Also known as AB 375, the California Consumer Privacy Act of 2018 was passed in California and is anticipated to go into effect on January 1, 2020. The Act focuses exclusively on data collection and privacy, very similar to the European Union’s General Data Protection Regulation (GDPR). A few key components of the Act give residents of California the right to:
CCPA applies to companies that:
The Act gives residents of California the ability to bring a civil action against companies that violate the Act, and states that fines could be between $100-750 per violation – or higher, if more damage can be proven. In addition, the state of California can bring charges against a noncompliant company directly. Those fines could be up to $7,500 for each alleged violation not resolved within 30 days.
Well, California by itself is the 5th largest economy in the world. If you do business in California or collect data from California residents you need to comply. So, ignoring the California statues and marketplace regulations is unlikely to be an option. There’s good news however – the CCPA is largely in line with GDPR, so if your business is GDPR compliant, you’re probably in good shape for CCPA.
The landscape of privacy regulations is only getting more stringent. More regulations and legislation are coming – in fact, a separate bill in California (AB 2546) is still under consideration to strengthen anti-spam laws. Be smart about your data collection and adopt a policy of “privacy by design.”
Maintaining compliance with the growing data and privacy regulations across the globe is daunting. PossibleNOW’s sister company, CompliancePoint, provides the following consulting services related to CCPA
Our MyPreferences platform collects, manages and distributes customer consent across your organization so that all systems remain up-to-date. It was built with Privacy by Design which enables it to easily accommodate ever-changing privacy regulations. MyPreferences helps companies comply with CCPA by:
MyPreferences maintains an audit trail of all consent transaction records so that you can easily respond to inquiries.