California Begins Enforcing Data Privacy Law

Despite companies and big tech asking California for more time because of the coronavirus pandemic, the California Consumer Protection Act (CCPA)  is officially enforceable now. The CCPA was originally planned to become effective on January 1, 2020, but the State of California’s Attorney General Xavier Becerra gave a six month grace period for all companies due to the virus outbreak and more. Now, Becerra told The Washington Post there will be no further delays or extensions and companies violating CCPA could face serious consequences and fines starting today.

If you have never heard of the CCPA before, this list serves as a brief summary of the different laws and regulations companies will have to follow. 

  • A business must be able to provide its customers with the data collected from them and the purpose of its collection, upon consumer request. 
  • Consumers should also be given access to their personal data, allowed to request the deletion of their data, and have the ability to opt out of the sale of their personal data. 
  • Non-compliance with the CCPA can result in a $2,500 fine per record for each unintentional violation and a $7,500 fine per record for each intentional violation. 
  • For example, a company that mismanages 1,000 consumer privacy requests could be subjected to a fine ranging from $2,500,000 to $7,500,000.

Data privacy watchdogs and experts are cautiously optimistic that the CCPA can be influential because it will give significant power back to the consumers over their private and personal data. The law will also force large data collecting companies to change their models of business and be more transparent on data usage. Even though these companies have been given an extra 6 month grace period, most are still not CCPA compliant. According to eSellerCafe, over 56% of California based companies are not prepared or CCPA compliant based on their current business model. The CCPA can be tricky and complicated especially if you are unfamiliar with the data collecting world and regulations, but making sure your company is CCPA compliant should be the number one priority.

How do you know if your company needs to be CCPA compliant? The CCPA applies to companies with annual gross revenues of $25 million or more, those that buy or sell more than 50,000 individuals’ data, and companies that make more than half of their annual revenues from selling customer data. Also, if your company collects or stores any data from a current California resident, you must make sure you are CCPA compliant. This means almost any online business with advertising, analytics or site-tracking must adhere to CCPA. The easiest way to ensure your company is CCPA compliant is to sign up with Loginhood’s Consent Management Platform. Our platform allows your website visitors to decide what data is shared with you while managing data law compliance. With the CCPA now effective, there will be massive changes coming to the data collection industry.