It’s July 1. We are xnxx aunow officially halfway through 2020.
That also means the six-month grace period for California’s major new privacy law is over. The law will now be enforced. Is your business ready?
The California Consumer Protection Act, or CCPA, is a robust set of digital privacy laws, akin to the EU’s GDPR privacy laws. The law officially went into effect on January 1 of this year. Businesses were provided, however, with an additional six months to comply with the law without facing any repercussions.
With the grace period over, California Attorney General Xavier Becerra says the state will now start enforcing the law.
“For sure we will start enforcing on July 1,” Becerra said in an interview with the Washington Post.
According to the Washington Post, business groups such as the California U.S. Chamber of Commerce and the Interactive Advertising Bureau requested another delay to the enforcement of CCPA back in March. The organizations cited the coronavirus pandemic in its request, seeking to give businesses more time to comply.
Becerra said, however, that he had no intention to further delay enforcement. The California AG pointed out that companies were required to comply when the law went into effect. The grace period was only delaying the law’s enforcement.
"This is good news for consumers."
"This is good news for consumers," IntraEdge president Dan Clarke said in an email to me. IntraEdge is a technology firm that created a "privacy compliance platform" in collaboration with Intel in order to help companies provide its customers access to their data.
"Despite the COVID pandemic and lobbying efforts from various industries, California’s Attorney General has made it clear he’s not budging and intends to begin enforcing the CCPA," Clarke continued. "Any companies that have been taking a “wait and see” approach will now urgently have to put in place a mechanism for responding to privacy requests if they haven’t already."
So, what does the CCPA do exactly?
Basically, California residents have the right to access any personal data that a company collects about them. They also have the right to request that the data be deleted. Californians can demand to know how their data is being used, who it's shared with or sold to, and request that companies refrain from sharing it with third-parties.
As the new year approached, consumers even outside of California likely noticed privacy notice prompts popping up on their favorite websites. Much like with the GDPR, the rules defined in the CCPA are being broadly rolled out even outside the Golden State. For some companies, its simply easier to enact new privacy policies that comply with CCPA for all its users and not just those in one state.
It’s a big positive step in the right direction, according to digital rights advocates, as it’s the first law that provides Americans with many of the same rights afforded to citizens in the EU.
The AG’s office will begin warning businesses if they are in danger of violating the CCPA as of today. If you’re doing business in California, you must abide by this law or face fines between $100 and $750 per consumer per incident. If the damages are more, your business will be fined that amount.
If someone can prove more in damages from a breach of this law, you’ll be fined that amount, whichever is greater. Even if there is no incident, you can be fined for not following the law in general. If your business does not comply with the CCPA rules within the 30 days, the AG can seek a civil penalty of up to $2,500 per violation or $7,500 per “intentional” violation.
Note again that a business does not have to be located in California. If a company does business with California residents, the CCPA applies to them too.
The CCPA’s EU counterpart, GDPR, has resulted in some big fines for major tech companies in the EU. Regulators in France, for example, hit Google with a whopping $57 million fine for privacy violations. A recent reportby the European Commission heralded the now two-year-old data protection law as an “overall success.”
Topics Cybersecurity Privacy