How can the New Data Protection Act of California can matters to businesses worldwide
California’s new Consumer Privacy Act (CCPA), enforced on 1 January 2020, raises a lot of questions. The good news is that CCPA enforcement actions can not be implemented until July so that companies still have time to ensure compliance.
It is essentially the EU GDPR (General Data Protection Regulation) version of California, but there are significant differences as well.
And although this new law theoretically binds California’s residents, the rules would likely affect other websites in the USA and perhaps many abroad. In case a company has customers in California. For many, it is easier to update their websites to cover new legislation such as this, rather than to produce a patchwork of IP-driven geo-updates for each state or country that decides to create a unique on-line data protection framework.
To reduce the problems and reduce them, the CCPA has three primary mandates:
1. View your data (what has been obtained, by which entities and why).
2. You can demand the deletion of personal data (at least a free telephone number).
3. You can prohibit selling your personal information (via a link to the company’s website homepage).
Now it should be remembered that there is a lot of detail in the CCPA. The organizations representing this area, for example, have to meet specific annual revenue requirements, the amount of data they have, and the percentage of income generated from the selling of consumer information.
The new law is also only concentrated in one state, but this is a bit misleading: every California-based business entity is subject to the rules of CCPA. The International Data Professionals Association reports that more than half a billion U.S. businesses will be affected.
Stay Compliant, Not Complacent
Whether the introduction of national legislation such as the CCPA or the subsequent implementation of specific federal laws, it is only time for the data protection regulations in the United States to occur. Compliance is no longer optional for advertisers and companies doing business in California. And I would say the same goes for everyone else because the alternative–convenience–is only going to reverse you while endangering customer relations.
We will have to wait and see what new fines are imposed for those who breach the CCPA. Still, companies that are outside GDPR laws have already felt the sting— Google was fined $50 million earlier this year because it failed to disclose how data was gathered through its various services and channels. British Airways and Marriott will also collect fines under the new law.
Nonetheless, the only incentive here should not be financial penalties, and perhaps not even foremost. Brands across the board will take a close look at their customer data practices, not only because of these potential legal implications but also, more importantly, because it is everyday business.” Responsible data management is crucial to building confidence in this evolving digital world. Microsoft is among the leading parties to this petition, which seeks to “honor the new privacy rights of California throughout the USA.