Privacy on the internet has been a concern for years and the adoption of laws related to data privacy has been a question of “when,” not “if.” The answer to that question is “now.” The California Consumer Protection Act (CCPA) was enacted in 2018 and creates new consumer rights relating to the access to, deletion and sharing of personal information that is collected by businesses. The CCPA went into effect on January 1, 2020, however, the Attorney General cannot bring an enforcement action under the CCPA until July 1, 2020. While the CCPA only protects California residents, it impacts many companies in California, in other states, and around the world. No matter where your company is located, there is a chance that based on revenue thresholds and volume of customers visiting a website, your company may be required to comply with the CCPA.
To comply with the CCPA, companies must implement a robust data processing program to ensure that consumers are properly notified of their rights under the Act. Companies must also update their privacy policies to reflect their data retention policies and programs. The Act further requires that companies provide consumers with proper channels to exercise their rights under the CCPA, including the right to delete personal information and to opt out of the sale of personal data. Violations of the CCPA carry significant penalties, ranging from $100 to $750 per violation per consumer or actual damages, whichever is greater.
The CCPA is new legal territory and trying to navigate it alone can be risky. The Team at Renzulli Law Firm is working with clients to ensure that they are fully compliant with the CCPA. Time is ticking away, and if you have any questions about the CCPA and its impact on your business, contact us today to make sure you are prepared.