Starting from January 2020, citizens of California will regain control over their personal data. Similarly to operating under the General Data Protection Regulation for Europe, the way Californian businesses use, share and store user data is about to change; drastically.
The new California Consumer Privacy Act is all about control over personal information. Inspired by the European Union’s GDPR, and enhanced by many privacy scandals that happened in the country, the CCPA is likely the best privacy bill in the United States, up until this moment. Well, the new and improved version will be. It’s fair to say that the well-intentioned legislation did little to nothing to protect common web users.
In a time when US citizens are struggling to keep net neutrality, the new law is an excellent sign that things are going in an upwards direction. Most people, and not just Americans, would argue that the internet should remain neutral – the question is: will this create a trend in other states, and how many will follow suit?
What is CCPA?
In late June 2018, California lawmakers passed a bill that granted citizens of the state European-like rights over their sensitive information. While the law didn’t quite achieve what it set out to, the 2020 January update will ensure privacy protection for online users.
Californians can expect:
- To see and limit what personal information is being collected
- Understand why data is being collected
- Which third-party companies information is being shared with
- Legal rights to ‘opt-out’, without risk of being charged or punished
- The consumers will also have the right to ask for this information to be deleted, while businesses will have to alert customers in cases of data breaches
The state of California allows its people to propose measures that can change the law, and this is how the CCPA came into existence. The campaign, ran by Alastair Mactaggart, a real-estate developer turned quasi-privacy-activist, got a lot of attention. This initiative became so popular that it ultimately found its place on the ballot for November.
Until January 1, 2020, companies have the chance to adjust to these new changes. However, in order for them to be compatible, they have to start keeping records and complete data-mapping no later than January 1, 2019 – exactly one year before.
The cost for operating outside the law will be high, but likely manageable for larger businesses. Making mistakes as a smaller business could seriously impede operations. While it might take time for the law to come into force, the changes will be difficult for all businesses to adjust to. Some may even be torn over maintaining their online presence.
Businesses that haven’t completed the adjustment by the given dates will be hit with notices and fines from California’s Attorney General’s Office. It’s estimated that the maintain of the CCPA will require more than 50 full-time employees and over $57.5 million to cover the costs.
What Will Be Regulated Under the Law?
To simply say ‘businesses’ would be too broad. The new California data privacy law targets for-profit entities that collect information on online users in its state. The companies or service providers in question must be the controllers of the data, and should have gross revenue in excess of $25 million.
The law will also regulate companies that buy, receive, sell or share the personal information of over 50,000 consumers for commercial purpose. Moreover, businesses that get half of their revenue through selling personal information also fall under this category.
Does the CCPA Affect You?
It depends. Do you live in California? If yes, then in less than two years, managing which countries have a hold of your data will be easier. For those who live in other US states, or, for that matter, a different country altogether, unfortunately, this law has zero effect on them.
But why is it so important then?
The new Californian law laid the first stone towards respecting users’ privacy and their rights over their own personal information. It’s also the first real fight back against the FCC, Ajit Pai and those trying to remove net neutrality for financial gain.
If California’s new regulation does nothing for you, you can always protect yourself by using a Virtual Private Network, also known as VPN. Even Californians should be using one – as the legislation won’t provide total anonymity. By subscribing to a VPN provider, you’re open to a ton of features – the main three being anonymity, privacy and geo-spoofing. You can hide your location, access content in different locations and keep your online presence your own.
The performance of your VPN depends entirely on the service you choose – to find the one for you, click here.