A new law created for the protection of the Californians' personal information takes in effect on January. 1, 2020, and it is California's most comprehensive data privacy law ever designed. The California Consumer Privacy Act is more commonly known as CCPA, provides the Golden State residents with the right to learn what the data companies are collecting information about them. Besides, the Law, as indicated in an article posted on CNET, an online technology news site, "also allows the Californians to ask companies not to sell their data, and to delete it."
The complete effect of those new rights is not fully clear since the regulations applied used to impose it are still in the process of finalization. Still, as stated in the same CNET article, companies within and outside California "are already scrambling to be compliant for them to continue doing business in the country's most populous state." Almost two years in the making, CCPA has urged other states to consider their respective privacy regulations, of which some have already been passed. The Law is frequently compared to the General Data Protection Regulation (GDPR) of the European Union, presently the benchmark for online privacy.
Importance of the New Privacy Law
In California, the New Privacy Law is considered a 'big deal.' It is indeed so because, before it got implemented, companies were not legitimately required to tell people what data they'd gathered. The latter did not have much say over what the companies did with the collected information about them. Now, with the newly implemented regulation, people can now ask the firms to delete the information or cease selling it.
CCPA comprises everything one might expect, like the name, physical address, phone number, username, and password. It also covers information that companies may use to track their online behavior like device identifiers and IP addresses. In addition, the Law covers information, too, that can be utilized to characterize a person such as marital status, religion, sexual orientation, race, and status as a veteran or military member.
Another coverage of the CPPA is the biometric information such as facial recognition or fingerprints data, information location, and browsing history. Information found in public government documents is not included. Therefore, companies can still find out if a person is married, for instance. Nevertheless, these companies should collect said data from government records instead of other sources like people's social media accounts.
Consequences of not Abiding by the Law
Companies can be fined an amount of $2,500 for each violation. Or, if such a violation is discovered to be intentional, companies can be fined $7,500. This can mean big fines if the violations impact large consumer groups. Incidentally, the California Attorney General is tasked to investigate companies suspected of infringing the Law. According to some critics, companies have the potential to get away with the violation of the Law since the attorney general does not have any resources to catch each violation.
The AG, Xavier Becerra, has publicly stated that his office is not equipped to implement the Law completely. He pushed for the enactment of such an amendment, which failed the passage, that would have allowed the users to sue the businesses directly. So, consequently, to new privacy law is designed to prevent the firms from charging their users who don't want the selling of their information. And, if companies wish to charge users who choose to sell their data, this Law then says, they should divulge how much the data of the user is worth.