Find news, events, articles, videos, and more that answer your questions and keep you up-to-date.
Visit Resource Center
Stay informed on compliance updates
The California Consumer Privacy Act of 2018 (CCPA) will go into effect on January 1, 2020. The CCPA, which was enacted by Assembly Bill 375, Laws of 2018, is intended by the Legislature to further Californians’ right to privacy by giving consumers an effective way to control their personal information. It does so by granting California residents a broad range of new rights and by imposing on businesses that collect or sell personal information a variety of new requirements.
This article will review the CCPA as enacted by AB 375. It will also provide an update by linking to several bills amending the CCPA that were recently signed by California’s governor, and pointing out other recent important developments.
Among other things the CCPA, as enacted by AB 375 provides the following:
The businesses to which the Act is applicable include any sole proprietorship, partnership, LLC, corporation, association or other for-profit entity that does business in California that 1) collects consumers’ personal information and that 2) satisfies one or more of the following thresholds:
The Act also applies to entities that control or are controlled by a business meeting the above criteria and that share common branding.
The term “consumer” is defined as a natural person who is a California resident.
On October 11, 2019, California’s governor signed five bills amending the CCPA. All bills are effective January 1, 2020. These amendments provide some clarifications, grant certain temporary exemptions, and make a few substantive changes.
However, the core requirements regarding the new rights granted California consumers, the applicability to certain businesses, and the new obligations were not changed.
The five bills are as follows. Details can be found in the links to the bills.
In addition to the five bills amending the CCPA, businesses should also take note of Assembly Bill 1202, which requires data brokers to register annually with the California Attorney General and to be listed on the Attorney General’s website.
Another recent development of which to be aware is that the Attorney General, who is required to adopt regulations to clarify and operationalize the CCPA, released draft regulations on October 10, 2019. They can be viewed here: CCPA Proposed Text of Regulations.
Following a comment period, the Attorney General will submit the final text of the regulations to the Office of Administrative Law, which will have 30 days to review the regulations, and if approved, the final regulations will go into effect.
With the California Consumer Privacy Act soon going into effect, affected businesses must take the necessary steps to make sure they will be in compliance when 2020 arrives.
While this article provides a general overview of the CCPA, businesses and their legal advisers should read the Act in its entirety. It can be found at Title 1.81.5 (commencing with Sec. 1798.100) to Part 4, Division 3 of the Civil Code: Personal Data.
In addition, for further information, the California Attorney General has a webpage with information related to the CCPA: California Consumer Privacy Act (CCPA).
More in Compliance Solutions
More in Staying Compliant