumers’ personal information and companies that hold personal information on at least 50,000 people.
The changes associated with this new law will allow residents of California to demand that any entity with business operations based in the state fully disclose what data it has collected on them, and if the individual wishes, they can force the deletion of their personal information.
In addition, beginning in July of 2020, Californians can file litigation against businesses for certain kinds of data breaches.
Another wrinkle in the new law will allow broader power to the California Attorney General to bring enforcement action against businesses that fail to comply with the CCPA.
In the technological age, the issue of data privacy has been a hot button issue globally, and in the wake of California taking the lead on the subject, debate has raged on in the Senate Commerce Committee regarding how the federal government should best address the issue of consumer privacy online.
As of the end of 2019, those talks have failed to yield consensus on a singular piece of bipartisan legislation. Instead committee leaders from both parties have presented dueling privacy bills.
Congressionally, support for these 2 pieces of data privacy legislation currently up for consideration is split between party lines. One bill is championed by Senate Commerce Committee Chairman Roger Wicker (R-MS), while the Democrats are backing legislation supported by Ranking Member Maria Cantwell (D-WA).
Other proposals have been written to address other more specific aspects of online privacy, like requiring companies to provide a thorough disclosure of privacy policies, but many observers feel that the broad strokes needed for a bill that can satisfy the leadership within both parties is already contained with the two main proposals currently being debated.
Similar laws already exist across the pond in the European Union (EU). CCPA is being perceived by many as America’s first step towards eventually enacting federal legislation similar to Europe’s General Data Protection Regulation (GDPR).
GDPR mandates that companies that process personal data must clearly disclose to individuals the point at which personal user data is collected. It also states that the entities collecting the information must declare any lawful basis and purpose for the processing of the user’s data. Another provision within the law states that companies collecting data also must inform customers of the length of time that they intend to retain the consumer’s data and whether or not they intend to share it with any third parties or entities outside of the EU.
As is with most pieces of new sweeping legislation, there will certainly be additional compliance costs for California businesses associated with the CCPA. As a result of GDPR in Europe, European entities have also had to deal with the threat of severe penalties for any violations of GDPR. Additionally, businesses whose core activities consist of processing personal data are required to hire a Data Protection Officer (DPO), to serve as a compliance officer for the GDPR.
These costs will become just par for the course, as consumers become increasingly concerned with the rate and scope of incidents occurring involving consumer data. In just the past couple of years, breaches involving major retailers like Target and Macy’s and tech behemoths Yahoo and Facebook, have popped up in breaking news feeds. On top of those incidents, recently, customers of gun manufacturer Smith & Wesson were victimized by an attack that compromised the payment details of shoppers during the holiday rush using Magecart malware.
We should find out fairly quickly just how the CCPA affects California businesses and residents alike. With data breaches becoming more commonplace, it may prove to be an important step forward in ensuring the safety of consumers’ private data.
Julio Rivera is the editorial director for ReactionaryTimes.com, a political columnist and commentator, and a business strategist.