I attended a seminar at my firm last week that set forth the next big thing in California — the California Consumer Privacy Act (CCPA). It is California’s version of the European Union’s General Data Protection Regulation (GDPR).
If you haven’t heard of it (or focused on it), the CCPA is a broad-based law protecting information that identifies California residents (both consumers and employees). The law includes detailed disclosure requirements, provides individuals with extensive rights to control how their personal information is used, imposes statutory fines and creates a private right of action. It is expected to dramatically alter the way U.S.-based companies process data.
While the CCPA won’t go into effect until 2020, it has a “12 month look back” which requires companies to be able to provide information to consumers about information collected or disclosed in the immediately preceding 12 months. While changes to the CCPA are expected, smart companies are in the planning stages now.
Check out this terrific summary of the law by my partners Elizabeth Litten and Mark McCreary, as well as this alert from my partner, Odia Kagan, outlining the top five steps to start taking now to prepare for the CCPA.