Despite the Coronavirus (COVID-19) pandemic, the California Attorney General intends to enforce the California Consumer Privacy Act (CCPA) beginning July 1, 2020, pending the anticipated approval from the California Office of Administrative Law (OAL) on the final text of the proposed CCPA regulations. On June 1, 2020, the Office of the California Attorney General submitted the final proposed regulations package under CCPA to the California Office of Administrative Law (OAL). The OAL has 90 days to review the package due to a 60-day extension due to COVID-19.
The California Consumer Privacy Act (CCPA) was signed into law on June 28, 2018 and was put into effect on January 01, 2020. The law is similar to the General Data Protection Regulation (GDPR) privacy regulation enacted by the European Union. Consumers are provided data privacy rights and control over their personal information, including the right to know, the right to delete, and the right to opt-out of the sale of personal information.
WHO MUST COMPLY?
All companies that serve California residents and have at least $25 million in annual revenue must comply with the law. In addition, companies of any size that have personal data on at least 50,000 people or that collect more than half of their revenues from the sale of personal data, also fall under the law.
CCPA 1798.105(d)(1) states businesses do not have to comply with consumer deletion requests if they need to maintain the information in order to “complete the transaction for which the personal information was collected [or] provide a good or service requested by the consumer.”
Under California law, damages may include:
$100 to $750 per consumer per incident, or actual damages, whichever is greater
Injunctive or declaratory relief
Any other relief the court deems proper
WHAT DO YOU HAVE TO DO TO COMPLY?
Nth Generation is here to help in several ways. If your organization currently does not know its alignment to the CCPA, we can provide a very lightweight questionnaire that once filled out, allows us to clearly document how well the organization is aligned to the CCPA and recommendations for any remedial actions necessary. If you are seeking assistance with any of the CCPA components, we have several leading industry solutions that can help.
The CCPA is upon us, are you ready?
CLICK HERE to connect with one our security experts.
Jeromie Jackson Director of Security & Analytics